Basic Network Security
Network security is about keeping computer networks safe from hackers, viruses, and other online threats. It includes using tools like firewalls, passwords, and encryption to protect important data from being stolen or misused. Good network security helps prevent cyberattacks, like hacking and viruses, and ensures that only the right people can access sensitive information. This is important for businesses and individuals to keep their data safe and private.
DNS overcomes both major weaknesses of the host table:
• DNS scales well. It doesn’t rely on a single large table; it is a distributed data base system that doesn’t bog down as the database grows. DNS currently provides information on approximately 100,000,000 hosts, while fewer than 10,000 were listed in the host table.
• DNS guarantees that new host information will be disseminated to the rest of the network as it is needed. Information is automatically disseminated, and only to those who are interested. Here’s how it works. If a DNS server receives a request for information about a host for which it has no information, it passes on the request to an authoritative server. An authoritative server is any server responsible for maintaining accurate information about the domain being queried. When the authoritative server answers, the local server saves, or caches, the answer for future use. The next time the local server receives a request for this information, it answers the request itself. The ability to control host information from an authoritative source and to automatically disseminate accurate information makes DNS superior to the host table, even for networks not connected to the Internet.
Email is a crucial network service for communication. SMTP (Simple Mail Transfer Protocol) is used for mail delivery over TCP/IP and operates on port 25 (RFC 821).
POP (Post Office Protocol) has two versions: POP2 (port 109, RFC 937) and POP3 (port 110, RFC 1725). POP3 is widely used for downloading emails from the server to a local device.
IMAP (Internet Message Access Protocol) is an alternative to POP3, offering mailbox synchronization, allowing users to read and manage emails on both the server and client while keeping them updated.
File sharing is different from file transfer. Instead of moving an entire file between systems, true file sharing allows users to access and modify records directly on a remote server. This makes file sharing transparent to both users and applications, letting them access remote files as if they were local.
The original TCP/IP protocol suite didn’t include file sharing; it was later introduced to support diskless workstations. Two major protocols dominate the file-sharing market:
1. NetBIOS/SMB (Server Message Block) – Originally developed by IBM, it is used for networking on Windows systems. Unix systems can act as Windows file and print servers using Samba, which implements NetBIOS and SMB.
2. NFS (Network File System) – Developed by Sun Microsystems, NFS is primarily used in LAN environments for Unix systems and other OS.
Both protocols allow seamless file sharing without requiring users to move entire files across the network.
Dynamic Host Configuration Protocol (DHCP) is defined in RFC 2131 and RFC 2132 and is compatible with BOOTP (RFC 1534). While DHCP uses the same UDP ports (67 and 68) and packet format as BOOTP, it provides enhanced capabilities.
Key Features of DHCP:
• Provides complete TCP/IP configuration values.
• Supports automated IP address allocation.
• Uses an expanded Options field for configuration settings.
DHCP offers four IP allocation methods:
1. Permanent Fixed Addresses: Manually assigned and excluded from DHCP control.
2. Manual Allocation: Admin assigns fixed addresses in the DHCP configuration.
3. Automatic Allocation: DHCP permanently assigns an IP from a pool.
4. Dynamic Allocation: IPs are assigned temporarily (leases) and can be renewed or reclaimed.
A VLAN (Virtual Local Area Network) is a logical broadcast domain that spans multiple LAN segments, improving network segmentation and flexibility. It allows grouping devices based on function, project, or application, independent of physical location. Devices in the same VLAN share broadcasts, while those in different VLANs do not, enhancing network performance.
Each VLAN manages address learning, forwarding, and filtering like a separate physical bridge. Cisco Catalyst switches forward traffic only to ports in the same VLAN, restricting unicast, multicast, and broadcast traffic.
VLANs can exist on a single switch or span multiple switches. Traffic between VLANs requires inter-VLAN routing, which is handled by a router or Layer 3 switch.
There are two VLAN models in a campus network:
1. End-to-End VLANs: VLANs spread across multiple switches in a network.
2. Local VLANs: VLANs limited to a specific area or department within the campus.
By using VLANs, network administrators can improve network efficiency, security, and scalability.
An Application Programming Interface (API) is a set of instructions that allows a client process to communicate with a server process. It helps the application layer interact with the operating system, which handles the first four layers of the TCP/IP suite.
APIs enable communication between applications and the network. The most common APIs for network communication include:
1. Socket Interface
2. Transport Layer Interface (TLI)
3. STREAM
The socket interface was introduced in the early 1980s at UC Berkeley as part of UNIX. It allows applications to send and receive data over the network. Sockets act like sources (input) and sinks (output), similar to files or terminals in programming.
Most programming languages, like C, C++, and Java, support sockets. They let applications exchange data without modifying the way input and output work. Although a socket behaves like a terminal or file, it is not a physical entity but an abstraction—a data structure used by programs for network communication.
TELNET (TErminaL NETwork) is a remote logging protocol that allows users to log into a remote computer and access its services. Instead of creating separate client-server programs for each service, TELNET provides a generic way for users to access remote applications.
When a user logs into a local system, it is called local login, where keystrokes are processed by the operating system. In remote login, the TELNET client forwards keystrokes to a remote TELNET server using Network Virtual Terminal (NVT) characters, allowing communication between different systems.
One major drawback of TELNET is that it transmits data, including passwords, in plaintext, making it vulnerable to hacking. Due to security concerns, SSH (Secure Shell) has largely replaced TELNET, but network administrators still use TELNET for testing and debugging.
The Network Virtual Terminal (NVT) helps in remote access by standardizing character representation, ensuring compatibility between different operating systems. For example, Ctrl+Z (DOS) and Ctrl+D (UNIX) are mapped into a universal format, allowing seamless remote interaction.