TCP/IP and many other protocols
LAN, WAN, MAN, intranet, and extranet technologies
Cable types and data transmission types
Network devices and services
Communications security management
Telecommunications devices
Remote access methods and technologies
Wireless technologies
"Telecommunications and networking use various mechanisms, devices, software, and protocols that are interrelated and integrated. Networking is one of the more complex topics in the computer field, mainly because so many technologies and concepts are involved"Open Systems Interconnection Reference Model
A network protocol is a standard set of rules that determines how systems will communicate across networks
Encapsulation - Each protocol at a specific OSI layer on one computer communicates with a corresponding protocol operating at the same OSI layer on another computer.
Functions and protocols in the OSI Model
Application
- File Transfer Protocol (FTP)
- Trivial Firle Transfer Protocol (TFTP)
- Simple Network Management Protocol (SNMP)
- Simple Main Transfer Protocol (SMTP)
- Telnet
- Hypertext Transfer Protocol (HTTP)
- American Standard Code for Information Interchange (ASCII)
- Extended Binary-Coded Decimal Interchange Mode (EBCDIC)
- Tagged Image File Format (TIFF)
- Joint Photographic Experts Group (JPEG)
- Motion Picture Experts Group (MPEG)
- Musical Instrument Digital Interface (MIDI)
- Network File System (NFS)
- NetBIOS
- Structured Query Language (SQL)
- Remote procedure call (RPC)
- Transmission Control Protocol (TCP)
- User Datagram Protocol (UDP)
- Secure Sockets Layer (SSL)
- Sequenced Packet Exchange (SPX)
- Internet Protocol (IP)
- Internet Control Message Protocol (ICMP)
- Internet Group Management Protocol (IGMP)
- Routing Information Protocol (RIP)
- Open Shortest Path First (OSPF)
- Novel Internetwork Packet Exchange (IPX)
- Address Resolution Protocol (ARP)
- Reverse Address Resolution Protocol (RARP)
- Point-to-Point Protocol (PPP)
- Serial Line Internet Protocol (SLIP)
- High-Speed Serial Interface (HSSI)
- X.21
- EIA/TIA-232 and EIA/TIA-449
http://en.wikipedia.org/wiki/OSI_model
TCP/IP - Transmission Control Protocol/Internet Protocol - a suite of protocols that governs the way that data travels from one device to another.
TCP Handshake
The host that initiates communication sends a synchronous (SYN) packet to the receiver. The receiver acknowledges this request by sending a SYN/ACK packet. The sending host acknowledges this with an acknowledgment (ACK) packet.
IP Addressing
Class A 0.0.0.0 to 127.255.255.255 - First byte is the network portion and the remaining three bytes are the host portion
Class B 128.0.0.0 to 191.255.255.255 - First two bytes are the network portion and the remaining two bytes are the host portion
Class C 192.0.0.0 to 223.255.255.255 - First three bytes are the network portion and the remaining one byte is the host portion
Class D 224.0.0.0 to 239.255.255.255 - Used for multicast addresses
Class E 240.0.0.0 to 255.255.255.255 - Reserved for research
IPv6 p439
Types of Transmission
Analog - transmission signals are continuously varying electromagnetic waves that can be carried over air, water, twisted-pair cable, coaxial cable, or fiber-optic cable.
Digital - signals represent binary digits as electrical pulses
Bandwidth - the number of electrical pulses that can be transmitted over a link within a second.
Broadband and Baseband
Baseband uses the entire communication channel for its transmission whereas broadband divides the communication channel into individual and independent channels so that different types of data can be transmitted at the same time.
LAN Networking
Network Topology - Ring, Bus, Star, or Mesh
Ethernet is a LAN-sharing technology that enables several devices to communicate on the same network
- Shares media
- Uses broadcast and collision domains
- uses the carrier sense multiple access with collision detection (CSMA/CD)
- Supports full duplex on twisted-pair media
- Is defined by standard IEEE 802.3
FDDI (image above) Fiber Distributed Data Interface developed by ANSI is a high speed token passing media access technology. IEEE 802.8Cabling types:
Coaxial Cable
Twisted Pair Cable
Fiber Optic Cable
Cabling Problems (as defined on p456-457)
Noise
Attenuation
Crosstalk
Transmission Methods:
Unicast - when a packet needs to go from the source computer to one particular system
Mulicast - when a packet needs to go to a specific group of systems
Broadcast - when a system wants all computers on its subnet to receive a message
Media Access Technologies
Token Passing - Token is a 24 bit control frame used to control which computers communicate at what intervals.
Polling - some systems are configured as primary stations and others are configured as secondary stations
LAN Protocols
Address Resolution Protocol; MAC (media access control)
Reverse Address Resolution Protocol - frames go to all systems on the subnet, but only the RARP server responds
Internet Control Message Protocol - delivers status messages, reports errors, replies to certain requests, reports routing information, and is used to test connectivity and troubleshoot problems on IP networks.
"The Difference Between ARP and RARPNetworking Devices
ARP knows the IP address and broadcasts to find the matching hardware address, the MAC address. RARP knows the hardware address and broadcasts to find the IP address."
Repeaters - proveds the simplest type of connectivity because it only repeats and amplifies electrical signals between cable segments, which enables it to extend a network
Bridges - LAN device that is used to connect LAN segments
Routers
- Frame is received
- Router retrieves the destination IP network address from the datagram
- looks at the routing table to see which port matches the requested destination IP network address
- if router does not have information in its table about he destination address, it sends out an ICMP error message to the sending computer
- if router does have a route, it decrements the TTL value and sees whether the MTU is different for the destination network
- the router changes header information in the frame so that the frame can go to the next correct router
- The router sends the frame to its output queue for the necessary interface.
Gateway - a general term for software running on a device that connects two different environments and many times acts as a translator for them or somehow restricts their interactions.
Firewalls - used to restrict access to one network from another network
Packet filtering - a security method of controlling what data can flow into and out of a network
Stateful Firewalls; Proxy Firewalls (middleman)
Application vs. Circuit level proxy firewall characteristics
Application level
- Different proxy required for each service allowed
- provides more intricate control
- requires more processing per packet; slower
- Does not require a proxy for each and every service
- Does not provide the detailed access control that an application level proxy firewall provides
- Provides security for a wider range of protocols
kernel proxy firewalls
Firewall Architecture - Bastion Host, Dual Homed Firewall, Screened Host, Screened Subnet
Honeypot - a computer that usually sits in the screened subnet. or DMZ, and attempts to lure attackers to it instead of to actual production computers.
Networking Services and Protocols
Network Operating System (NOS) - special software designed to control network resource access and provide the necessary services to enable a computer to interact with the surrounding network
Domain Name Services (DNS) - a method of resolving host names to IP addresses so that the names can be used instead of IP addresses when referencing unique hosts on the internet.
Internet DNS and Domains
.com = Commercial
.edu = Education
.mil = U.S. military organization
.int = International treaty organization
.gov = Government
.org = Organizational
.net = Networks
DNS Poisoning
Network Information System (NIS) - works like a telephone book for locating network resources.
NIS+ security levels:
level 0 - No security
level 1 - low level of security
level 2 - default level that has authentication and authorization enabled
Directory Service has a hierarchical database of users, computers, printers, resources, and attributes of each. It is used mainly for lookup operations
Lightweight Directory Access Protocol (LDAP) -is a client/server protocol used to access network directories.
Network Address Translation
current private IP address ranges:
- 10.0.0.0 - 10.255.255.255 Class A network
- 172.16.0.0 - 172.31.255.255 16 contiguous Class B networks
- 192.168.0.0 - 192.168.255.255 256 contiguous Class C networks
Static Mapping; Dynamic Mapping; Port Address Translation (PAT)
Intranets and Extranets
Intranet - a "private" network that uses Internet technologies such as TCP/IP.
Extranet - extends outside the bounds of the company's network to enable two or companies to share common information and resources.
Metropolitan Area Network
(MAN) - usually a backbone that connects LANs to each other and LANs to WANs, the Internet, and telecommunication and cable networks. Majority of today's MANs are Synchronous Optical Networks (SONET) or FDDI rings provided by the telecommunications service providers
Wide Area Networks
(WAN) - technologies are used when communication needs to travel over a larger geographical area.
Telecommunications Evolution
Multiplexing - a method of combining multiple channels of data over a single transmission path.
Telecommunications history:
- Copper lines carry purely analog signals
- T1 lines carry up to 24 conversations
- T3 lines carry up to 28 T1 lines
- Fiber-optics and the SONET network used
- ATM over SONET used
Dedicated links - or leased line or point-to-point link is one single link that is pre-established for the purposes of WAN communications between two destinations.
T-Carriers - dedicated lines that can carry voice and data information over trunk lines.
WAN Technologies
Channel Service Unit/Data Service Unit(CSU/DSU) - required when digital equipment will be used to connect a LAN to a WAN.
Circuit switching - sets up a virtual connection that acts like a dedicated link between two systems
Circuit Switching vs Packet Switching
Circuit switching
- Connection-oriented virtual links
- Traffic travels in a predictable and constant manner
- Fixed delays
- Usually carries voice-oriented data
Packet switching
- Packets can use many different dynamic paths to get to the same destination
- Traffic is usually bursty in nature
- Variable delays
- Usually carries carries data-oriented data
Frame Relay is a WAN protocol that operates at the data link layer. It is a WAN solution that uses packet-switching technology that enables multiple companies and networks to share the same WAN media.
Virtual Circuits
The permanent virtual circuit (PVC) works like a private line for a customer with an agreed upon bandwidth availability. Unlike PVCs, switched virtual circuits (SVCs) require steps similar to a dial up and connection procedure.
X.25 is an older WAN protocol that defines how devices and networks establish and maintain connections.
Asynchronous Transfer Mode (ATM) - a switching technology that uses cell-switching method.
QoS - Quality of Service is a capability that allows a protocol to distinguish between different classes of messages and assign priority levels
- Constant Bit Rate (CBR)
- Variable Bit Rate (VBR)
- Unspecified Bit Rate (UBR)
- Available Bit Rate (ABR)
The three basic levels of QoS:
- Best effort service
- Differentiated service
- Guaranteed service
Switched Mulitmegabit Data Service (SMDS) - a high-speed packet-switched technology used to enable customers to extend their LANs across MANs and WANs
Synchronous Data Link Control (SDLC) - protocol is based on networks that use dedicated, leased lines with permanent physical connections
High-level Data Link Control (HDLC) - protocol is also a bit-oriented link layer protocol used for transmission over synchronous lines
High-speed Serial Interface (HSSI) - used to connect multiplexers and routers to high-speed communications services such as ATM and frame relay.
Multi-service access technologies combine several types of communication categories over one transmission line.
H.323 Gateways page 531
Remote Access
Dial-Up and RAS
Remote Access Service (RAS) server, which performs authentications by comparing the provided credentials with the database of credentials it maintains.
ISDN
Integrated Services Digital Network (ISDN) - a communications protocol provide by telephone companies and ISPs.
DSL
Digital Subscriber Line is a type of high speed connection technology used to connect a home or business to the service provider's central office.
Cable Modem
Cable modems proved high-speed, up to 50 mbps, to the Internet through existing cable coaxial and fiber lines.
VPN
a virtual private network (VPN) is a secure, private connection through a public network or an otherwise unsecured environment. It is a private connection because the encryption and tunneling protocols are used to ensure the confidentiality and integrity of the data in transit.
Tunneling Protocols:
Point to Point Tunneling Protocol (PPTP):
- Designed for client/server connectivity
- Sets up a single point to point connection between two computers
- Works at the data link layer
- Transmits over IP networks only
Layer 2 Forwarding (L2F):
- Created before L2TP by Cisco
- Merged with PPTP, which resulted in L2TP
- Provides mutual authentication
- No encryption
Layer 2 Tunneling Protocol (L2TP):
- Hybrid of L2F and PPTP
- Sets up a single point to point connection between two computers
- Works at the data link layer
- Transmits over multiple types of networks, not just IP
- Combined with IPSec for security
IPSec:
- Handles multiple connections at the same time
- Provides secure authentication and encryption
- Supports only IP networks
- Focuses on LAN to LAN communication rather than a dial up protocol
- Works at the network layer, and provides security on top of IP
- Can work in tunnel mode or transport mode
No comments:
Post a Comment