Berhubung banyak yang nyari duit VIA blog, danĀ notabene menggunakan blogger. Keknya aq juga pindah ke blogger. Ini link q :
http://gamecotica.blogspot.com
Kunjungi juga
October 15, 2009
Leave a Comment » | 
A~Not~Her, CNAP~Tutorial, CNAP~sMt~1, CNAP~sMt~2, CisCo~tUtOrIaL, CoM~nEt~tUtOrIaL, Delphi Programming, ElEmEnTaRy~TuToRiAl, HiStOrY, IsLaM, TrIcK & TiPs, Un~CaTeGoRiZeD | 
Permalink
Posted by maoels
Chapter One (smt1)
September 15, 2008How And Where Computer Are Used?
Computers play an increasingly important and nearly indispensable role in everyday life.
Computers are used all over the world and in all types of environments. They are used in businesses, manufacturing environments, homes, government offices and non-profit organizations. Schools use computers for instruction and for maintaining student records. Hospitals use computers to maintain patient records and to provide medical care.
In addition to these types of computers, there are also many customized computers designed for specific purposes. These computers can be integrated into devices such as televisions, cash registers, sound systems, and other electronic devices. They can even be found embedded in appliances such as stoves and refrigerators and used in automobiles, and aircraft.
Where are computers found within your environment?
Computers are used for many reasons and in many different places. They may be of different sizes and processing power, but all computers have some features in common. In order for most computers to perform useful functions, there are three things that have to work together:
1. Hardware – the physical components, both internal and external, that make up a computer.
2. Operating System – a set of computer programs that manages the hardware of a computer. An operating system controls the resources on a computer, including memory and disk storage. An example of an operating system is Windows XP.
3. Application Software – programs loaded on the computer to perform a specific function using the capabilities of the computer. An example of application software is a word processor or a computer game.
Local And Network Aplication
The computer is only as useful as the program or application on it. Applications can be divided into two general categories:
Business/Industry Software – Software designed for use by a specific industry or market. Examples include: medical practice management tools, educational tools and legal software.
General Use Software – Software used by a wide range of organizations and home users for various purposes. These applications can be used by any business or individual.
General use software includes integrated applications packages known as Office Suites. They usually include applications such as word processing, spreadsheet, database, presentation and contacts/schedule management.
Other popular applications include graphics editing software and multimedia authoring applications. These tools allow users to manipulate photos as well as create rich media presentations that use voice, video and graphics.
In addition to Business/Industry and General Use software, an application can be classified as local or networked.
Local application – A local application is a program, such as a word processor, that is stored on the hard disk of the computer. The application runs only on that computer.
Network application – A network application is one that is designed to run over a network, such as the Internet. A network application has two components, one that runs on the local computer and one that runs on a remote computer. Email is an example of a network application.
Most computers have a combination of local and network applications installed.
Clases Of Computer
There are many different types of computers available including:
Mainframes
Servers
Desktops
Workstations
Laptops
Hand-held portable devices
Each type of computer has been designed with a particular purpose in mind, such as portable access to information, processing of detailed graphics, and so on.
The most common types of computers used in homes and businesses are servers, workstations, desktops, laptops and other portable devices. Mainframes, on the other hand, are large centralized computers found in sizeable enterprises and purchased through specialized resellers.
Server, desktop, And Workstation
#Servers
Servers are high performance computers used in businesses and other organizations. Servers provide services to many end users or clients.
Server hardware is optimized for quick response time to multiple network requests. Servers have multiple Central Processing Units (CPUs), large amounts of Random Access Memory (RAM) and multiple high capacity disk drives that provide very fast information retrieval.
The services provided by a server are often important and may need to be available to users at all times. Servers, therefore, often contain duplicate, or redundant, parts to prevent them from failing. Automatic and manual backups of data are also usually done on a regular basis. Servers are usually kept in secure areas where access is controlled.
Their design may be one of several types: they can be a standalone tower design, be rack mounted, or have a blade design. Since a server is typically used as a storage point and not a day-to-day end-user device, it may not have a monitor or keyboard, or may share a monitor and keyboard with other devices.
Common services found on a server include file storage, email storage, web pages, print sharing and others.
#Desktops
Desktops support many options and capabilities. A wide variety of cases, power supplies, hard drives, video cards, monitors and other components are available. Desktops can have many different connection types, video options, and a wide array of supported peripherals.
Desktops are commonly used to run applications such as word processing, spreadsheets and networked applications such as email and web browsing.
There is another type of computer that may look similar to a desktop, but is much more powerful: the workstation.
#Workstation
Workstations are high-powered business computers. They are designed for specialized, high-end applications like engineering programs such as CAD (Computer Aided Design). Workstations are used in 3-D graphics design, video animation and virtual reality simulation. They may also be used as management stations for telecommunications or medical equipment. As with servers, workstations typically have multiple CPUs, large amounts of RAM and multiple, high-capacity disk drives that are very fast. Workstations usually have very powerful graphics capabilities and a large monitor or multiple monitors.
Servers, desktops and workstations are all designed as stationary devices. They are not portable, like laptops.
Portable Device
In addition to various types of stationary computers, there are many portable electronic devices available.
These portable devices vary in size, power and graphic capability and include:
Laptop or notebook PC
Tablet PC
Pocket PC
Personal Digital Assistant (PDA)
Gaming device
Cell phones
Laptops, also called notebooks, are comparable to desktops in usage and processing capability. However, they are portable devices built to be lightweight and use less power, with a built-in mouse, monitor and keyboard. Laptops can also be plugged into a docking station which allows the user to utilize a larger monitor, mouse, full-sized keyboard and have more connection options.
Despite this, laptops have a limited number of configurations available, such as video options and connection types. They are also not as easily upgradeable as the desktop.
Other portable devices, such as PDAs or pocket PCs, have less powerful CPUs and less RAM. They have small screens with limited display capabilities and may have a small input keyboard.
The key advantage of portable computers is that information and services are available immediately, almost anywhere. For example, mobile phones have built-in address books for contact names and telephone numbers. PDAs are available with built-in telephone, web browser, email, and other software.
The functions of these individual devices can be combined into one multifunction device. The multifunction device can combine a PDA, cell phone, digital camera, and music player. It can provide Internet access and wireless networking capability, but has limited processing power similar to the PDA.
Representing Information Digital
Within a computer, information is represented and stored in a digital binary format. The term bit is an abbreviation of binary digit and represents the smallest piece of data. Humans interpret words and pictures; computers interpret only patterns of bits.
A bit can have only two possible values, a one digit (1) or a zero digit (0). A bit can be used to represent the state of something that has two states. For example, a light switch can be either On or Off; in binary representation, these states would correspond to 1 and 0 respectively.
Computers use binary codes to represent and interpret letters, numbers and special characters with bits. A commonly used code is the American Standard Code for Information Interchange (ASCII). With ASCII, each character is represented by a string of bits. For example:
Capital letter: A = 01000001
Number: 9 = 00111001
Special character: # = 00100011
Each group of eight bits, such as the representations of letters and numbers, is known as a byte.
Codes can be used to represent almost any type of information digitally: computer data, graphics, photos, voice, video and music.
Measuring Data Storage Capacity
While a bit is the smallest representation of data, the most basic unit of digital storage is the byte. A byte is 8 bits and is the smallest unit of measure (UOM) used to represent data storage capacity.
When referring to storage space, we use the terms bytes (B), kilobytes (KB), megabytes (MB), gigabytes (GB), and terabytes (TB).
One kilobyte is a little more than one thousand bytes, specifically 1,024. A megabyte represents more than a million bytes or 1,048,576. A gigabyte is 1,073,741,824 bytes and so on. The exact number is gained by taking 2^n power. Example: KB = 2^10; MB = 2^20; GB = 2^30.
In general, when something is represented digitally, the greater the detail, the greater the number of bits needed to represent it. A low-resolution picture from a digital camera will use around 360KB, and a high-resolution picture could use 2 MB or more.
Kilobytes, megabytes, gigabytes, and terabytes are typically used to measure the size or storage capacity of a device. Examples of components and devices that use byte storage include: random access memory (RAM), hard disk drive space, CDs, DVDs, and MP3 players.
Measuring Speed, resolution, And Frequency
One of the advantages of digital information is that it can be transmitted over long distances without the quality becoming degraded. A modem is used to convert the binary information into a form suitable for transmitting through the medium.
Commonly used media are:
Cables, which use pulses of electricity through copper wires
Fiber optics, which use pulses of light over fibers made from glass or plastic
Wireless, which uses pulses of low-power radio waves.
There are two measures for the size of a file: bits (b) and bytes (B). Communication engineers think in terms of transferring bits, whereas computer users think in terms of file sizes, which are usually measured in Bytes (such as kilobytes, megabytes, etc). There are eight bits to one byte.
The data rate determines how long it will take to transfer a file. The larger the file, the longer it takes, because there is more information to transfer. Data transfer rates are measured in thousands of bits per second (kbps) or millions of bits per second (Mbps). Notice, that in the kbps acronym, a lower case k is used instead of the upper case K. This is because when talking about the transfer of data, most engineers round the number down. So a kbps actually refers to the transfer of 1000 bits of information in one second, whereas a Kbps would refer to the transfer of 1024 bits of information in one second. A DSL or a cable modem can operate in ranges of 512 kbps, 2 Mbps or higher depending on the technology being used.
#Download time
Calculated download times are theoretical and depend on cable connection, computer processor speed and other overheads. To get an estimate of the length of time it takes to download a file, divide the file size by the data rate. For example, how long will it take to transfer a low resolution digital photo of 256KB via a 512kbps cable connection? First step, convert the file size into bits: 8 x 256 x 1024 = 2097152 bits. 256KB corresponds to 2097 kb. Notice that the 2097152 is rounded to the nearest 1000, so lower case k is used. The download time is then 2097 kb divided by 512 kbps, which equates to approximately 4 seconds.
In addition to storage capacity and data transfer speed, there are other units of measure when working with computers.
Computer Screen Resolution
Graphics resolution is measured in pixels. A pixel is a distinct point of light displayed on a monitor. The quality of a computer screen is defined by the number of horizontal and vertical pixels that can be displayed. For example a widescreen monitor may be able to display 1280 x 1024 pixels with millions of colors. As for image resolution in digital cameras, it is measured by the number of mega pixels that can captured in a photograph.
Analog Frequencies
Hertz is a measurement of how fast something cycles or refreshes. One hertz represents one cycle per second. In computers, the speed of the computer processor is measured by how fast it can cycle in order to execute instructions, measured in hertz. For example, a processor that runs at 300 MHz (megahertz) executes 300 million cycles per second. Wireless transmissions and radio frequencies are also measured in hertz.
Computer System
There are many types of computers. What makes one computer better suited to play a new game or play a new audio file over another? The answer is the components and peripherals that make up the computer system.
The requirements for a machine dedicated mainly to word processing are very different than one designed for graphics applications or gaming. It is important to determine the intended uses for a computer before deciding on the type of computer and components to purchase.
Many manufacturers mass produce computer systems and sell them either through direct marketing or retail chains. These computer systems are designed to function well for a variety of tasks. There are also a number of vendors that can custom assemble computer systems to the end-user’s specifications. There are advantages and disadvantages for both.
Preassembled Computer
Advantages:
Lower cost
Adequate to perform most applications
No waiting period for assembly
Typically used by less knowledgeable consumers who do not require special needs
Disadvantages:
Often lack the performance level that can be obtained from custom built computers
Custom Built Computer
Advantages:
The end-user can specify exact components that meet user needs
Generally support higher performance applications such as graphics, gaming, and server applications
Disadvantages:
Generally more costly than a preassembled device
Longer waiting periods for assembly
It is also possible to purchase the individual parts and component of a computer and build it. Regardless of the decision to buy a preassembled or custom built system or build it, the final product must match the requirements of the end user. Some of the items to consider when purchasing a computer include: the motherboard, processor, RAM, storage, adapter cards, as well as the case and power options.
MotherBoard, CPU, And RAM
A motherboard is a large circuit board used to connect the electronics and circuitry required which comprise the computer system. Motherboards contain connectors which allow major system components such as the CPU and RAM to attach to the board. The motherboard moves data between the various connections and system components.
A motherboard can also contain connector slots for network, video and sound cards. However, many motherboards now come equipped with these features as integrated components. The difference between the two is how they are upgraded. When using connectors on the motherboard, system components are easily unplugged and changed or upgraded as technology advances.
When upgrading or replacing an on-board feature, it cannot be removed from the motherboard. Therefore, it is often necessary to disable the on-board functionality and add an additional dedicated card using a connector.
When selecting a motherboard it must:
Support the selected CPU type and speed
Support the amount and type of system RAM required by the applications
Have sufficient slots of the correct type to accept all required interface cards
Have sufficient interfaces of the correct type
Central Processing Unit (CPU)
The CPU, or processor, is the nerve center of the computer system. It is the component that processes all of the data within the machine. The type of CPU should be the first decision made when building or updating a computer system. Important factors when selecting a CPU are the processor speed and bus speed.
Processor Speed
Processor speed measures how fast a CPU cycles information. It is generally measured in MHz or GHz. The higher the speed the faster the performance. Faster processors consume more power and create more heat than their slower counterparts. For this reason, mobile devices, such as laptop computers, typically use processors that are slower and consume less power in order to extend the time they can operate using batteries.
Bus Speed
CPUs transfer data between various types of memory on the system board during its operation. The pathway for this movement of data is called the bus. In general, the faster the bus, the faster the computer will be.
When selecting a CPU, keep in mind that applications continue to evolve. Purchasing a CPU of moderate speed may satisfy current requirements. Future applications, however, may be more complicated and require, for example, fast high resolution graphics; if the CPU is not sufficiently fast, the overall performance, measured in terms of response time, will be slower.
The CPU is mounted through a socket on the motherboard and is normally the largest component on the board. The motherboard must be equipped with a compatible socket to accept the selected CPU.
RAM is a type of data storage used in computers. It is used to store programs and data while being processed by the CPU. Stored data is accessed in any order, or at random, as needed. All computer programs run from RAM. Besides the CPU, the amount of RAM is the most important factor in computer performance.
Every operating system requires a minimal amount of RAM in order for the OS to function. Most computers are capable of running multiple applications simultaneously, or multi-tasking. For example, many users run email programs, Instant Messenger clients, as well as anti-virus tools or firewall software. All of these applications require memory. The more applications that need to run simultaneously, the more RAM required.
More RAM is also recommended for computer systems with multiple processors. Additionally, as the speed of the CPU and the bus increase, so must the speed of the memory it accesses. The amount and type of RAM that can be installed on a system is dictated by the motherboard.
Adapter Card
Adapter cards add functionality to a computer system. They are designed to be plugged into a connector or slot on the motherboard and become part of the system. Many motherboards are designed to incorporate the functionality of these adapter cards on the motherboard itself thus removing the necessity to purchase and install separate cards. While this does provide basic functionality, the addition of dedicated adapter cards can often provide an enhanced level of performance.
Some of the more common adapter cards include:
Video cards
Sound cards
Network interface cards
Modems
Interface cards
Controller cards
Storage Device
When power is removed from the computer, any data stored in RAM is lost. Programs and user data must be stored in a form that will not disappear when the power is removed. This is known as non-volatile storage. Many types of non-volatile storage are available for computer systems including:
Magnetic storage devices
Optical storage devices
Static memory (flash) drives
Magnetic Storage
Magnetic storage devices are the most common form found in computers. These devices store information in the form of magnetic fields. They include:
Hard disk drives
Floppy drives
Tape drives
Optical Drives
Optical storage devices use laser beams to record information by creating differences in optical density. These devices include CDs and DVDs and come in three different formats:
Read only: CD, DVD
Write once: CD-R, DVD-R
Write many: CD-RW, DVD-RW
The prices of these devices continue to fall and most computers now incorporate DVD-RW drives that can store approximately 4.7 GB of data on a single disc.
Another form of DVD drive, called Blu-ray is also available. It uses a different type of laser to read and write data. The color of the laser used to store this information is blue-violet. For this reason, disks are called Blu-ray, to distinguish them from conventional DVDs which use a red laser. Blu-ray disks have storage capacities of 25 GB and more.
Static Memory and Memory Sticks
Static memory devices use memory chips to store information. This information is retained even after power is turned off. They connect to a USB port on the computer and offer capacities of 128 MB or more. Due to their size and shape, these devices are known as USB memory keys or flash drives and have widely replaced floppy disks for transportation of files between systems. Many portable and hand-held devices rely entirely on static memory for storage.
When purchasing storage for a computer system, it is generally good practice to have a mix of magnetic storage, optical drives as well as static memory available. When determining storage requirements, be sure to allow for growth by adding an additional 20% of storage above estimated needs.
Peripheral Device
A peripheral is a device that is added to the computer to expand its capabilities. These devices are optional in nature and are not required for the basic functioning of the computer. Instead they are used to increase the usefulness of the machine. Peripheral devices are connected externally to the computer using a specialized cable or wireless connection.
Peripheral devices can fit into one of four categories: input, output, storage or networking devices. Examples of some common peripherals include:
Input devices – trackball, joystick, scanner, digital camera, digitizer, barcode reader, microphone
Output devices – printer, plotter, speakers, headphones
Storage devices – secondary hard drive, external CD/DVD devices, flash drives
Networking – external modems, external NIC
Case And Power Supply
Once all internal components and connections are determined, the case is the next consideration. Some cases are designed to sit on top of the user’s desk while others sit below the desk. Computers designed to sit on the desk provide easy access to interfaces and drives but occupy valuable desk space. A tower or mini-tower can either be used on the desk or sit beneath the table. Whatever the case style, select one that has enough space for all components.
The case and power supply are usually sold together as a unit. The power supply must be sufficient to power the system and any devices that are added to it in the future.
Computer systems require a steady supply of continuous power. The power from many electricity supply companies is subject to voltage reductions and cuts. A poor supply can affect the performance of computer hardware and possibly damage it. These power issues can also corrupt software and data.
In order to help protect the computer system from these power problems, devices such as surge suppressors and uninterruptible power supplies (UPS) have been developed.
Surge Suppressor
A surge suppressor is designed to remove voltage spikes and surges from the power line and prevent them from damaging a computer system. They are relatively inexpensive and easy to install.
Generally the surge suppressor is plugged into the power outlet and the computer system is plugged into the surge suppressor. Many surge suppressors also have connectors for phone lines to protect modems from damage due to voltage surges that may be carried through the telephone lines.
Uninterruptible Power Supplies
A UPS is a device that continually monitors the power to a computer system and maintains the charge on an internal battery. If the power is interrupted, the UPS provides backup power to the system without interruption. The backup power comes from a battery inside the UPS and can only power the computer system for a short period of time. UPSs are designed to provide the end-user with sufficient time to properly shut down a computer system should the main power fail. A UPS can also provide an even flow of power to the computer and prevent damage caused by voltage surges.
UPSs suitable for home and small business use are relatively inexpensive and often incorporate surge suppressors and other functionality to stabilize the power supplied by the utilities company. It is highly recommended that all computers be protected by a UPS regardless of their functionality or location.
Safety And Best Practise
Computers are a collection of very complex components and peripherals, all working together to accomplish a task. Occasionally one of these components fails, or needs to be upgraded to improve the functionality of the system. This may require opening the computer and working inside the case.
When working inside a computer case, it is important to keep precautions in mind to prevent damage to the system components as well as harm to the technician. Before the computer case is opened, make sure the computer is switched off and the power cable is unplugged.
Computer systems and monitors can be very heavy and should be lifted with caution. Before opening a computer system be sure to have a proper work area. The work area should be a clean flat surface, strong enough to support the weight of heavy equipment. It should be well organized, free from clutter and distractions, and adequately lit to prevent eye stain.
Wear proper eye protection to prevent accumulated dust, small screws, and components from causing damage to the eyes. Additionally, when opening a computer case, be aware there are sharp edges that should be avoided.
Power supplies and monitors operate at dangerously high voltages and should only be opened by individuals with special training.
Some computer systems are specially designed to enable components to be hot-swapped, meaning that it is not necessary to turn off the computer before adding or removing components. This feature allows the system to remain operational during repairs or upgrades and is usually found in high performance servers.
Unless you are sure that the system is hot-swappable, turn it off before opening the case or removing components. Inserting or removing components with the power on, in a system that is not hot-swappable, can cause permanent and serious damage to the system and technician.
Internal system components are especially sensitive to static electricity. ESD (Electrostatic Discharge) is static electricity that can be transferred from your body to electronic components in the computer. The static electricity doesn’t have to be felt by you in order to occur.
ESD can cause catastrophic failures in components, making them non-functional. ESD can also cause intermittent faults which are very difficult to isolate. For this reason, proper grounding is essential. A special wrist grounding strap is used to connect the technician to the computer case. Grounding ensures that they both reach the same voltage potential and ESD is prevented.
Excess force should never be used when installing components. Excessive force can damage both the motherboard and the component being installed, and can prevent the system from functioning properly. Damage is not always visible. Force can also damage connectors which, in turn, can damage new system components.
In order to make certain that all safety precautions are followed it is a good idea to create a safety checklist which can be followed.
Instaling Component And Perifiying Operation
The following procedures apply to most system components.
1. Determine if the computer component is hot-swappable. If not, or if in doubt, unplug the system unit before opening the case.
2. Attach a grounding strap from your body to the system framework, or chassis, to prevent any damage which may be caused by ESD.
3. If replacing a component, remove the old component. Components are often held into the system with small screws or clips. When removing screws do not to let them drop on the system motherboard. Also, be careful not to break any plastic clips.
4. Check the connection type on the new component. Each card is designed to work only with a certain type of connector and should not be forced when inserting or removing the card.
5. Place the new component in the correct connection slot, with the correct orientation, carefully following all installation instructions that may have accompanied the component.
Follow safety precautions throughout the process.
Once the component has been added or upgraded, close the case and reconnect the power and other cables. Switch on the system and watch for any messages that may appear on the screen. If the system fails to start, disconnect all cables and verify that the component was properly installed. If the system still will not start with the new component installed, remove it and try to start the system. If the system starts without the new component, the component may not be compatible with the current hardware and software and additional research into the problem is required.
Certain components require the addition of a specialized piece of software, or driver, to function. For commonly encountered components the drivers are usually contained in the operating system itself but for more specialized components the driver must be added separately. Newer operating systems will usually prompt for the addition of any required drivers.
Drivers are continually updated to improve efficiency and functionality. The most current driver can be obtained from the manufacturer’s web site and should normally be used. Always read any documentation that accompanies the driver software for potential problems and the proper installation procedure.
Once installed, the component should be tested for complete functionality.
Components are designed to make use of specific sets of system resources. If two components try to use the same resources one, or both, will fail. The solution is to change the resources used by one of the devices. Newer components and operating systems are able to dynamically assign system resources.
If the device fails to function properly, verify that the correct and most recent driver is installed. Also check that the operating system has correctly detected and identified the device. If this fails to correct the problem, power down the system, carefully reseat the component, and verify that all connections are correct. Check the component documentation for the correct settings. If the device continues to be non-functional, it is possible that the component is defective and it should be returned to the vendor.
Peripheral devices, unlike internal components, do not require the computer case to be opened for installation. Peripherals connect to an interface on the outside of the case with a wired or wireless link. Historically peripherals were designed to function when connected to a specific type of port. For example, Personal Computer printers were designed to connect to a parallel port which transferred data from the computer to the printer in a specific format.
More recently the development of the Universal Serial Bus (USB) interface has greatly simplified the connection of peripheral devices that use wires. USB devices require no complex configurations and can merely be plugged into an appropriate interface assuming the proper driver has been installed. There have also been an increasing number of peripheral devices which connect to the host computer through wireless technology.
The installation of a peripheral device requires several steps. The order and detail of these steps varies depending on the type of physical connection and whether or not the peripheral is a Plug-and-Play (PnP) device. The steps include:
Connect the peripheral to the host using the appropriate cable or wireless connection
Connect the peripheral to a power source
Install the appropriate driver
Some old peripheral devices, so-called legacy devices, are not PnP enabled. For these, driver installation occurs after the device has been connected to the printer and powered up.
For PnP enabled USB devices, the driver is preinstalled on the system. In this case, when the PnP device is connected and powered on, the operating system recognizes the device and installs the appropriate driver.
Installation of outdated or wrong drivers can cause a peripheral device to behave unpredictably. For this reason, it is necessary to install the most current drivers available.
If the peripheral device does not function once connected and installed, verify that all cables have been properly connected and that the device is powered up.
Many devices, such as printers, offer a testing functionality on the device directly, and not through the computer. Use this feature to verify that the device itself is functioning properly. If the device is operational, but not connecting to the computer system, the problem could be with the cable connection.
Swap the suspect cable with a known good one. If this fails to solve the problem the next step is to verify that the connection port the peripheral device is connected to is recognized by the operating system.
If everything appears to be functioning properly the device may not be compatible with the current hardware or operating system and requires more research to solve the problem.
Once installed, the full functionality of the peripheral device must be tested. If only partial functionality is available the most likely cause is an outdated driver. This is easily remedied by downloading and installing the most current driver from the manufacturer’s web site.
Leave a Comment » | 
CNAP~sMt~1 | 
Permalink
Posted by maoels
Chapter Two (smt1)
September 15, 2008Purpose Of An Operating System
System components and peripherals, by themselves, are nothing more than a collection of electronics and mechanical parts. To get these parts to work together to perform a specific task, a special type of computer program, known as an operating system (OS), is required.
Suppose that a user wants to write a report and print it out on an attached printer. A word processing application is required to accomplish this task. Information is entered from the keyboard, displayed on the monitor, saved on the disk drive and then finally sent to the printer.
In order for the word processing program to accomplish all of this, it must work with the OS, which controls input and output functions. In addition, the entered data is manipulated inside of the computer, stored in RAM and processed by the CPU. This internal manipulation and processing is also controlled by the OS. All computerized devices, such as servers, desktops, laptops or handhelds, require an OS in order to function.
The OS acts like a translator between user applications and the hardware. A user interacts with the computer system through an application, such as a word processor, spreadsheet, computer game or instant messaging program. Application programs are designed for a specific purpose, such as word processing, and know nothing of the underlying electronics. For example, the application is not concerned with how information is entered into the application from the keyboard. The operating system is responsible for the communication between the application and the hardware.
When a computer is powered on, it loads the OS, normally from a disk drive, into RAM. The portion of the OS code that interacts directly with the computer hardware is known as the kernel. The portion that interfaces with the applications and user, is known as the shell. The user can interact with the shell using either the command line interface (CLI) or graphical user interface (GUI).
When using the CLI, the user interacts directly with the system in a text-based environment by entering commands on the keyboard at a command prompt. The system executes the command, often providing textual output. The GUI interface allows the user to interact with the system in an environment that uses graphical images, multimedia, and text. Actions are performed by interacting with the images on screen. GUI is more user friendly and requires less knowledge than CLI of the command structure to utilize the system. For this reason, many individuals rely on the GUI environments. Most operating systems offer both GUI and CLI.
Operating systems have complete control of local hardware resources. They are designed to work with one user at a time. They enable the user to multitask. The operating system keeps track of which resources are used by which application.
In order to work with resources that are not directly connected to the computer system, a special piece of software must be added that allows a device to send and receive data from the network. This software, known as a redirector, may either be an integral part of the OS or may need to be installed separately as a network client. When installed, the operating system becomes a network operating system (NOS).
A NOS offers complex scheduling and user management software that allow a device to share resources between many users and treat networked resources as though they are directly connected.
Operating System Requipments
There are many different operating systems available. The major groupings are listed here with some examples.
Microsoft Windows: XP, Vista, 2003 Server
UNIX-Based: IBM AIX, Hewlett Packard HPUX, and Sun Solaris
BSD – Free BSD
Linux-Based (Many varieties)
Macintosh OS X
Non-Unix Proprietary: IBM OS/400, z/OS
While most of these operating systems require the user to purchase and agree to a commercial license, there are several operating systems released under a different type of licensing scheme known as the GNU Public License (GPL).
Commercial licenses usually deny end-users the ability to modify the program in any way. Windows XP, Mac OS X and UNIX are all examples of commercial OS software.
In contrast, the GPL allows end-users to modify and enhance the code, if they desire, to better suit their environment. Some common operating systems, which are released under the GPL, include Linux and BSD.
Operating systems require a certain amount of hardware resources. These resources are specified by the manufacturer and include such things as:
Amount of RAM
Hard disk space required
Processor type and speed
Video resolution
Manufacturers often specify both a minimum and recommended level of hardware resources. System performance at the minimum specified hardware configuration is usually poor and only sufficient to support the OS and no other functionality. The recommended configuration is usually the better option and is more likely to support standard additional applications and resources.
To take advantage of all of the features provided by an operating system, additional hardware resources such as sound cards, NICs, modems, microphones, and speakers are generally required. Many of the OS developers test various hardware devices and certify that they are compatible with the operating system. Always confirm that the hardware has been certified to work with the operating system before purchasing and installing it.
Operating System Selection
Choosing an appropriate OS requires many factors to be considered before deciding which one to use in a given environment.
The first step in selecting an OS is to ensure that the OS being considered fully supports the requirements of the end user. Does the OS support the applications that will be run? Is the security and functionality sufficient for the needs of the users?
Next, conduct research to make sure that sufficient hardware resources are available to support the OS. This includes such basic items as memory, processors, and disk space, as well peripheral devices such as scanners, sound cards, NICs and removable storage.
Another consideration is the level of human resources needed to support the OS. In a business environment, a company may limit support to one or two operating systems and discourage, or even disallow, the installation of any other OS. In the home environment, the ready availability of technical support for an OS may be a determining factor.
When considering implementing an OS, it is the total cost of ownership (TCO) of the OS that must be considered in the decision making process. This not only includes the costs of obtaining and installing the OS, but also all costs associated with supporting it.
Another factor that may come into play in the decision making process is the availability of the operating system. Some countries and/or businesses have made decisions to support a specific type of OS or may have restrictions barring individuals from obtaining certain types of technologies. In this type of environment, it may not be possible to consider a particular OS regardless of its suitability to the task.
The process for selecting an operating system must take all of these factors into account.
OS Instalation Metods
An OS is installed in a defined section of the hard disk, called a disk partition. There are various methods for installing an OS. The method selected for installation is based on the system hardware, the OS being installed, and user requirements. There are four basic options available for the installation of a new OS:
Clean Install
A clean install is done on a new system or in cases where no upgrade path exists between the current OS and the one being installed. It deletes all data on the partition where the OS is installed and requires application software to be reinstalled. A new computer system requires a clean install. A clean install is also performed when the existing OS installation has become damaged in some way.
Upgrade
If staying within the same OS platform, it is often possible to do an upgrade. With an upgrade, system configuration settings, applications and data are preserved. It simply replaces the old OS files with the new OS files.
Multi-boot
It is possible to install more than one OS on a computer to create a multi-boot system. Each OS is contained within its own partition and can have its own files and configuration settings. On start-up, the user is presented with a menu to select the desired OS. Only one OS can run at a time and it has full control of the hardware.
Virtualization
Virtualization is a technique that is often deployed on servers. It enables multiple copies of an OS to be run on a single set of hardware, thus creating many virtual machines. Each virtual machine can be treated as a separate computer. This enables a single physical resource to appear to function as multiple logical resources.
Prepairing For OS Instalation
A pre-installation checklist helps ensure that the installation process is successful.
1. Verify that all hardware is certified to work with the selected OS.
2. Verify that the hardware resources meet or exceed the published minimum requirements.
3. Confirm that the appropriate installation medium is available. Due to the file size of current operating systems, they are usually available on both CD and DVD medium.
4. If the OS is to be installed on a system that already contains data: (a) Use system diagnostic tools and utilities to ensure the current OS installation is in good condition, free of malicious or damaging files and codes; (b) Complete a full backup of all important files.
5. If performing a clean-install, verify that all application software is available for installation.
Before starting the installation, it is necessary to determine the partition structure that best meets user requirements.
One of the techniques available to help protect data is to divide the hard drive into multiple partitions. With a clean install, many technicians prefer to create one partition for data and a separate partition for the OS. This enables an OS to be upgraded without the risk of losing data. It also simplifies backup and recovery of data files.
It is also necessary to determine the type of file system to use. A file system is the method the OS uses to keep track of the files. Many different file system types exist. Commonly used file systems include FAT16/32, NTFS, HPFS, ext2, ext3. Each OS is designed to work with one or more of these file system types and each file system type offers specific advantages. Careful consideration should be made to the type of file systems supported by the selected OS and the benefits of each.
Although tools exist to modify the partitioning structure and file system of a hard drive after installation, these should be avoided if possible. When modifying either the file system or partition structure on a hard drive, data loss may result. Careful planning can help preserve the integrity of the data.
Configuring A Computer For A Network
Once an OS is installed, the computer can be configured to participate in a network. A network is a group of devices, such as computers, that are connected to each other for the purposes of sharing information and resources. Shared resources can include printers, documents and Internet access connections.
To physically connect to a network, a computer must have a network interface card (NIC). The NIC is a piece of hardware that allows a computer to connect to the network medium. It may be integrated into the computer motherboard or may be a separately installed card.
In addition to the physical connection, some configuration of the operating system is required for the computer to participate in the network. Most modern networks connect to the Internet and use the Internet to exchange information. Each computer on these networks requires an Internet Protocol (IP) address, as well as other information, to identify it. There are three parts to the IP configuration, which must be correct for the computer to send and receive information on the network. These three parts are:
IP address – identifies the computer on the network.
Subnet mask- is used to identify the network on which the computer is connected.
Default gateway- identifies the device that the computer uses to access the Internet or another network.
A computer IP address can be configured manually or assigned automatically by another device.
Manual IP Configuration
With manual configuration, the required values are entered into the computer via the keyboard, typically by a network administrator. The IP address entered is referred to as a static address and is permanently assigned to that computer.
Dynamic IP Configuration
Computers may be set up to receive network configuration dynamically. This allows a computer to request an address from a pool of addresses assigned by another device within the network. When the computer is finished with the address it is returned to the pool for assignment to another computer.
Computer Naming
In addition to the IP address, some network operating systems make use of names. In this environment each individual system must have a unique name assigned to it.
A computer name provides a user friendly name, making it easier for users to connect to shared resources such as folders and printers on other computers.
The network administrator should determine a logical naming scheme that helps to identify a device’s type and/or its location. For example, the name PRT-CL-Eng-01 could represent the first color laser printer in the Engineering Department.
These names are manually assigned to each device, although some tools do exist to help automate the naming process. A computer description can also be entered when assigning a name to provide additional information on the location or function of the device.
Network Name And Address Planing
As a network grows in size and complexity, it becomes increasingly important that it is well planned, logically organized and well documented.
Many organizations develop conventions for naming and addressing of computers. These provide guidelines and rules that can be used by network support personnel when performing these tasks. Computer names must be unique and should have a consistent format that conveys meaningful information. This can help to determine device type, function, location and sequence number based on the device name. IP addresses must also be unique to each device.
The use of logical device naming and addressing conventions that are well documented can greatly simplify the task of training, network management and can help with troubleshooting when problems arise.
Why And When To Apply Paches
Once an operating system (OS) or application is installed, it is important to keep it up to date with the latest patches.
A patch is a piece of program code that can correct a problem or enhance the functionality of an application program or OS. They are usually provided by the manufacturer to repair a known vulnerability or reported problem.
Computers should be continually updated with the latest patches unless there is a good reason not to do so. Sometimes patches may negatively impact the operation of another system feature. The impact of the patch should be clearly understood before it is applied. This information can usually be found on the software manufacturer’s web site.
Applying OS Paches
Patches to operating systems can be installed in different ways, depending on the OS and the needs of the user. Options for downloading and installing updates include:
Automatic installation
The OS can be configured to connect to the manufacturer’s web site, download and install minor updates without any user intervention. Updates can be scheduled to occur during times when the computer is on, but not in use.
Prompt for Permission
Some users wish to have control over which patches are applied. This is often the choice of users who understand what impact a patch may have on system performance. The system can be configured to notify the end-user when a patch is available. The user must then decide if the patch should be downloaded and installed.
Manual
Updates that require major pieces of code to be replaced on a system should be run manually. These major updates are often called service packs and are designed to correct problems with an application or OS, and sometimes to add functionality. These service packs usually require the end user to manually connect to a web site, download and install the update. They may also be installed from a CD that can be obtained from the manufacturer.
Application Paches And Updates
Applications also require patches and updates. Patches are usually released by the manufacturer, to repair a detected vulnerability in the application that could lead to undesirable behavior.
Browsers and office software such as word processors, spreadsheet and database applications are common targets for network attacks. These applications require updates to correct the code that may allow the attack to succeed. The manufacturer may also develop updates that can improve product functionality, at no additional cost.
OS and applications patches are generally found through the manufacturer’s website. The installation process may request permission to install the update and to verify that any supporting software is present. The installation process may also install any programs that are required to support the update. Web updates can be downloaded to the system from Internet and installed automatically.
1 Comment | 
CNAP~sMt~1 | 
Permalink
Posted by maoels
Chapter Three (smt1)
September 15, 2008What Is A Network?
There are many types of networks that provide us with different kinds of services. In the course of a day, a person might make a phone call, watch a television show, listen to the radio, look up something on the Internet, or even play a video game with someone in another country. All of these activities depend on robust, reliable networks. Networks provide the ability to connect people and equipment no matter where they are in the world. People use networks without ever thinking about how they work or what it would be like if the networks did not exist.
This picture of the airport illustrates people using networks to share information, use resources and communicate with others. There are multiple types of networks shown in this scene. How many can you find?
Communication technology in the 1990s, and before, required separate, dedicated networks for voice, video and computer data communications. Each of these networks required a different type of device in order to access the network. Telephones, televisions, and computers used specific technologies and different dedicated network structures, to communicate. But what if people want to access all of these network services at the same time, possibly using a single device?
New technologies create a new kind of network that delivers more than a single type of service. Unlike dedicated networks, these new converged networks are capable of delivering voice, video and data services over the same communication channel or network structure.
New products are coming to market that take advantage of the capabilities of converged information networks. People can now watch live video broadcasts on their computers, make a telephone call over the Internet, or search the Internet using a television. Converged networks make this possible.
In this course, the term network refers to these new multi-purpose, converged information networks.
Benefits Of Networking
Networks come in all sizes. They can range from simple networks consisting of two computers, to networks connecting millions of devices. Networks installed in small offices, or homes and home offices, are referred to as SOHO networks. SOHO networks enable sharing of resources, such as printers, documents, pictures and music between a few local computers.
In business, large networks can be used to advertise and sell products, order supplies, and communicate with customers. Communication over a network is usually more efficient and less expensive than traditional forms of communication, such as regular mail or long distance phone calls. Networks allow for rapid communication such as email and instant messaging, and provide consolidation, storage, and access to information on network servers.
Business and SOHO networks usually provide a shared connection to the Internet. The Internet is considered a “network of networks” because it is literally made up of thousands of networks that are connected to each other.
Here are other uses of a network and the Internet:
Sharing music and video files
Research and on-line learning
Chatting with friends
Planning vacations
Purchasing gifts and supplies
Can you think of other ways people use networks and the Internet in their daily lives?
There are many components that can be part of a network, for example personal computers, servers, networking devices, and cabling. These components can be grouped into four main categories:
Hosts
Shared peripherals
Networking devices
Networking media
The network components that people are most familiar with are hosts and shared peripherals. Hosts are devices that send and receive messages directly across the network.
Shared peripherals are not directly connected to the network, but instead are connected to hosts. The host is then responsible for sharing the peripheral across the network. Hosts have computer software configured to enable people on the network to use the attached peripheral devices.
The network devices, as well as networking media, are used to interconnect hosts.
Some devices can play more than one role, depending on how they are connected. For example, a printer directly connected to a host (local printer) is a peripheral. A printer directly connected to a network device and participates directly in network communications is a host.
Computer Roles In A Network
All computers connected to a network that participate directly in network communication are classified as hosts. Hosts can send and receive messages on the network. In modern networks, computer hosts can act as a client, a server, or both. The software installed on the computer determines which role the computer plays.
Servers are hosts that have software installed that enable them to provide information, like email or web pages, to other hosts on the network. Each service requires separate server software. For example, a host requires web server software in order to provide web services to the network.
Clients are computer hosts that have software installed that enable them to request and display the information obtained from the server. An example of client software is a web browser, like Internet Explorer.
A computer with server software can provide services simultaneously to one or many clients.
Additionally, a single computer can run multiple types of server software. In a home or small business, it may be necessary for one computer to act as a file server, a web server, and an email server.
A single computer can also run multiple types of client software. There must be client software for every service required. With multiple clients installed, a host can connect to multiple servers at the same time. For example, a user can check email and view a web page while instant messaging and listening to Internet radio.
Peer To Peer Network
Client and server software usually runs on separate computers, but it is also possible for one computer to carry out both roles at the same time. In small businesses and homes, many computers function as the servers and clients on the network. This type of network is called a peer-to-peer network.
The simplest peer-to-peer network consists of two directly connected computers using a wired or wireless connection.
Multiple PCs can also be connected to create a larger peer-to-peer network but this requires a network device, such as a hub, to interconnect the computers.
The main disadvantage of a peer-to-peer environment is that the performance of a host can be slowed down if it is acting as both a client and a server at the same time.
In larger businesses, due to the potential for high amounts of network traffic, it is often necessary to have dedicated servers to support the number of service requests.
Network Topologies
In a simple network consisting of a few computers, it is easy to visualize how all of the various components connect. As networks grow, it is more difficult to keep track of the location of each component, and how each is connected to the network. Wired networks require lots of cabling and network devices to provide connectivity for all network hosts.
When networks are installed, a physical topology map is created to record where each host is located and how it is connected to the network. The physical topology map also shows where the wiring is installed and the locations of the networking devices that connect the hosts. Icons are used to represent the actual physical devices within the topology map. It is very important to maintain and update physical topology maps to aid future installation and troubleshooting efforts.
In addition to the physical topology map, it is sometimes necessary to also have a logical view of the network topology. A logical topology map groups hosts by how they use the network, no matter where they are physically located. Host names, addresses, group information and applications can be recorded on the logical topology map.
The graphics illustrate the difference between logical and physical topology maps.
Source Channel And Destination
The primary purpose of any network is to provide a method to communicate information. From the very earliest primitive humans to the most advanced scientists of today, sharing information with others is crucial for human advancement.
All communication begins with a message, or information, that must be sent from one individual or device to another. The methods used to send, receive and interpret messages change over time as technology advances.
All communication methods have three elements in common. The first of these elements is the message source, or sender. Message sources are people, or electronic devices, that need to communicate a message to other individuals or devices. The second element of communication is the destination, or receiver, of the message. The destination receives the message and interprets it. A third element, called a channel, provides the pathway over which the message can travel from source to destination.
Rules Of Communication
In any conversation between two people, there are many rules, or protocols, that the two must follow in order for the message to be successfully delivered and understood. Among the protocols for successful human communication are:
Identification of sender and receiver
Agreed-upon medium or channel (face-to-face, telephone, letter, photograph)
Appropriate communication mode (spoken, written, illustrated, interactive or one-way)
Common language
Grammar and sentence structure
Speed and timing of delivery
Imagine what would happen if no protocols or rules existed to govern how people communicate with each other. Would you be able to understand them? Are you able to read the paragraph that does not follow commonly accepted protocols?
Protocols are specific to the characteristics of the source, channel and destination of the message. The rules used to communicate over one medium, like a telephone call, are not necessarily the same as communication using another medium, such as a letter.
Protocols define the details of how the message is transmitted, and delivered. This includes issues of:
Message format
Message size
Timing
Encapsulation
Encoding
Standard message pattern
Many of the concepts and rules that make human communication reliable and understandable also apply to computer communication.
Message Encoding
One of the first steps to sending a message is encoding it. Written words, pictures, and spoken languages each use a unique set of codes, sounds, gestures, and/or symbols to represent the thoughts being shared. Encoding is the process of converting thoughts into the language, symbols, or sounds, for transmission. Decoding reverses this process in order to interpret the thought.
Imagine a person watching a sunset and then calling someone else to talk about how beautiful the sunset looks. To communicate the message, the sender must first convert, or encode, their thoughts and perceptions about the sunset into words. The words are spoken into the telephone using the sounds and inflections of spoken language that convey the message. On the other end of the telephone line, the person listening to the description, receives and decodes the sounds in order to visualize the image of the sunset described by the sender.
Encoding also occurs in computer communication. Encoding between hosts must be in an appropriate form for the medium. Messages sent across the network are first converted into bits by the sending host. Each bit is encoded into a pattern of sounds, light waves, or electrical impulses depending on the network media over which the bits are transmitted. The destination host receives and decodes the signals in order to interpret the message.
Message Formating
When a message is sent from source to destination, it must use a specific format or structure. Message formats depend on the type of message and the channel that is used to deliver the message.
Letter writing is one of the most common forms of written human communication. For centuries, the agreed format for personal letters has not changed. In many cultures, a personal letter contains the following elements:
An identifier of the recipient
A salutation or greeting
The message content
A closing phrase
An identifier of the sender
In addition to having the correct format, most personal letters must also be enclosed, or encapsulated, in an envelope for delivery. The envelope has the address of the sender and receiver on it, each located at the proper place on the envelope. If the destination address and formatting are not correct, the letter is not delivered.
The process of placing one message format (the letter) inside another message format (the envelope) is called encapsulation. De-encapsulation occurs when the process is reversed by the recipient and the letter is removed from the envelope.
A letter writer uses an accepted format to ensure that the letter is delivered and understood by the recipient. In the same way, a message that is sent over a computer network follows specific format rules for it to be delivered and processed. Just as a letter is encapsulated in an envelope for delivery, so computer messages are encapsulated. Each computer message is encapsulated in a specific format, called a frame, before it is sent over the network. A frame acts like an envelope; it provides the address of the intended destination and the address of the source host.
The format and contents of a frame are determined by the type of message being sent and the channel over which it is communicated. Messages that are not correctly formatted are not successfully delivered to or processed by the destination host.
Message Size
Imagine what it would be like to read this course if it all appeared as one long sentence; it would not be easy to read and comprehend. When people communicate with each other, the messages that they send are usually broken into smaller parts or sentences. These sentences are limited in size to what the receiving person can process at one time. An individual conversation may be made up of many smaller sentences to ensure that each part of the message is received and understood.
Likewise, when a long message is sent from one host to another over a network, it is necessary to break the message into smaller pieces. The rules that govern the size of the pieces, or frames, communicated across the network are very strict. They can also be different, depending on the channel used. Frames that are too long or too short are not delivered.
The size restrictions of frames require the source host to break a long message into individual pieces that meet both the minimum and maximum size requirements. Each piece is encapsulated in a separate frame with the address information, and is sent over the network. At the receiving host, the messages are de-encapsulated and put back together to be processed and interpreted.
Message Timing
One factor that affects how well a message is received and understood is timing. People use timing to determine when to speak, how fast or slow to talk, and how long to wait for a response. These are the rules of engagement.
Access Method
Access Method determines when someone is able to send a message. These timing rules are based on the environment. For example, you may be able to speak whenever you have something to say. In this environment, a person must wait until no one else is talking before speaking. If two people talk at the same time, a collision of information occurs and it is necessary for the two to back off and start again. These rules ensure communication is successful. Likewise, it is necessary for computers to define an access method. Hosts on a network need an access method to know when to begin sending messages and how to respond when errors occur.
Flow Control
Timing also effects how much information can be sent and the speed that it can be delivered. If one person speaks too quickly, it is difficult for the other person to hear and understand the message. The receiving person must ask the sender to slow down. In network communication, a sending host can transmit messages at a faster rate than the destination host can receive and process. Source and destination hosts use flow control to negotiate correct timing for successful communication.
Response Timeout
If a person asks a question and does not hear a response within an acceptable amount of time, the person assumes that no answer is coming and reacts accordingly. The person may repeat the question, or may go on with the conversation. Hosts on the network also have rules that specify how long to wait for responses and what action to take if a response timeout occurs.
Message Pattern
Sometimes, a person wants to communicate information to a single individual. At other times, the person may need to send information to a group of people at the same time, or even to all people in the same area. A conversation between two people is an example of a one-to-one pattern of communication. When a group of recipients need to receive the same message simultaneously, a one-to-many or one-to-all message pattern is necessary.
There are also times when the sender of a message needs to be sure that the message is delivered successfully to the destination. In these cases, it is necessary for the recipient to return an acknowledgement to the sender. If no acknowledgement is required, the message pattern is referred to as unacknowledged.
Hosts on a network use similar message patterns to communicate.
A one-to-one message pattern is referred to as a unicast, meaning that there is only a single destination for the message.
When a host needs to send messages using a one-to-many pattern, it is referred to as a multicast. Multicasting is the delivery of the same message to a group of host destinations simultaneously.
If all hosts on the network need to receive the message at the same time, a broadcast is used. Broadcasting represents a one-to-all message pattern. Additionally, hosts have requirements for acknowledged versus unacknowledged messages.
Protocol Use In Communication
All communication, both human and computer, is governed by pre-established rules, or protocols. These protocols are determined by the characteristics of the source, channel and destination. Based on the source, channel and destination, the protocols define the details for the issues of message format, message size, timing, encapsulation, encoding and standard message pattern.
Importance Of Protocol
Computers, just like humans, use rules, or protocols, in order to communicate.
Protocols are especially important on a local network. In a wired environment, a local network is defined as an area where all hosts must “speak the same language” or in computer terms “share a common protocol”.
If everyone in the same room spoke a different language they would not be able to communicate. Likewise, if devices in a local network did not use the same protocols they would not be able to communicate.
The most common set of protocols used on local wired networks is Ethernet.
The Ethernet protocol defines many aspects of communication over the local network, including: message format, message size, timing, encoding, and message patterns.
Standarizaton Of Protocol
In the early days of networking, each vendor used their own, proprietary methods of interconnecting network devices and networking protocols. Equipment from one vendor could not communicate with equipment from another.
As networks became more widespread, standards were developed that defined rules by which network equipment from different vendors operated. Standards are beneficial to networking in many ways:
Facilitate design
Simplify product development
Promote competition
Provide consistent interconnections
Facilitate training
Provide more vendor choices for customers
There is no official local networking standard protocol, but over time, one technology, Ethernet, has become more common than the others. It has become a de facto standard.
The Institute of Electrical and Electronic Engineers, or IEEE (pronounced eye-triple-e), maintains the networking standards, including Ethernet and wireless standards. IEEE committees are responsible for approving and maintaining the standards for connections, media requirements and communications protocols. Each technology standard is assigned a number that refers to the committee that is responsible for approving and maintaining the standard. The committee responsible for the Ethernet standards is 802.3.
Since the creation of Ethernet in 1973, standards have evolved for specifying faster and more flexible versions of the technology. This ability for Ethernet to improve over time is one of the main reasons that it has become so popular. Each version of Ethernet has an associated standard. For example, 802.3 100BASE-T represents the 100 Megabit Ethernet using twisted pair cable standards. The standard notation translates as:
100 is the speed in Mbps
BASE stands for baseband transmission
T stands for the type of cable, in this case, twisted pair.
Early versions of Ethernet were relatively slow at 10 Mbps. The latest versions of Ethernet operate at 10 Gigabits per second and faster. Imagine how much faster these new versions are than the original Ethernet networks.
Physical Addressing
All communication requires a way to identify the source and destination. The source and destination in human communication are represented by names.
When a name is called, the person with that name listens to the message and responds. Other people in the room may hear the message, but they ignore it because it is not addressed to them.
On Ethernet networks, a similar method exists for identifying source and destination hosts. Each host connected to an Ethernet network is assigned a physical address which serves to identify the host on the network.
Every Ethernet network interface has a physical address assigned to it when it is manufactured. This address is known as the Media Access Control (MAC) Address. The MAC address identifies each source and destination host on the network.
Ethernet networks are cable based, meaning that a copper or fiber optic cable connects hosts and networking devices. This is the channel used for communications between the hosts.
When a host on an Ethernet network communicates, it sends frames containing its own MAC address as the source and the MAC address of the intended recipient. Any hosts that receive the frame will decode the frame and read the destination MAC address. If the destination MAC address matches the address configured on the NIC, it will process the message and store it for the host application to use. If the destination MAC address does not match the host MAC address, the NIC will ignore the message.
Ethernet Communication
The Ethernet protocol standards define many aspects of network communication including frame format, frame size, timing and encoding.
When messages are sent between hosts on an Ethernet network, the hosts format the messages into the frame layout that is specified by the standards. Frames are also referred to as Protocol Data Units (PDUs).
The format for Ethernet frames specifies the location of the destination and source MAC addresses, and additional information including:
Preamble for sequencing and timing
Start of frame delimiter
Length and type of frame
Frame check sequence to detect transmission errors.
The size of Ethernet frames is limited to a maximum of 1518 bytes and a minimum size of 64 bytes. Frames that do not match these limits are not processed by the receiving hosts. In addition to the frame formats, sizes and timing, Ethernet standards define how the bits making up the frames are encoded onto the channel. Bits are transmitted as either electrical impulses over copper cable or as light impulses over fiber optic cable.
Hierarcy Of Design Ethernet Network
Imagine how difficult communication would be if the only way to send a message to someone was to use the person’s name. If there were no street addresses, cities, towns, or country boundaries, delivering a message to a specific person across the world would be nearly impossible.
On an Ethernet network, the host MAC address is similar to a person’s name. A MAC address indicates the individual identity of a specific host, but it does not indicate where on the network the host is located. If all hosts on the Internet (over 400 million of them) were each identified by only their unique MAC address, imagine how difficult it would be to locate a single one.
Additionally, Ethernet technology generates a large amount of broadcast traffic in order for hosts to communicate. Broadcasts are sent to all hosts within a single network. Broadcasts consume bandwidth and slow network performance. What would happen if the millions of hosts attached to the Internet were all in one Ethernet network and were using broadcasts?
For these two reasons, large Ethernet networks consisting of many hosts are not efficient. It is better to divide larger networks into smaller, more manageable pieces. One way to divide larger networks is to use a hierarchical design model.
In networking, hierarchical design is used to group devices into multiple networks that are organized in a layered approach. It consists of smaller, more manageable groups that allow local traffic to remain local. Only traffic that is destined for other networks is moved to a higher layer.
A hierarchical, layered design provides increased efficiency, optimization of function, and increased speed. It allows the network to scale as required because additional local networks can be added without impacting the performance of the existing ones.
The hierarchical design has three basic layers:
Access Layer – to provide connections to hosts in a local Ethernet network.
Distribution Layer – to interconnect the smaller local networks.
Core Layer – a high-speed connection between distribution layer devices.
With this new hierarchical design, there is a need for a logical addressing scheme that can identify the location of a host. This is the Internet Protocol (IP) addressing scheme.
Logical Addressing
A person’s name usually does not change. A person’s address on the other hand, relates to where they live and can change. On a host, the MAC address does not change; it is physically assigned to the host NIC and is known as the physical address. The physical address remains the same regardless of where the host is placed on the network.
The IP address is similar to the address of a person. It is known as a logical address because it is assigned logically based on where the host is located. The IP address, or network address, is assigned to each host by a network administrator based on the local network.
IP addresses contain two parts. One part identifies the local network. The network portion of the IP address will be the same for all hosts connected to the same local network. The second part of the IP address identifies the individual host. Within the same local network, the host portion of the IP address is unique to each host.
Both the physical MAC and logical IP addresses are required for a computer to communicate on a hierarchical network, just like both the name and address of a person are required to send a letter.
Access And Distribution Layers And Device
IP traffic is managed based on the characteristics and devices associated with each of the three layers: Access, Distribution and Core. The IP address is used to determine if traffic should remain local or be moved up through the layers of the hierarchical network.
Access Layer
The Access Layer provides a connection point for end user devices to the network and allows multiple hosts to connect to other hosts through a network device, usually a hub or switch. Typically, all devices within a single Access Layer will have the same network portion of the IP address.
If a message is destined for a local host, based on the network portion of the IP address, the message remains local. If it is destined for a different network, it is passed up to the Distribution Layer. Hubs and switches provide the connection to the Distribution Layer devices, usually a router.
Distribution Layer
The Distribution Layer provides a connection point for separate networks and controls the flow of information between the networks. It typically contains more powerful switches than the Access Layer as well as routers for routing between networks. Distribution Layer devices control the type and amount of traffic that flows from the Access Layer to the Core Layer.
Core Layer
The Core Layer is a high-speed backbone layer with redundant (backup) connections. It is responsible for transporting large amounts of data between multiple end networks. Core Layer devices typically include very powerful, high-speed switches and routers. The main goal of the Core Layer is to transport data quickly. Hubs, switches, and routers are discussed in more detail in the next two sections.
Access layer
The Access Layer is the most basic level of the network. It is the part of the network in which people gain access to other hosts and to shared files and printers. The Access Layer is composed of host devices, as well as the first line of networking devices to which they are attached.
Networking devices enable us to connect many hosts with each other and also provide those hosts access to services offered over the network. Unlike the simple network consisting of two hosts connected by a single cable, in the Access Layer, each host is connected to a networking device. This type of connectivity is shown in the graphic.
Within an Ethernet network, each host is able to connect directly to an Access Layer networking device using a point-to-point cable. These cables are manufactured to meet specific Ethernet standards. Each cable is plugged into a host NIC and then into a port on the networking device. There are several types of networking devices that can be used to connect hosts at the Access Layer, including Ethernet hubs and switches.
Function Of HUB
A hub is one type of networking device that is installed at the Access Layer of an Ethernet network. Hubs contain multiple ports that are used to connect hosts to the network. Hubs are simple devices that do not have the necessary electronics to decode the messages sent between hosts on the network. Hubs cannot determine which host should get any particular message. A hub simply accepts electronic signals from one port and regenerates (or repeats) the same message out all of the other ports.
Remember that the NIC on a host accepts messages only addressed to the correct MAC address. Hosts ignore messages that are not addressed to them. Only the host specified in the destination address of the message processes the message and responds to the sender.
All of the ports on the Ethernet hub connect to the same channel to send and receive messages. Because all hosts must share the bandwidth available on that channel, a hub is referred to as a shared-bandwidth device.
Only one message can be sent through an Ethernet hub at a time. It is possible for two or more hosts connected to a hub to attempt to send a message at the same time. If this happens, the electronic signals that make up the messages collide with each other at the hub.
A collision causes the messages to become garbled and unreadable by the hosts. A hub does not decode the messages; therefore it does not detect that the message is garbled and repeats it out all the ports. The area of the network where a host can receive a garbled message resulting from a collision is known as a collision domain.
Inside a collision domain, when a host receives a garbled message, it detects that a collision has occurred. Each sending host waits a short amount of time and then attempts to send, or retransmit, the message again. As the number of hosts connected to the hub increases, so does the chance of collisions. More collisions cause more retransmissions. Excessive retransmissions can clog up the network and slow down network traffic. For this reason, it is necessary to limit the size of a collision domain.
Function Of Switches
An Ethernet switch is a device that is used at the Access Layer. Like a hub, a switch connects multiple hosts to the network. Unlike a hub, a switch can forward a message to a specific host. When a host sends a message to another host on the switch, the switch accepts and decodes the frames to read the physical (MAC) address portion of the message.
A table on the switch, called a MAC address table, contains a list of all of the active ports and the host MAC addresses that are attached to them. When a message is sent between hosts, the switch checks to see if the destination MAC address is in the table. If it is, the switch builds a temporary connection, called a circuit, between the source and destination ports. This new circuit provides a dedicated channel over which the two hosts can communicate. Other hosts attached to the switch do not share bandwidth on this channel and do not receive messages that are not addressed to them. A new circuit is built for every new conversation between hosts. These separate circuits allow many conversations to take place at the same time, without collisions occurring.
What happens when the switch receives a frame addressed to a new host that is not yet in the MAC address table? If the destination MAC address is not in the table, the switch does not have the necessary information to create an individual circuit. When the switch cannot determine where the destination host is located, it uses a process called flooding to forward the message out to all attached hosts. Each host compares the destination MAC address in the message to its own MAC address, but only the host with the correct destination address processes the message and responds to the sender.
How does the MAC address of a new host get into the MAC address table? A switch builds the MAC address table by examining the source MAC address of each frame that is sent between hosts. When a new host sends a message or responds to a flooded message, the switch immediately learns its MAC address and the port to which it is connected. The table is dynamically updated each time a new source MAC address is read by the switch. In this way, a switch quickly learns the MAC addresses of all attached hosts.
Sometimes, it is necessary to connect another networking device, like a hub, to a switch port. This is done to increase the number of hosts that can be connected to the network. When a hub is connected to a switch port, the switch associates the MAC addresses of all hosts connected to that hub with the single port on the switch. Occasionally, one host on the attached hub sends a message to another host attached to the same hub. In this case, the switch receives the frame and checks the table to see where the destination host is located. If both the source and destination hosts are located on the same port, the switch discards the message.
When a hub is connected to a switch port, collisions can occur on the hub. The hub forwards to all ports the damaged messages resulting from a collision. The switch receives the garbled message, but, unlike a hub, a switch does not forward the damaged messages caused by collisions. As a result, every switch port creates a separate collision domain. This is a good thing. The fewer hosts contained in a collision domain, the less likely it is that a collision will occur.
Broadcast Messaging
When hosts are connected using either a hub or a switch, a single local network is created. Within the local network it is often necessary for one host to be able to send messages to all the other hosts at the same time. This can be done using a message known as a broadcast. Broadcasts are useful when a host needs to find information without knowing exactly what other host can supply it or when a host wants to provide information to all other hosts in the same network in a timely manner.
A message can only contain one destination MAC address. So, how is it possible for a host to contact every other host on the local network without sending out a separate message to each individual MAC?
To solve this problem, broadcast messages are sent to a unique MAC address that is recognized by all hosts. The broadcast MAC address is actually a 48-bit address made up of all ones. Because of their length, MAC addresses are usually represented in hexadecimal notation. The broadcast MAC address in hexadecimal notation is FFFF.FFFF.FFFF. Each F in the hexadecimal notation represents four ones in the binary address.
When a host receives a message addressed to the broadcast address, it accepts and processes the message as though the message was addressed directly to it. When a host sends a broadcast message, hubs and switches forward the message to every connected host within the same local network. For this reason, a local network is also referred to as a broadcast domain.
If too many hosts are connected to the same broadcast domain, broadcast traffic can become excessive. The number of hosts and the amount of network traffic that can be supported on the local network is limited by the capabilities of the hubs and switches used to connect them. As the network grows and more hosts are added, network traffic, including broadcast traffic, increases. It is often necessary to divide one local network, or broadcast domain, into multiple networks to improve performance.
Mac And IP
On a local Ethernet network, a NIC only accepts a frame if the destination address is either the broadcast MAC address, or else corresponds to the MAC address of the NIC.
Most network applications, however, rely on the logical destination IP address to identify the location of the servers and clients.
What if a sending host only has the logical IP address of the destination host? How does the sending host determine what destination MAC address to place within the frame?
The sending host can use an IP protocol called address resolution protocol (ARP) to discover the MAC address of any host on the same local network.
Address Resolution Protocol
ARP uses a three step process to discover and store the MAC address of a host on the local network when only the IP address of the host is known.
1. The sending host creates and sends a frame addressed to a broadcast MAC address. Contained in the frame is a message with the IP address of the intended destination host.
2. Each host on the network receives the broadcast frame and compares the IP address inside the message with its configured IP address. The host with the matching IP address sends its MAC address back to the original sending host.
3. The sending host receives the message and stores the MAC address and IP address information in a table called an ARP table.
Once the sending host has the MAC address of the destination host in its ARP table, it can send frames directly to the destination without doing an ARP request.
Distribution Layer
As networks grow, it is often necessary to divide one local network into multiple Access Layer networks. There are many ways to divide networks based on different criteria, including:
Physical location
Logical function
Security requirements
Application requirements
The Distribution Layer connects these independent local networks and controls the traffic flowing between them. It is responsible for ensuring that traffic between hosts on the local network stays local. Only traffic that is destined for other networks is passed on. The Distribution Layer can also filter incoming and outgoing traffic for security and traffic management.
Networking devices that make up the Distribution Layer are designed to interconnect networks, not individual hosts. Individual hosts are connected to the network via Access Layer devices, such as hubs and switches. The Access Layer devices are connected to each other via the Distribution Layer device, such as routers.
Function Of Router
A router is a networking device that connects a local network to other local networks. At the Distribution Layer of the network, routers direct traffic and perform other functions critical to efficient network operation. Routers, like switches, are able to decode and read the messages that are sent to them. Unlike switches, which only decode (unencapsulate) the frame containing the MAC address information, routers decode the packet that is encapsulated within the frame.
The packet format contains the IP addresses of the destination and source hosts, as well as the message data being sent between them. The router reads the network portion of the destination IP address and uses it to find which one of the attached networks is the best way to forward the message to the destination.
Anytime the network portion of the IP addresses of the source and destination hosts do not match, a router must be used to forward the message. If a host located on network 1.1.1.0 needs to send a message to a host on network 5.5.5.0, the host will forward the message to the router. The router receives the message and unencapsulates it to read the destination IP address. It then determines where to forward the message. It re-encapsulates the packet back into a frame, and forwards the frame on to its destination.
How does the router determine what path to send the message to get to the destination network?
Each port, or interface, on a router connects to a different local network. Every router contains a table of all locally-connected networks and the interfaces that connect to them. These routing tables can also contain information about the routes, or paths, that the router uses to reach other remote networks that are not locally attached.
When a router receives a frame, it decodes the frame to get to the packet containing the destination IP address. It matches the address of the destination to all of the networks that are contained in the routing table. If the destination network address is in the table, the router encapsulates the packet in a new frame in order to send it out. It forwards the new frame out of the interface associated with the path, to the destination network. The process of forwarding the packets toward their destination network is called routing.
Router interfaces do not forward messages that are addressed to the broadcast MAC address. As a result, local network broadcasts are not sent across routers to other local networks.
Default Gateway
The method that a host uses to send messages to a destination on a remote network differs from the way a host sends messages on the same local network. When a host needs to send a message to another host located on the same network, it will forward the message directly. A host will use ARP to discover the MAC address of the destination host. It includes the destination IP address within the packet and encapsulates the packet into a frame containing the MAC address of the destination and forwards it out.
On the other hand, when a host needs to send a message to a remote network, it must use the router. The host includes the IP address of the destination host within the packet just like before. However, when it encapsulates the packet into a frame, it uses the MAC address of the router as the destination for the frame. In this way, the router will receive and accept the frame based on the MAC address.
How does the source host determine the MAC address of the router? A host is given the IP address of the router through the default gateway address configured in its TCP/IP settings. The default gateway address is the address of the router interface connected to the same local network as the source host. All hosts on the local network use the default gateway address to send messages to the router. Once the host knows the default gateway IP address, it can use ARP to determine the MAC address. The MAC address of the router is then placed in the frame, destined for another network.
It is important that the correct default gateway be configured on each host on the local network. If no default gateway is configured in the host TCP/IP settings, or if the wrong default gateway is specified, messages addressed to hosts on remote networks cannot be delivered.
Tables Maintained By Router
Routers move information between local and remote networks. To do this, routers must use both ARP and routing tables to store information. Routing tables are not concerned with the addresses of individual hosts. Routing tables contain the addresses of networks and the best path to reach those networks. Entries can be made to the routing table in two ways: dynamically updated by information received from other routers in the network, or manually entered by a network administrator. Routers use the routing tables to determine which interface to use to forward a message to its intended destination.
If the router cannot determine where to forward a message, it will drop it. Network administrators configure a routing table with a default route to keep a packet from being dropped because the path to the destination network is not in the routing table. A default route is the interface through which the router forwards a packet containing an unknown destination IP network address. This default route usually connects to another router that can forward the packet towards its final destination network.
A router forwards a frame to one of two places: a directly connected network containing the actual destination host, or to another router on the path to reach the destination host. When a router encapsulates the frame to forward it out of an Ethernet interface, it must include a destination MAC address.
This is the MAC address of the actual destination host, if the destination host is part of a network locally connected to the router. If the router must forward the packet to another router, it will use the MAC address of the connected router. Routers obtain these MAC addresses from ARP tables.
Each router interface is part of the local network to which it is attached and maintains its own ARP table for that network. The ARP tables contain the MAC addresses and IP addresses of all of the individual hosts on that network.
Local Area Network
The term Local Area Network (LAN) refers to a local network, or a group of interconnected local networks that are under the same administrative control. In the early days of networking, LANs were defined as small networks that existed in a single physical location. While LANs can be a single local network installed in a home or small office, the definition of LAN has evolved to include interconnected local networks consisting of many hundreds of hosts, installed in multiple buildings and locations.
The important thing to remember is that all of the local networks within a LAN are under one administrative control. Other common characteristics of LANs are that they typically use Ethernet or wireless protocols, and they support high data rates.
The term Intranet is often used to refer to a private LAN that belongs to an organization, and is designed to be accessible only by the organization’s members, employees, or others with authorization.
Adding Host To Local And Remote Host
Within a LAN, it is possible to place all hosts on a single local network or divide them up between multiple networks connected by a Distribution Layer. The answer depends on desired results. Placing all hosts on a single local network allows them to be seen by all other hosts. This is because there is one broadcast domain and hosts use ARP to find each other.
In a simple network design it may be beneficial to keep all hosts within a single local network. However, as networks grow in size, increased traffic will decrease network performance and speed. In this case, it may be beneficial to move some hosts onto a remote network.
Placing additional hosts on a remote network will decrease the impact of traffic demands. However, hosts on one network will not be able to communicate with hosts on the other without the use of routing. Routers increase the complexity of the network configuration and can introduce latency, or time delay, on packets sent from one local network to the other.
Plan And Document Ethernet Network
Most local networks are based on Ethernet technology. This technology is both fast and efficient when used in a properly designed and constructed network. The key to installing a good network is planning before the network is actually built.
A network plan starts with the gathering of information about how the network will be used. This information includes:
The number and type of hosts to be connected to network
The applications to be used
Sharing and Internet connectivity requirements
Security and privacy considerations
Reliability and uptime expectations
Connectivity requirements including, wired and wireless
There are many considerations that must be taken into account when planning for a network installation. The logical and physical topology maps of the network need to be designed and documented before the networking equipment is purchased and the hosts are connected. Some things to consider include:
Physical environment where the network will be installed:
Temperature control: all devices have specific ranges of temperature and humidity requirements for proper operation
Availability and placement of power outlets
Physical configuration of the network:
Physical location of devices such as routers, switches, and hosts
How all devices are interconnected
Location and length of all cable runs
Hardware configuration of end devices such as hosts and servers
Logical configuration of the network:
Location and size of broadcast and collision domains
IP addressing scheme
Naming scheme
Sharing configuration
Permissions
Prototypes
Once the network requirements are documented, and the physical and logical topology maps created, the next step in the implementation process is to test the network design. One of the ways to test a network design is to create a working model, or prototype, of the network.
Prototyping is essential as networks grow in size and complexity. A prototype allows a network administrator to test whether or not the planned network will operate as expected, before money is spent on equipment and installation. Documentation should be maintained on all aspects of the prototyping process.
Various tools and techniques are available for network prototyping; this includes real equipment set up in a lab environment, modeling and simulation tools. Packet Tracer is one example of a simulation and modeling tool that can be used for prototyping.
Multi Function Device
Most home and small business networks do not require high-volume devices used in large business environments; smaller scale devices may well be suitable. However, the same functionality of routing and switching is required. This need has led to the development of products that have the functionality of multiple network devices, such as a router with switching functionality and a wireless access point. For the purpose of this course, multi-function devices will be referred to as integrated routers. Integrated routers can range from small devices designed for home office and small business applications to more powerful devices that can support enterprise branch offices.
An integrated router is like having several different devices connected together. For example, the connection between the switch and the router still occurs, but it occurs internally. When a broadcast is received on a switch port, the integrated router forwards the broadcast to all ports including the internal router connection. The router portion of the integrated router stops the broadcasts from going any further.
There are low-cost multi-function devices available for home and small business networks that offer integrated routing, switching, wireless and security capabilities. An example of this type of integrated router is a Linksys wireless router. They are simple in design and do not typically have separate components. In the event of a failure, it is not possible to replace any single failed component. As such, they create a single point of failure, and are not optimized for any one function.
Another example of an integrated router is the Cisco integrated services router or ISR. The Cisco ISR product family offers a wide range of products, including those designed for small office and home office environments as well as those designed for larger networks. Many of the ISRs offer modularity and have separate components for each function, such as a switch component and a router component. This enables individual components to be added, replaced and upgraded as necessary.
Connecting The Linksys Router
All devices connected to the switch ports should be in the same broadcast domain. This means that all devices must have an IP address from the same network. Any device that has a different network portion within the IP address will not be able to communicate.
Additionally, Microsoft Windows makes use of computer names to identify other devices on the network. It is important to use these names as well as all IP address information in the planning and documentation to assist in future troubleshooting.
To display the current IP configuration in Microsoft Windows, use the command ipconfig. More detailed information, including host name, is available with the ipconfig /all. Document all information from the connection and configuration process.
Once hosts are communicating across the network, it is important to document network performance. This is known as determining the baseline for the network, and is used as an indication of normal operations. When comparing future network performance with the baseline, it can indicate if possible issues exist.
Sharing resources
One of the most common purposes of networking is to share resources such as files and printers. Windows XP enables remote users to access a local machine and its resources through Sharing. It is important to consider security issues, and to assign specific permissions to shared resources.
By default, Windows XP uses a process known as Simple File Sharing. With Simple File Sharing, specific users and groups cannot be prevented from accessing shared files.
Simple File Sharing can be disabled so that more specific security access levels can be assigned. When this is done, the following permissions are available to assign to resources:
Full Control
Modify
Read & Execute
List Folder Contents
Read
Write
When a user accesses a file on a remote device, Windows Explorer allows the user to map a drive to a remote folder or resource. This maps a specific drive letter, for example M:, to the remote resource. This enables the user to treat the resource as though it was locally connected.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Four (smt1)
September 15, 2008Explain What The Internet Is
Every day millions of people exchange information through the Internet – but what exactly is the Internet? The Internet is a worldwide collection of computer networks, cooperating with each other to exchange information using common standards. Through telephone wires, fiber optic cables, wireless transmissions and satellite links, Internet users can exchange information in a variety of forms.
The Internet is a network of networks that connects users in every country in the world. There are currently over one billion Internet users worldwide.
Up to now the networks we have discussed have been controlled by one individual or organization. The Internet is a conglomerate of networks and is owned by no one individual or group. There are, however, several major International organizations that help manage the Internet so that everyone uses the same rules.
Internet Service Provider (ISPs)
Any home, business or organization that wants to connect to the Internet must use an Internet Service Provider (ISP). An ISP is a company that provides the connections and support to access the Internet. It can also provide additional services such as Email and web hosting.
ISPs are essential to gaining access to the Internet. No one gets on the Internet without a host computer, and no one gets on the Internet without going through an ISP.
ISPs range in size from small to very large and differ in terms of the area they service. ISPs may provide limited services to a small geographical area or can have a wide variety of services and support entire countries with millions of customers. ISPs also differ in the types of connection technologies and speeds they offer. Examples of well known ISPs include AOL, EarthLink, and Roadrunner.
Do you have Internet access? Who is your ISP?
The ISP Relationship With Internet
Individual computers and local networks connect to the ISP at a Point of Presence (POP). A POP is the connection point between the ISP’s network and the particular geographical region that the POP is servicing.
An ISP may have many POPs depending on its size and the area it services. Within an ISP, a network of high-speed routers and switches move data between the various POPs. Multiple links interconnect the POPs to provide alternate routes for the data should one link fail or become overloaded with traffic and congested.
ISPs connect to other ISPs in order to send information beyond the boundaries of their own network. The Internet is made up of very high-speed data links that interconnect ISP POPs and ISPs to each other. These interconnections are part of the very large, high capacity network known as the Internet Backbone.
Connecting to the ISP at the POP provides users with access to the ISP’s services and the Internet.
Option For Connecting To The ISPs
ISPs provide a variety of ways to connect to the Internet, depending on location and desired connection speed.
In a major city there are typically more choices for ISPs and more connection options than in a rural area. For example, cable Internet access is only available in certain metropolitan areas where cable TV service is available. Remote areas may only have access via dial-up or satellite.
Each Internet access technology uses a network access device, such as a modem, in order to connect to the ISP. It may be built in to your computer or may be provided by the ISP.
The simplest arrangement is a modem that provides a direct connection between a computer and the ISP. However, if multiple computers connect through a single ISP connection, you will need additional networking devices. This includes a switch to connect multiple hosts on a local network, and a router to move packets from your local network to the ISP network. A home networking device, such as an integrated router, can provide these functions, as well as wireless capability, in a single package.
The choice of Internet access technologies depends on availability, cost, access device used, media used and the speed of the connection.
Most of the technologies shown are used for both home and small business. Leased lines are typically used for business and large organizations, but can be used to provide high speed connectivity in areas where cable or DSL are not available.
ISP Level Of Service
Depending on the ISP and the connection technology, various services are available such as virus scanning, video on demand, and file storage. The contract with the ISP determines the type and level of services that are available. Most ISPs offer two different contract levels: home service or business class service.
Home service is normally less expensive than business services, and generally provides scaled-down services such as slower connection speed, reduced web space storage, and fewer email accounts. A typical home account may include a minimum of five email addresses with additional addresses being available for a fee.
Business class service is more expensive but provides faster connection speeds and additional web space and email accounts. A business class service may include twenty, fifty or more email addresses. Business service also includes agreements between the ISP and the customer specifying items such as network availability and service response time. These are known as Service Level Agreements (SLAs).
When data is transferred, it is either uploaded or downloaded. Downloading refers to information coming from the Internet to your computer, while uploading indicates the reverse path, from your computer to the Internet. When the download transfer rate is different from the upload transfer rate, it is called asymmetric. When the transfer rate is the same in both directions, it is called symmetric. ISPs can offer both asymmetric and symmetric services.
Asymmetric:
Most commonly used for the home.
Download speeds are faster than upload speeds.
Necessary for users that download significantly more than upload.
Most Internet users, especially those who use graphics or multimedia intensive web data, need lots of download bandwidth.
Symmetric:
Most commonly used for business or individuals hosting servers on the Internet.
Used when necessary to upload large amounts of traffic such as intensive graphics, multimedia, or video.
It can carry large amounts of data in both directions at equal rates.
Importance Of The Internet Protocol (IP)
For hosts to communicate on the Internet, they must be running Internet Protocol (IP) software. The IP protocol is one of a group of protocols that are collectively referred to as TCP/IP (Transmission Control Protocol / Internet Protocol). The Internet Protocol (IP) uses packets to carry data. Whether you are playing an Internet video game, chatting with a friend, sending email or searching the Web, the information you are sending or receiving is carried in the form of IP packets.
Each IP packet must contain a valid source and destination IP address. Without valid address information, packets sent will not reach the destination host. Return packets will not make it back to the original source.
IP defines the structure of the source and destination IP addresses. It specifies how these addresses are used in routing of packets from one host or network to another.
All protocols that operate on the Internet, including IP, are defined in numbered standards documents called RFCs (Request for Comments).
An IP packet has a header at the beginning which contains the source and destination IP addresses. It also contains control information that describes the packet to network devices, such as routers, it passes through and also helps to control its behavior on the network. The IP packet is sometimes referred to as a datagram.
IP addresses must be unique on the Internet. There are organizations responsible for controlling the distribution of IP addresses so that there is no duplication. ISPs obtain blocks of IP addresses from a local, national or regional Internet registry (RIR). It is the responsibly of the ISPs to manage these addresses and assign them to end users.
Computers in homes, small businesses and other organizations obtain their IP configuration from their ISP. Typically, this configuration is obtained automatically when the user connects to the ISP for Internet access.
How ISPs Handle Packet
Before being sent on the Internet, messages are divided into packets. IP packet size is between 64 to 1500 bytes for Ethernet networks, and contains mostly user data. Downloading a single 1 MB song would require over 600 packets of 1500 bytes. Each individual packet must have a source and destination IP address.
When a packet is sent across the Internet, the ISP determines whether the packet is destined for a local service located on the ISP network, or a remote service located on a different network.
Every ISP has a control facility for their network, known as the Network Operations Center (NOC). The NOC usually controls traffic flow and houses services such as email and web hosting. The NOC may be located at one of the POPs or at a completely separate facility within the ISP network. Packets looking for local services are usually forwarded to the NOC and never leave the ISP network.
Routers in each of the ISP POPs use the destination address of the IP packets to choose the best path through the Internet. The packets you send to the ISP POP are forwarded by routers through the ISP’s network and then through the networks of other ISPs. They pass from router to router until they reach their final destination.
Forwarding Packet Across The Internet
There are network utilities that test connectivity to the destination device. The ping utility tests end-to-end connectivity between source and destination. It measures the time that it takes test packets to make a round trip from the source to the destination and whether the transmission is successful. However, if the packet does not reach the destination, or if delays are encountered along the way, there is no way to determine where the problem is located.
How is it possible to determine which routers the packets have passed through and detect the problem areas in the path?
The traceroute utility traces the route from source to destination. Each router through which the packets travel is referred to as a hop. Traceroute displays each hop along the way and the time it takes for each one. If a problem occurs, the display of the time and the route that the packet traveled can help to determine where the packet was lost or delayed. The traceroute utility is called tracert in the Windows environment.
There are also a number of visual traceroute programs that can provide a graphical display of the route that a packet takes.
Internet Cloud
When packets travel across the Internet, they pass through many network devices.
The Internet can be thought of as a network of routers, interconnected with one another. Very often, there are alternate routes between routers, and packets may take different paths between source and destination.
Should there be a problem with traffic flow at any point in the network; packets automatically take an alternate route.
A diagram that shows all network devices and their interconnections would be very complex. Additionally, the final routing path between source and destination is not usually important, only that the source is able to communicate with the destination. Therefore, in network diagrams a cloud is often used to represent the Internet or any other complex network, without showing the details of the connections. The cloud allows for simple diagrams that focus on source and destination only, even though there may be many devices linked in-between.
Devices In Internet Cloud
Routers are not the only devices found in the Internet cloud nor are they the only devices found at an ISP. The ISP must be able to accept and deliver information to the end-user as well as participate in the Internet.
Devices that provide connectivity to end-users must match the technology used by the end-user to connect to the ISP. For example, if the end-user is using DSL technology to connect, the ISP must have a DSL Access Multiplexer (DSLAM) to accept these connections. For cable modems to connect, the ISP must have a Cable Modem Termination System (CMTS). Some ISPs still accept analog calls through modems and have banks of modems to support these users. ISPs that provide wireless access have wireless bridging equipment.
The ISP must also be able to connect with and transfer data with other ISPs. A variety of technologies are used to accomplish this, each requiring specialized equipment and configurations in order to function.
The type of equipment found in an ISP equipment room depends on the technology of the networks in which it is participating. Routers and switches make up most of this equipment. But these devices are very different than the ones found in the home or small business environment.
Networking devices used by the ISP handle extremely large volumes of traffic very quickly. They must function at near 100% uptime since the failure of a key piece of equipment at an ISP can have disastrous effects on network traffic. For this reason, most of the equipment used by ISPs are high-end, high-speed devices with redundancy.
In contrast, network devices used in the home or small business environment are lower-end, lower-speed devices that are not capable of handling large volumes of traffic. Integrated routers can perform several functions, including: Wireless LAN access point, switching, routing, firewalls and various address functions. An integrated router may support some or all of these functions.
Physical And Environmental Requirement
The network installation located at an ISP versus a home/small business are very different.
The home or small business network provides a limited number of services for relatively few users. Internet connectivity is purchased from an ISP. The volume of traffic is small, and no transport services are provided.
The ISP provides transport and other services to a large number of users. A number of different devices are required to accept input from end users. To participate in a transport network, they must be able to connect to other ISPs. They handle large volumes of traffic and require very reliable equipment in order to handle the load.
Even though these two networks appear very different, they both require an environment where the equipment can function reliably and without interruption. The requirements are the same, but the scale of operation is different: at home, a single power outlet will suffice, whereas at an ISP the power requirements need to be planned out ahead of time and installed.
One major difference between an ISP and a home/small business network is the inclusion of servers. Most home users do not run servers and small businesses usually may have a few. They rely on the services offered by the ISP for such things as email, address assignment and web space. An ISP must consider the physical requirements of not only the networking equipment, but also the servers it houses.
One of the main considerations for electronic equipment is a reliable supply of stable power. Unfortunately the supply of power is not always reliable, and this can lead to problems for network devices. ISPs install power conditioning equipment with substantial battery backup to maintain continuity of supply should the main power grid fail. For the home/small business, inexpensive uninterruptible power supplies (UPS) and battery backup units are usually sufficient for the relatively small amount of equipment they use.
Environmental factors, such as heat and humidity, must also be considered when planning a network installation. However, because of the volume of equipment and the amount of power consumed in an ISP, high-end air conditioning units are necessary to maintain controlled temperatures. For the home/small business, ordinary air conditioning, heating, and humidity controls are usually sufficient.
Cable management is another area of concern for both the home/small business network and the ISP. Cables must be protected from physical damage and organized in a manner that will aid in the troubleshooting process. In small networks, there are only a few cables, but in ISP networks, thousands of cables must be managed. This can include not only copper data cables but also fiber optic and power cables.
All of these factors, namely power supply, environment and cable management, must be considered when setting up a network of any size. There is a big variation between size and therefore requirements for an ISP and a home network. Most networks fall somewhere between these two extremes.
Common Network Cables
In order for communication to occur a source, destination, and some sort of channel must be present. A channel, or medium, provides a path over which the information is sent. In the networked world, the medium is usually some sort of physical cable. It may also be electromagnetic radiation, in the case of wireless networking. The connection between the source and destination may either be direct or indirect, and may span multiple media types.
Many different types of cables exist to interconnect the various devices in a NOC or local network.
There are two kinds of physical cable. Metal cables, usually copper, have electrical impulses applied to them to convey information. Fiber optic cables, made of glass or plastic, use flashes of light to convey information.
Twisted Pair
Modern Ethernet technology generally uses a type of copper cable known as twisted pair (TP) to interconnect devices. Because Ethernet is the foundation for most local networks, TP is the most commonly encountered type of network cabling.
Coaxial Cable
Coaxial cable is usually constructed of either copper or aluminum, and is used by cable television companies to provide service. It is also used for connecting the various components which make up satellite communication systems.
Fiber Optic
Fiber optic cables are made of glass or plastic. They have a very high bandwidth, which enables them to carry very large amounts of data. Fiber is used in backbone networks, large enterprise environments and large data centers. It is also used extensively by telephone companies.
Twisted Pair Cables
Twisted pair cables consist of one or more pairs of insulated copper wires that are twisted together and housed in a protective jacket. Like all copper cables, twisted pair uses pulses of electricity to transmit data.
Data transmission is sensitive to interference or noise, which can reduce the data rate that a cable can provide. A twisted pair cable is susceptible to electromagnetic interference (EMI), a type of noise.
A source of interference, known as crosstalk, occurs when cables are bundled together for long lengths. The signal from one cable can leak out and enter adjacent cables.
When data transmission is corrupted due to interference such as crosstalk, the data must be retransmitted. This can degrade the data carrying capacity of the medium.
In twisted pair cabling, the number of twists per unit length affects the amount of resistance that the cable has to interference. Twisted pair cable suitable for carrying telephone traffic, referred to as CAT3, has 3-4 turns per foot making it less resistant. Cable suitable for data transmission, known as CAT5, has 3-4 turns per inch, making it more resistant to interference.
There are three types of twisted pair cable: unshielded twisted pair, shielded twisted pair, and screened twisted pair.
Unshielded twisted pair (UTP) is the most commonly encountered type of network cable in North America and many other areas. Shielded cables (ScTP and F-UTP) are used almost exclusively in European countries.
UTP cable is inexpensive, offers a high bandwidth, and is easy to install. This type of cable is used to connect workstations, hosts and network devices. It can come with many different numbers of pairs inside the jacket, but the most common number of pairs is four. Each pair is identified by a specific color code.
Many different categories of UTP cables have been developed over time. Each category of cable was developed to support a specific technology and most are no longer encountered in homes or offices. The cable types which are still commonly found include Categories 3, 5, 5e and 6. There are electrical environments in which EMI and RFI are so strong that shielding is a requirement to make communication possible, such as in a noisy factory. In this instance, it may be necessary to use a cable that contains shielding, such as Shielded twisted-pair (STP) and Screened twisted-pair (ScTP). Unfortunately both STP and ScTP are very expensive, not as flexible, and have additional requirements due to the shielding that make them difficult to work with.
All Categories of data grade UTP cable are traditionally terminated into an RJ-45 connector.
Coaxial Cable
Like twisted pair, coaxial cable (or coax) also carries data in the form of electrical signals. It provides improved shielding compared to UTP, so has a lower signal-to-noise ratio and can therefore carry more data. It is often used to connect a TV set to the signal source, be it a cable TV outlet, satellite TV, or conventional antenna. It is also used at NOCs to connect to the cable modem termination system (CMTS) and to connect to some high-speed interfaces.
Although coax has improved data carrying characteristics, most local area networking uses twisted pair because coax is physically harder to install and is more expensive.
Fiber Optic Cables
Unlike TP and coax, fiber optic cables transmit data using pulses of light. Although not normally found in home or small business environments, fiber optic cabling is widely used in enterprise environments and large data centers.
Fiber optic cable is constructed of either glass or plastic, neither of which conducts electricity. This means that it is immune to EMI and is suitable for installation in environments where interference is a problem.
In addition to its resistance to EMI, fiber optic cables support a large amount of bandwidth making them ideally suited for high-speed data backbones. Fiber optic backbones are found in many corporations and are also used to connect ISPs on the Internet.
Each fiber optic circuit is actually two fiber cables. One is used to transmit data; the other is used to receive data.
There are two forms of fiber optic cable: multimode and single mode.
Multimode
Of the two forms of fiber optic, multimode is the less expensive and more widely used. The light source that produces the pulses of light is usually an LED. It is referred to as multimode because there are multiple rays of light, each carrying data, being transmitted through the cable simultaneously. Each ray of light takes a separate path through the multimode core. Multimode fiber optical cables are generally suitable for links of up to 2000 meters. However, improvements in technology are continually improving this distance.
Single Mode
Single mode fiber optic cables are constructed in such a way that light can follow only a single path through the fiber. The light source for single mode fiber optic cables is usually a LED laser, which is significantly more expensive and intense than ordinary LEDs. Due to the intensity of the LED laser, much higher data rates and longer ranges can be obtained. Single mode fibers can transmit data for approximately 3000 meters and is used for backbone cabling including the interconnection of various NOCs. Again, improvements in technology are continually improving this distance.
Cabling Standard
Cabling is an integral part of building any network. When installing cabling, it is important to follow cabling standards, which have been developed to ensure data networks operate to agreed levels of performance.
Cabling standards are a set of specifications for the installation and testing of cables. Standards specify types of cables to use in specific environments, conductor materials, pinouts, wire sizes, shielding, cable lengths, connector types and performance limits.
There are many different organizations involved in the creation of cabling standards. While some of these organizations have only local jurisdiction many offer standards that are adopted around the world.
Some of the organizations and the areas that they manage are seen in the graphic.
UTP Cables
Twisted pair cable is most commonly used in network installations. The TIA/EIA organization defines two different patterns, or wiring scheme, called T568A and T568B. Each wiring scheme defines the pinout, or order of wire connections, on the end of the cable.
The two schemes are similar except two of the four pairs are reversed in the termination order. The graphic shows this color-coding and how the two pairs are reversed.
On a network installation, one of the two wiring schemes (T568A or T568B) should be chosen and followed. It is important that the same wiring scheme is used for every termination in that project. If working on an existing network, use the wiring scheme already employed.
Using the T568A and T568B wiring standards, two types of cables can be created: a straight-through cable and a crossover cable. These two types of cable are found in data installations.
Straight-through Cables
A Straight-through cable is the most common cable type. It maps a wire to the same pins on both ends of the cable. In other words, if T568A is on one end of the cable, T568A is also on the other. If T568B is on one end of the cable, T568B is on the other. This means that the order of connections (the pinout) for each color is the exact same on both ends.
It is the type of straight-through cable (T568A or T568B) used on the network that defines the wiring scheme for the network.
Crossover Cable
A crossover cable uses both wiring schemes. T568A on one end of the cable and T568B on the other end of the same cable. This means that the order of connection on one end of the cable does not match the order of connections on the other.
The straight-through and crossover cables each have a specific use on the network. The type of cable needed to connect two devices depends on which wire pairs the devices use to transmit and receive data.
Specific pins on the connector are associated with a transmit function and a receive function. The transmit pin versus the receive pin is determined based on the device.
Two devices directly connected and using different pins for transmit and receive are known as unlike devices. They require a straight-through cable to exchange data. Devices that are directly connected and use the same pins for transmit and receive, are known as like devices. They require the use of a crossover cable to exchange data.
Unlike Devices
The pins on the RJ-45 data connector of a PC have pins 1 and 2 as transmit and pins 3 and 6 as receive. The pins on the data connector of a switch have pins 1 and 2 as receive and pins 3 and 6 as transmit. The pins used for transmit on the PC correspond to those used for receive on the switch. Therefore, a straight-through cable is necessary.
The wire connected to pin 1 (transmit pin) on the PC on one end of the cable, is connected to pin 1 (receive pin) on the switch on the other end of the cable.
Other examples of unlike devices that require a straight-through cable include:
Switch port to router port
Hub port to PC
Like Devices
If a PC is directly connected to another PC, pins 1 and 2 on both devices are transmit pins and pins 3 and 6 are receive pins.
A crossover cable would ensure that the green wire connected to pins 1 and 2 (transmit pins) on one PC connect to pins 3 and 6 (receive pins) on the other PC.
If a straight-through cable were used, the wire connected to pin 1, the transmit pin, on PC1 would be connected to pin 1, the transmit pin, on PC2. It is not possible to receive data on a transmit pin.
Other examples of like devices that require a crossover cable include:
Switch port to switch port
Switch port to hub port
Hub port to hub port
Router port to router port
PC to router port
PC to PC
If the incorrect cable type is used, the connection between network devices will not function.
Some devices can automatically sense which pins are used for transmit and receive and will adjust their internal connections accordingly.
UTP Cable Termination
UTP and STP cable is usually terminated into an RJ-45 connector.
The RJ-45 connector is considered a male component, which is crimped to the end of the cable. When a male connector is viewed from the front with the metal contacts facing up, the pin locations are numbered from 8 on the left to 1 on the right.
The jack is considered the female component and is located in networking devices, wall outlets, or patch panels. The RJ-45 connector on the wire plugs into the jack.
Cables can be purchased that are pre-terminated with RJ-45 connectors. They can also be manually terminated, onsite, using a crimping tool. When manually terminating UTP cable into an RJ-45 connector, untwist only a small amount of wire to minimize crosstalk. Also be sure that the wires are pushed all the way into the end of the connector and that the RJ45 connector is crimped onto the wire jacket. This ensures good electrical contact and provides strength to the wire connection.
Terminating UTP At Patch Panel And Wall Jack
In a NOC, network devices are usually connected to patch panels. Patch panels act like switchboards that connect workstations cables to other devices. The use of patch panels enables the physical cabling of the network to be quickly rearranged as equipment is added or replaced. These patch panels use RJ-45 jacks for quick connection on the front, but require the cables to be punched down on the reverse side of the RJ-45 jack.
Patch panels are no longer confined to enterprise network installations. They can be found in many small businesses and even homes where they provide a central connection point for data, telephone and even audio systems.
The RJ-45 jack has eight conductors, and is wired according to either T568A or T568B. At the patch panel a device known as a punchdown tool is required to push the wires into the connector. The wires should be matched up to the appropriate insulation displacement connector (IDC) by color before punching them down. The punchdown tool also cuts off any excess wire.
A punchdown tool is not required to terminate most wall jacks. To terminate these connectors the cables are untwisted and placed into the appropriate IDC. Placing the cap on the jack pushes the cables into the IDC and cuts through the insulation on the wires. Most of these connectors then require the installer to manually trim away excess cable.
In all cases, untwisting more cable than is necessary will increase the amount of crosstalk and degrade overall network performance.
Cable Testing
When a new or repaired cable run is terminated, it is important to verify that the cable operates correctly and meets connectivity standards. This can be done through a series of tests.
The first test is a visual inspection, which verifies that all wires are connected according to T568A or B.
In addition to visual examination, check the cable electrically in order to determine problems or flaws in a network cabling installation. The following are tools that can be used for cable diagnostics:
Cable testers
Cable certifiers
Multimeters
The cable tester is used to perform initial diagnostics. The first test usually is called a continuity test and it verifies that there is end-to-end connectivity. It can also detect common cabling faults such as opens and shorts.
An open circuit occurs when the wire is not properly pushed into the connector and there is no electrical contact. An open can also occur if there is a break in the wire.
A short occurs when the copper conductors touch each other. As the electric pulse travels down the wire, it will cross onto the touching wire. This creates an unintended path in the flow of the signal to its destination.
A cable tester can also create wire maps that will verify that the cable is terminated correctly. A wire map shows which wire pairs connect to which pins on the plugs and sockets. The wire map test verifies that all eight wires are connected to the correct pins and indicates if cabling faults are present such as split pairs or reversals.
If any of these faults are detected, the easiest way to correct them is to reterminate the cable.
Specialized cable testers provide additional information, such as the level of attenuation and crosstalk.
Attenuation
Attenuation, also commonly referred to as insertion loss, is a general term that refers to the reduction in the strength of a signal. Attenuation is a natural consequence of signal transmission over any medium. Attenuation limits the length of network cabling over which a message can be sent. A cable tester measures attenuation by injecting a signal in one end and then measuring its strength at the other end.
Crosstalk
Crosstalk is the leakage of signals between pairs. If this is measured near the transmitting end it is termed near-end crosstalk (NEXT). If measured at the receiving end of the cable it is termed far-end crosstalk (FEXT). Both forms of crosstalk degrade network performance and are often caused by untwisting too much cable when terminating. If high crosstalk values are detected, the best thing to do is check the cable terminations and re-terminate as necessary.
Cabling Best Practise
The following steps, called best practices, ensure that cable termination is successful.
1. It is important that the type of cables and components used on a network adhere to the standards required for that network. Modern converged networks carry voice, video and data traffic on the same wires; therefore the cables used on converged networks must be able to support all these applications.
2. Cable standards specify maximum lengths for different types of cables. Always adhere to the length restrictions for the type of cable being installed.
3. UTP, like all copper cable, is susceptible to EMI. It is important to install cable away from sources of interference such as high-voltage cables and fluorescent lighting. Televisions, computer monitors and microwaves are other possible sources of interference. In some environments it may be necessary to install data cables in conduit to protect them from EMI and RFI.
4. Improper termination and the use of low quality cables and connectors can degrade the signal carrying capacity of the cable. Always follow the rules for cable termination and test to verify that the termination has been done properly.
5. Test all cable installations to ensure proper connectivity and operation.
6. Label all cables as they are installed, and record the location of cables in network documentation.
Structured cabling is a method for creating an organized cabling system that can be easily understood by installers, network administrators, and any other technicians who deal with cables. One component of structured cabling is cable management.
Cable management serves multiple purposes. First, it presents a neat and organized system which aids in the isolation of cabling problems. Second, by following cable management best practices, the cables are protected from physical damage which greatly reduces the number of problems experienced.
Cables should be considered a long term investment. What may be sufficient now may not be in the near future. Always plan for the future by complying with all current standards. Remember that standards help to ensure that the cables will be able to deliver acceptable performance as the technology evolves.
It is important to observe cabling best practices in all environments. Strict adherence to these practices, in home and business environments, helps reduce the number of potential problems. It will save a great amount of time, money and frustration.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Five (smt1)
September 15, 2008Purpose Of The IP Address
A host needs an IP address to participate on the Internet. The IP address is a logical network address that identifies a particular host. It must be properly configured and unique in order to communicate with other devices on the Internet.
An IP address is assigned to the Network interface connection for a host. This connection is usually a network interface card (NIC) installed in the device. Examples of end-user devices with network interfaces include workstations, servers, network printers and IP phones. Some servers can have more than one NIC and each of these has its own IP address. Router interfaces that provide connections to an IP network will also have an IP address.
Every packet sent across the Internet has a source and destination IP address. This information is required by networking devices to insure the information gets to the destination and any replies are returned to the source.
IP Address Sctructure
An IP address is simply a series of 32 binary bits (ones and zeros). It is very difficult for humans to read a binary IP address. For this reason, the 32 bits are grouped into four 8-bit bytes called octets. An IP address in this format is hard for humans to read, write and remember. To make the IP address easier to understand, each octet is presented as its decimal value, separated by a decimal point or period. This is referred to as dotted-decimal notation.
When a host is configured with an IP address, it is entered as a dotted decimal number such as 192.168.1.5. Imagine if you had to enter the 32-bit binary equivalent of this- 11000000101010000000000100000101. If just one bit was mistyped, the address would be different and the host may not be able to communicate on the network.
The 32-bit IP address is defined with IP version 4 (IPv4) and is currently the most common form of IP address on the Internet. There are over 4 billion possible IP addresses using a 32-bit addressing scheme.
When a host receives an IP address, it looks at all 32 bits as they are received by the NIC. Humans, on the other hand, need to convert those 32 bits into their four octet decimal equivalent. Each octet is made up of 8 bits and each bit has a value. The four groups of 8 bits have the same set of values. The rightmost bit in an octet has a value of 1 and the values of the remaining bits, from right to left, are 2, 4, 8, 16, 32, 64 and 128.
Determine the value of the octet by adding the values of positions wherever there is a binary 1 present.
If there is a 0 in a position, do not add the value.
If all 8 bits are 0s. 00000000 the value of the octet is 0.
If all 8 bits are 1s, 11111111 the value of the octet is 255 (128+64+32+16+8+4+2+1)
If the 8 bits are mixed, such as the example 00100111, the value of the octet is 39 (32+4+2+1)
So the value of each of the four octets can range from 0 to a maximum of 255.
Parts Of An IP Address
The logical 32-bit IP address is hierarchical and is made up of two parts. The first part identifies the network and the second part identifies a host on that network. Both parts are required in an IP address.
As an example, if a host has IP address 192.168.18.57 the first three octets, (192.168.18), identify the network portion of the address, and the last octet, (57) identifies the host. This is known as hierarchical addressing because the network portion indicates the network on which each unique host address is located. Routers only need to know how to reach each network, rather than needing to know the location of each individual host.
Another example of a hierarchical network is the telephone system. With a telephone number, the country code, area code and exchange represent the network address and the remaining digits represent a local phone number.
How IP Address And Subnet Mask Interact
There are two parts to every IP address. How do hosts know which portion is the network and which is the host? This is the job of the subnet mask.
When an IP host is configured, a subnet mask is assigned along with an IP address. Like the IP address, the subnet mask is 32 bits long. The subnet mask signifies which part of the IP address is network and which part is host.
The subnet mask is compared to the IP address from left to right, bit for bit. The 1s in the subnet mask represent the network portion; the 0s represent the host portion. In the example shown, the first three octets are network, and the last octet represents the host.
When a host sends a packet, it compares its subnet mask to its own IP address and the destination IP address. If the network bits match, both the source and destination host are on the same network and the packet can be delivered locally. If they do not match, the sending host forwards the packet to the local router interface to be sent on to the other network.
The subnet masks we see most often with home and small business networking are: 255.0.0.0 (8-bits), 255.255.0.0 (16 bits) and 255.255.255.0 (24 bits). A subnet mask of 255.255.255.0 (decimal) or 11111111.11111111.1111111.00000000 (binary) uses 24 bits to identify the network number which leaves 8 bits to number the hosts on that network.
To calculate the number of hosts that can be on that network, take the number 2 to the power of the number of host bits (2 ^ 8 = 256). From this number, we must subtract 2 (256-2). The reason we subtract 2 is because all 1s within the host portion of an IP address is a broadcast address for that network and cannot be assigned to a specific host. All 0s within the host portion indicates the network ID and again, cannot be assigned to a specific host. Powers of 2 can be calculated easily with the calculator that comes with any Windows operating system.
Another way to determine the number of hosts available is to add up the values of the available host bits (128+64+32+16+8+4+2+1 = 255). From this number, subtract 1 (255-1 = 254), because the host bits cannot be all 1s. It is not necessary to subtract 2 because the value of all 0s is 0 and is not included in the addition.
With a 16-bit mask, there are 16 bits (two octets) for host addresses and a host address could have all 1s (255) in one of the octets. This might appear to be a broadcast but as long as the other octet is not all 1s, it is a valid host address. Remember that the host looks at all host bits together, not at octet values.
IP Address Classes And Default Subnet mask
The IP address and subnet mask work together to determine which portion of the IP address represents the network address and which portion represents the host address.
IP addresses are grouped into 5 classes. Classes A, B and C are commercial addresses and are assigned to hosts. Class D is reserved for multicast use and Class E is for experimental use.
Class C addresses have three octets for the network portion and one for the hosts. The default subnet mask is 24 bits (255.255.255.0). Class C addresses are usually assigned to small networks.
Class B addresses have two octets to represent the network portion and two for the hosts. The default subnet mask is 16 bits (255.255.0.0). These addresses are typically used for medium-sized networks.
Class A addresses have only one octet to represent the network portion and three to represent the hosts. The default subnet mask is 8 bits (255.0.0.0). These addresses are typically assigned to large organizations.
The class of an address can be determined by the value of the first octet. For instance, if the first octet of an IP address has a value in the range 192-223, it is classified as a Class C address. As an example, 200.14.193.67 is a Class C address.
Public And Private IP Address
All hosts that connect directly to the Internet require a unique public IP address. Because of the finite number of 32-bit addresses available, there is a risk of running out of IP addresses. One solution to this problem was to reserve some private addresses for use exclusively inside an organization. This allows hosts within an organization to communicate with one another without the need of a unique public IP address.
RFC 1918 is a standard that reserves several ranges of addresses within each of the classes A, B and C. As shown in the table, these private address ranges consist of a single Class A network, 16 Class B networks and 256 Class C networks. This gives a network administrator considerable flexibility in assigning internal addresses.
A very large network can use the Class A private network, which allows for over 16 million private addresses.
On medium size networks, a Class B private network could be used, which provides over 65,000 addresses.
Home and small business networks typically use a single class C private address, which allows up to 254 hosts.
The Class A network, the 16 Class B networks, or the 256 Class C networks can be used within any size organization. Typically many organizations use the Class A private network.
Private addresses can be used internally by hosts in an organization as long as the hosts do not connect directly to the Internet. Therefore, the same set of private addresses can be used by multiple organizations. Private addresses are not routed on the Internet and will be quickly blocked by an ISP router.
The use of private addresses can provide a measure of security since they are only visible on the local network, and outsiders cannot gain direct access to the private IP addresses.
There are also private addresses that can be used for the diagnostic testing of devices. This type of private address is known as a loopback address. The class A, 127.0.0.0 network, is reserved for loopback addresses.
Unicast, Broadcast, And Multicast Addresses
In addition to address classes, we also categorize IP addresses as unicast, broadcast, or multicast. Hosts can use IP addresses to communicate one-to-one (unicast), one-to-many (multicast) or one-to-all (broadcast).
Unicast
A unicast address is the most common type on an IP network. A packet with a unicast destination address is intended for a specific host. An example is a host with IP address 192.168.1.5 (source) requesting a web page from a server at IP address 192.168.1.200 (destination).
For a unicast packet to be sent and received, a destination IP address must be in the IP packet header. A corresponding destination MAC address must also be present in the Ethernet frame header. The IP address and MAC address combine to deliver data to one specific destination host.
Broadcast
With a broadcast, the packet contains a destination IP address with all ones (1s) in the host portion. This means that all hosts on that local network (broadcast domain) will receive and look at the packet. Many network protocols, such as ARP and DHCP use broadcasts.
A Class C network 192.168.1.0 with a default subnet mask of 255.255.255.0 has a broadcast address of 192.168.1.255. The host portion is decimal 255 or binary 11111111 (all 1s).
A Class B network of 172.16.0.0, with a default mask of 255.255.0.0, has a broadcast of 172.16.255.255.
A Class A network of 10.0.0.0, with a default mask of 255.0.0.0, has a broadcast of 10.255.255.255..
A broadcast IP address for a network needs a corresponding broadcast MAC address in the Ethernet frame. On Ethernet networks, the broadcast MAC address is 48 ones displayed as Hexadecimal FF-FF-FF-FF-FF-FF.
Broadcast
With a broadcast, the packet contains a destination IP address with all ones (1s) in the host portion. This means that all hosts on that local network (broadcast domain) will receive and look at the packet. Many network protocols, such as ARP and DHCP use broadcasts.
A Class C network 192.168.1.0 with a default subnet mask of 255.255.255.0 has a broadcast address of 192.168.1.255. The host portion is decimal 255 or binary 11111111 (all 1s).
A Class B network of 172.16.0.0, with a default mask of 255.255.0.0, has a broadcast of 172.16.255.255.
A Class A network of 10.0.0.0, with a default mask of 255.0.0.0, has a broadcast of 10.255.255.255..
A broadcast IP address for a network needs a corresponding broadcast MAC address in the Ethernet frame. On Ethernet networks, the broadcast MAC address is 48 ones displayed as Hexadecimal FF-FF-FF-FF-FF-FF.
Static And Dynamic Address Assignment
IP addresses can be assigned either statically or dynamically.
Static
With a static assignment, the network administrator must manually configure the network information for a host. At a minimum, this includes the host IP address, subnet mask and default gateway.
Static addresses have some advantages. For instance, they are useful for printers, servers and other networking devices that need to be accessible to clients on the network. If hosts normally access a server at a particular IP address, it would not be good if that address changed.
Static assignment of addressing information can provide increased control of network resources, but it can be time consuming to enter the information on each host. When entering IP addresses statically, the host only performs basic error checks on the IP address. Therefore, errors are more likely to occur.
When using static IP addressing, it is important to maintain an accurate list of which IP addresses are assigned to which devices. Additionally, these are permanent addresses and are not normally reused.
Dynamic
On local networks it is often the case that the user population changes frequently. New users arrive with laptops and need a connection. Others have new workstations that need to be connected. Rather than have the network administrator assign IP addresses for each workstation, it is easier to have IP addresses assigned automatically. This is done using a protocol known as Dynamic Host Configuration Protocol (DHCP).
DHCP provides a mechanism for the automatic assignment of addressing information such as IP address, subnet mask, default gateway, and other configuration information.
DHCP is generally the preferred method of assigning IP addresses to hosts on large networks since it reduces the burden on network support staff and virtually eliminates entry errors.
Another benefit of DHCP is that an address is not permanently assigned to a host but is only leased for a period of time. If the host is powered down or taken off the network, the address is returned to the pool for reuse. This is especially helpful with mobile users that come and go on a network.
DHCP Server
If you enter a wireless hotspot at an airport or coffee shop, DHCP makes it possible for you to access the Internet. As you enter the area, your laptop DHCP client contacts the local DHCP server via a wireless connection. The DHCP server assigns an IP address to your laptop.
Various types of devices can be DHCP servers as long as they are running DHCP service software. With most medium to large networks, the DHCP server is usually a local dedicated PC-based server.
With home networks the DHCP server is usually located at the ISP and a host on the home network receives its IP configuration directly from the ISP.
Many home networks and small businesses use an integrated router to connect to the ISP modem. In this case, the integrated router is both a DHCP client and a server. The integrated router acts as a client to receive its IP configuration from the ISP and then acts a DHCP server for internal hosts on the local network.
In addition to PC-based servers and integrated routers, other types of networking devices such as dedicated routers can provide DHCP services to clients, although this is not as common.
Configuring DHCP
When a host is first configured as a DHCP client, it does not have an IP address, subnet mask or default gateway. It obtains this information from a DHCP server, either on the local network or one located at the ISP. The DHCP server is configured with a range, or pool, of IP addresses that can be assigned to DHCP clients.
A client that needs an IP address will send a DHCP Discover message which is a broadcast with a destination IP address of 255.255.255.255 (32 ones) and a destination MAC address of FF-FF-FF-FF-FF-FF (48 ones). All hosts on the network will receive this broadcast DHCP frame, but only a DHCP server will reply. The server will respond with a DHCP Offer, suggesting an IP address for the client. The host then sends a DHCP Request to that server asking to use the suggested IP address. The server responds with a DHCP Acknowledgment.
For most home and small business networks, a multi-function device provides DHCP services to the local network clients. To configure a Linksys wireless router, access its graphical web interface by opening the browser and entering the in the Address area the router default IP address: 192.168.1.1. Navigate to the screen that shows the DHCP configuration.
The IP address of 192.168.1.1 and subnet mask of 255.255.255.0 are the defaults for the internal router interface. This is the default gateway for all hosts on the local network and also the internal DHCP server IP address. Most Linksys wireless routers and other home integrated routers have DHCP Server enabled by default.
On the DHCP configuration screen a default DHCP range is available or you can specify a starting address for the DHCP range (do not use 192.168.1.1) and the number of addresses to be assigned. The lease time can also be modified (default is 24 hours). The DHCP configuration feature on most ISRs gives information about connected hosts and IP addresses, their associated MAC address, and lease times.
The DHCP Client Table also shows the client name and whether it is connected via the Ethernet LAN or wireless (Interface).
Network Boundaries And Address Space
The router provides a gateway through which hosts on one network can communicate with hosts on different networks. Each interface on a router is connected to a separate network.
The IP address assigned to the interface identifies which local network is connected directly to it.
Every host on a network must use the router as a gateway to other networks. Therefore, each host must know the IP address of the router interface connected to the network where the host is attached. This address is known as the default gateway address. It can be either statically configured on the host, or received dynamically by DHCP.
When an integrated router is configured to be a DHCP server for the local network, it automatically sends the correct interface IP address to the hosts as the default gateway address. In this manner, all hosts on the network can use that IP address to forward messages to hosts located at the ISP and get access to hosts on the Internet. Integrated routers are usually set to be DHCP servers by default.
The IP address of that local router interface becomes the default gateway address for the host configuration. The default gateway is provided, either statically or by DHCP.
When an integrated router is configured as a DHCP server, it provides its own internal IP address as the default gateway to DHCP clients. It also provides them with their respective IP address and subnet mask.
Address Assignment
The integrated router acts as a DHCP server for all local hosts attached to it, either by Ethernet cable or wirelessly. These local hosts are referred to as being located on an internal, or inside, network. Most DHCP servers are configured to assign private addresses to the hosts on the internal network, rather than Internet routable public addresses. This ensures that, by default, the internal network is not directly accessible from the Internet.
The default IP address configured on the local integrated router interface is usually a private Class C address. Internal hosts must be assigned addresses within the same network as the integrated router, either statically configured, or through DHCP. When configured as a DHCP server, the integrated router provides addresses in this range. It also provides the subnet mask information and its own interface IP address as the default gateway.
Many ISPs also use DHCP servers to provide IP addresses to the Internet side of the integrated router installed at their customer sites. The network assigned to the Internet side of the integrated router is referred to as the external, or outside, network.
When an integrated router is connected to the ISP, it acts like a DHCP client to receive the correct external network IP address for the Internet interface. ISPs usually provide an Internet-routable address, which enables hosts connected to the integrated router to have access to the Internet.
The integrated router serves as the boundary between the local internal network and the external Internet.
There are several ways hosts can be connected to an ISP and the Internet. Whether or not an individual host is assigned a public or private address depends on how it is connected.
Direct Connection
Some customers have just a single computer with a direct connection from the ISP through a modem. In this case, the public address from the ISP DHCP server is assigned to the single host.
Connection Through an Integrated Router
When there is more than one host that needs access to the Internet, the ISP modem can be attached directly to an integrated router instead of directly to a single computer. This enables the creation of a home or small business network. The integrated router receives the public address from the ISP. Internal hosts receive private addresses from the integrated router.
Connection Through a Gateway Device
Gateway devices combine an integrated router and a modem in one unit, and connect directly to the ISP service. As with integrated routers, the gateway device receives a public address from the ISP and internal PCs will receive private addresses from the gateway device.
Network Address Translation
The integrated router receives a public address from the ISP, which allows it to send and receive packets on the Internet. It, in turn, provides private addresses to local network clients. Since private addresses are not allowed on the Internet, a process is needed for translating private addresses into unique public addresses to allow local clients to communicate on the Internet.
The process used to convert private addresses to Internet-routable addresses is called Network Address Translation (NAT). With NAT, a private (local) source IP address is translated to a public (global) address. The process is reversed for incoming packets. The integrated router is able to translate many internal IP addresses to the same public address, by using NAT.
Only packets destined for other networks need to be translated. These packets must pass through the gateway, where the integrated router replaces the source host’s private IP address with its own public IP address.
Although each host on the internal network has a unique private IP address assigned to it, the hosts must share the single Internet routable addressed assigned to the integrated router.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Six (smt1)
September 15, 2008Client Server Relationship
Every day, people use the services available over networks and the Internet to communicate with others and to perform routine tasks. We rarely think of the servers, clients and networking devices that are necessary in order for us to receive an email, enter information into a blog, or shop for the best bargains in an online store. Most of the commonly used Internet applications rely on complicated interactions between various different servers and clients.
The term server refers to a host running a software application that provides information or services to other hosts connected to the network. A well-known example of an application is a web server. There are millions of servers connected to the Internet, providing services such as web sites, email, financial transactions, music downloads, etc. A factor that is crucial to enabling these complex interactions to function is that they all use agreed standards and protocols.
To request and view a web page, a person uses a device that is running web client software. A client is the name given to a computer application that someone uses to access information held on a server. A web browser is a good example of a client.
The key characteristic of client/server systems is that the client sends a request to a server, and the server responds by carrying out a function, such as sending information back to the client. The combination of a web browser and a web server is perhaps the most commonly used instance of a client/server system.
Role Of Protocols In Client Server Communication
A web server and a web client use specific protocols and standards in the process of exchanging information to ensure that the messages are received and understood. These protocols cover: application, transport, Internetwork and network access protocols.
Application Protocol
Hypertext Transfer Protocol (HTTP) governs the way that a web server and a web client interact. HTTP defines the format of the requests and responses exchanged between the client and server. HTTP relies on other protocols to govern how the messages are transported between client and server.
Transport Protocol
Transmission Control Protocol (TCP) is the transport protocol that manages the individual conversations between web servers and web clients. TCP formats the HTTP messages into segments to be sent to the destination host. It also provides flow control and acknowledgement of packets exchanged between hosts.
Internetwork Protocol
The most common internetwork protocol is Internet Protocol (IP). IP is responsible for taking the formatted segments from TCP, assigning the logical addressing, and encapsulating them into packets for routing to the destination host.
Network Access Protocols
Ethernet is the most commonly used protocol for local networks. Network access protocols perform two primary functions, data link management and physical network transmissions.
Data link management protocols take the packets from IP and encapsulate them into the appropriate frame format for the local network. These protocols assign the physical addresses to the frames and prepare them to be transmitted over the network.
The standards and protocols for the physical media govern how the bits are represented on the media, how the signals are sent over the media, and how they are interpreted by the receiving hosts. Network interface cards implement the appropriate protocols for the media that is being used.
TCP And UDP Transport Protocol
Each service available over the network has its own application protocols that are implemented in the server and client software. In addition to the application protocols, all of the common Internet services use Internet Protocol (IP), to address and route messages between source and destination hosts.
IP is concerned only with the structure, addressing and routing of packets. IP does specify how the delivery or transportation of the packets takes place. Transport protocols specify how to transfer messages between hosts. The two most common transport protocols are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). The IP protocol uses these transport protocols to enable hosts to communicate and transfer data.
When an application requires acknowledgment that a message is delivered, it uses TCP. This is similar to sending a registered letter through the postal system, where the recipient must sign for the letter to acknowledge its receipt.
TCP breaks up a message into small pieces known as segments. The segments are numbered in sequence and passed to IP process for assembly into packets. TCP keeps track of the number of segments that have been sent to a specific host from a specific application. If the sender does not receive an acknowledgement within a certain period of time, it assumes that the segments were lost and retransmits them. Only the portion of the message that is lost is resent, not the entire message.
On the receiving host, TCP is responsible for reassembling the message segments and passing them to the application.
FTP and HTTP are examples of applications that use TCP to ensure delivery of data.
In some cases, the TCP acknowledgment protocol is not required and actually slows down information transfer. In those cases, UDP may be a more appropriate transport protocol.
UDP is a ‘best effort’ delivery system that does not require acknowledgment of receipt. This is similar to sending a standard letter through the postal system. It is not guaranteed that the letter is received, but the chances are good.
UDP is preferable with applications such as streaming audio, video and voice over IP (VoIP). Acknowledgments would slow down delivery and retransmissions are undesirable.
An example of an application that uses UDP is Internet radio. If some of the message is lost during its journey over the network, it is not retransmitted. If a few packets are missed, the listener might hear a slight break in the sound. If TCP were used and the lost packets were resent, the transmission would pause to receive them and the disruption would be more noticeable.
TCP/IP Ports Number
When a message is delivered using either TCP or UDP, the protocols and services requested are identified by a port number. A port is a numeric identifier within each segment that is used to keep track of specific conversations and destination services requested. Every message that a host sends contains both a source and destination port.
Destination Port
The client places a destination port number in the segment to tell the destination server what service is being requested. For example, Port 80 refers to HTTP or web service. When a client specifies Port 80 in the destination port, the server that receives the message knows that web services are being requested. A server can offer more than one service simultaneously. For example, a server can offer web services on Port 80 at the same time that it offers FTP connection establishment on Port 21.
Source Port
The source port number is randomly generated by the sending device to identify a conversation between two devices. This allows multiple conversations to occur simultaneously. In other words, multiple devices can request HTTP service from a web server at the same time. The separate conversations are tracked based on the source ports.
The source and destination ports are placed within the segment. The segments are then encapsulated within an IP packet. The IP packet contains the IP address of the source and destination. The combination of the source and destination IP address and the source and destination port number is known as a socket. The socket is used to identify the server and service being requested by the client. Every day thousands of hosts communicate with thousands of different servers. Those communications are identified by the sockets.
Domain Name Service (DNS)
Thousands of servers, installed in many different locations, provide the services we use daily over the Internet. Each of these servers is assigned a unique IP address that identifies it on the local network where it is connected.
It would be impossible to remember all of the IP addresses for all of the servers hosting services on the Internet. Instead, there is an easier way to locate servers by associating a name with an IP address.
The Domain Name System (DNS) provides a way for hosts to use this name to request the IP address of a specific server. DNS names are registered and organized on the Internet within specific high level groups, or domains. Some of the most common high level domains on the Internet are .com, .edu, and .net.
A DNS server contains a table that associates hostnames in a domain with corresponding IP addresses. When a client has the name of server, such as a web server, but needs to find the IP address, it sends a request to the DNS server on port 53. The client uses the IP address of the DNS server configured in the DNS settings of the host’s IP configuration.
When the DNS server receives the request, it checks its table to determine the IP address associated with that web server. If the local DNS server does not have an entry for the requested name, it queries another DNS server within the domain. When the DNS server learns the IP address, that information is sent back to the client. If the DNS server cannot determine the IP address, the request will time out and the client will not be able to communicate with the web server.
Client software works with the DNS protocol to obtain IP addresses in a way that is transparent to the user.
Web Clients And Server
When a web client receives the IP address of a web server, the client browser uses that IP address and port 80 to request web services. This request is sent to the server using the Hypertext Transfer Protocol (HTTP).
When the server receives a port 80 request, the server responds to the client request and sends the web page to the client. The information content of a web page is encoded using specialized ‘mark-up’ languages. HTML (Hypertext Mark-up Language) is the most commonly used but others, such as XML and XHTML, are gaining popularity.
The HTTP protocol is not a secure protocol; information could easily be intercepted by other users as it is sent over the network. In order to provide security for the data, HTTP can be used with secure transport protocols. Requests for secure HTTP are sent to port 443. These requests require the use of https: in the site address in the browser, rather than http:.
There are many different web services and web clients available on the market. The HTTP protocol and HTML make it possible for these servers and clients from many different manufactures to work together seamlessly.
FTP Clients And Server
In addition to web services, another common service used across the Internet is one that allows users to transfer files.
The File Transfer Protocol (FTP) provides an easy method to transfer files from one computer to another. A host running FTP client software can access an FTP server to perform various file management functions including file uploads and downloads.
The FTP server enables a client to exchange files between devices. It also enables clients to manage files remotely by sending file management commands such as delete or rename. To accomplish this, the FTP service uses two different ports to communicate between client and server.
Requests to begin an FTP session are sent to the server using destination port 21. Once the session is opened, the server will change to port 20 to transfer the data files.
FTP client software is built into computer operating systems and into most web browsers. Stand-alone FTP clients offer many options in an easy-to-use GUI-based interface.
E-Mail Client And Server
Email is one of the most popular client/server applications on the Internet. Email servers run server software that enables them to interact with clients and with other email servers over the network.
Each mail server receives and stores mail for users who have mailboxes configured on the mail server. Each user with a mailbox must then use an email client to access the mail server and read these messages.
Mail servers are also used to send mail addressed to local mailboxes or mailboxes located on other email servers.
Mailboxes are identified by the format:
user@company.domain.
Various application protocols used in processing email include SMTP, POP3, IMAP4.
Simple Mail Transfer Protocol (SMTP)
SMTP is used by an email client to send messages to its local email server. The local server then decides if the message is destined for a local mailbox or if the message is addressed to a mailbox on another server.
If the server has to send the message to a different server, SMTP is used between the two servers as well. SMTP requests are sent to port 25.
Post Office Protocol (POP3)
A server that supports POP clients receives and stores messages addressed to its users. When the client connects to the email server, the messages are downloaded to the client. By default, messages are not kept on the server after they have been accessed by the client. Clients contact POP3 servers on port 110.
Internet Message Access Protocol (IMAP4)
A server that supports IMAP client also receives and stores messages address to its users. However, it keeps the messages in the mailboxes on the server, unless they are deleted by the user. The most current version of IMAP is IMAP4 which listens for client requests on port 143.
Many different email servers exist for the various network operating system platforms.
An email client connects to the email server to download and view messages. Most email clients can be configured to use either POP3 or IMAP4 depending the email server where the mailbox is located. Email clients must also be able to send email to the server using SMTP.
Different email servers can be configured for incoming and outgoing mail.
The following are typical entries when configuring an email client:
POP3 or IMAP4 Server name
SMTP Server name
Username
User password
SPAM and Virus filters
The graphic shows the basic setup of a POP3 and SMTP email account using Microsoft Outlook.
IM Clients And Server
Instant Messaging (IM) is one of the most popular communication tools in use today. IM software is run locally on each computer and allows users to communicate or chat over the Internet in real-time. Many different IM applications are available from various companies. Each instant messaging service can use a different protocol and destination port, so two hosts must have compatible IM software installed for them to communicate.
IM applications require minimal configuration to operate. Once the client is downloaded all that is required is to enter username and password information. This allows the IM client to authenticate to the IM network. Once logged into the server, clients can send messages to other clients in real-time. In addition to text messages, IM supports the transfer of video, music and speech files. IM clients may have a telephony feature, which allows users to make phone calls over the Internet. Additional configuration can be done to customize the IM client with “Buddy Lists” and a personal look and feel.
IM client software can be downloaded and used on all types of hosts, including: computers, PDAs and cell phones.
Voice Client And Server
Making telephone calls over the Internet is becoming increasingly popular. An Internet telephony client uses peer-to-peer technology similar to that used by instant messaging. IP telephony makes use of Voice over IP (VoIP) technology which uses IP packets to carry digitized voice as data.
To start using Internet telephone, download the client software from one of the companies that provides the service. Rates for Internet telephone services can vary greatly between regions and providers.
When the software has been installed, the user selects a unique name. This is so that calls can be received from other users. Speakers and a microphone, built-in or separate, are required. A headset is frequently plugged into the computer to serve as a phone.
Calls are made to other users of the same service on the Internet, by selecting the username from a list. A call to a regular telephone (land line or cell phone) requires the use of a gateway to access the Public Switched Telephone Network (PSTN).
The protocols and destination ports used by Internet telephony applications can vary based on the software.
Port Numbers
DNS, Web, Email, FTP, IM and VoIP are just some of the many services provided by client/server systems over the Internet. These services may be provided by a single server or by several servers.
In either case, it is necessary for a server to know which service is being requested by a client. Client requests can be identified because the request is made to a specific destination port. Clients are pre-configured to use a destination port that is registered on the Internet for each service.
Ports are broken into three categories and range in number from 1 to 65,535. Ports are assigned and managed by an organization known as the Internet Corporation for Assigned Names and Numbers (ICANN )
Well-Known Ports
Destination ports that are associated with common network applications are identified as well-known ports. These ports are in the range of 1 to 1023.
Registered Ports
Ports 1024 through 49151 can be used as either source or destination ports. These can be used by organizations to register specific applications such as IM applications.
Private Ports
Ports 49152 through 65535, often used as source ports. These ports can be used by any application.
The table shows some of the more common well-known ports.
Protocol Interaction
Successful communication between hosts requires interaction between a numbers of protocols. These protocols are implemented in software and hardware that is loaded on each host and network device.
The interaction between protocols can be depicted as a protocol stack. It shows the protocols as a layered hierarchy, with each higher-level protocol depending on the services of the protocols shown in the lower levels.
The graphic shows a protocol stack with the primary protocols necessary to run a web server over Ethernet. The lower layers of the stack are concerned with moving data over the network and providing services to the upper layers. The upper layers are focused more on the content of the message being sent and the user interface.
To visualize the interaction between various protocols, it is common use a layered model. A layered model depicts the operation of the protocols occurring within each layer, as well as the interaction with the layers above and below it.
The layered model has many benefits:
Assists in protocol design, because protocols that operate at a specific layer have defined information that they act upon and a defined interface to the layers above and below.
Fosters competition because products from different vendors can work together.
Prevents technology or capability changes in one layer from affecting other layers above and below.
Provides a common language to describe networking functions and capabilities.
The first layered reference model for internetwork communications was created in the early 1970s and is referred to as the Internet model. It defines four categories of functions that must occur for communications to be successful. The architecture of the TCP/IP protocols follows the structure of this model. Because of this, the Internet model is commonly referred to as the TCP/IP model.
Protocol operating Of Sending And Receiving A Messages
When sending messages on a network, the protocol stack on a host operates from top to bottom. In the web server example, a browser on the client requests a web page from a server web server on destination port 80. This starts the process of sending the web page to the client.
As the web page is sent down the web server protocol stack, the application data is broken into TCP segments. Each TCP segment is given a header containing a source and destination port.
The TCP segment encapsulates HTTP protocol and web page HTML user data and sends it down to the next protocol layer, which is IP. Here the TCP segment is encapsulated within an IP packet, which adds an IP header. The IP header contains source and destination IP addresses.
Next, the IP packet is sent to the Ethernet protocol where it is encapsulated in a frame header and trailer. Each Ethernet frame header contains a source and destination MAC address. The trailer contains error checking information. Finally the bits are encoded onto the Ethernet media (copper or fiber optic cable) by the server NIC.
When sending messages on a network, the protocol stack on a host operates from top to bottom. In the web server example, a browser on the client requests a web page from a server web server on destination port 80. This starts the process of sending the web page to the client.
As the web page is sent down the web server protocol stack, the application data is broken into TCP segments. Each TCP segment is given a header containing a source and destination port.
The TCP segment encapsulates HTTP protocol and web page HTML user data and sends it down to the next protocol layer, which is IP. Here the TCP segment is encapsulated within an IP packet, which adds an IP header. The IP header contains source and destination IP addresses.
Next, the IP packet is sent to the Ethernet protocol where it is encapsulated in a frame header and trailer. Each Ethernet frame header contains a source and destination MAC address. The trailer contains error checking information. Finally the bits are encoded onto the Ethernet media (copper or fiber optic cable) by the server NIC.
Open System Interconnect Model
The Open Systems Interconnect Model was developed by the International Organization for Standardization (ISO) in 1984. Unlike the TCP/IP model, it does not specify the interaction of any specific protocols. It was created as architecture for developers to follow to design protocols for network communications. Although very few protocol stacks exactly implement the seven layers of the OSI model, it is now considered the primary reference model for inter-computer communications.
The OSI model includes all functions, or tasks, associated with Inter-network communications, not just those related to the TCP/IP protocols. Compared to the TCP/IP model, which only has four layers, the OSI model organizes the tasks into seven more specific groups. A task, or group of tasks, is then assigned to each of the seven OSI layers.
The essence of protocol stacks is the separation and organization of essential functions. The separation of functions enables each layer in the stack to operate independently of others. For example, it is feasible for a web site to be accessed from a laptop computer connected to a cable modem at home, or from a laptop using wireless, or a web-enabled mobile phone. The Application layer operates seamlessly, regardless of the way the lower layers are operating.
In the same way, the lower layers operate seamlessly. For example, an Internet connection functions satisfactorily when a variety of applications are running at the same time, such as email, web browsing, IM, and music download.
The Packet Tracer (PT) program graphical interface allows viewing of simulated data being transmitted between two hosts. It uses Protocol Data Units (PDUs) to represent network traffic frames and displays protocol stack information at the appropriate layers of the OSI model.
In the graphic, the request from the Web client is being received by the Ethernet NIC in the Web Server. The following information is shown in OSI layers 1through 4.
Layer 1 (Physical): Fast Ethernet port
Layer 2 (Data Link): Ethernet Mac addresses
Layer 3 (Network): IP addresses
Layer 4 (Transport): TCP port numbers
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Seven (smt1)
September 11, 2008Wireless Technologies And Device
In addition to the wired network, various technologies exist that allow the transmission of information between hosts without cables. These are known as wireless technologies.
Wireless technologies use electromagnetic waves to carry information between devices. An electromagnetic wave is the same medium that carries radio signals through the air.
The electromagnetic spectrum includes such things as radio and television broadcast bands, visible light, x-rays and gamma-rays. Each of these has a specific range of wavelengths and associated energies as shown in the diagram.
Some types of electromagnetic waves are not suitable for carrying data. Other parts of the spectrum are regulated by governments and licensed to various organizations for specific applications. Certain areas of the spectrum have been set aside to allow public use without the restriction of having to apply for special permits. The most common wavelengths used for public wireless communications include the Infrared and part of the Radio Frequency (RF) band.
Infrared
Infrared (IR) is relatively low energy and cannot penetrate through walls or other obstacles. However, It is commonly used to connect and move data between devices such as Personal Digital Assistants (PDAs) and PCs. A specialized communication port known as an Infrared Direct Access (IrDA) port uses IR to exchange information between devices. IR only allows a one-to-one type of connection.
IR is also used for remote control devices, wireless mice, and wireless keyboards. It is generally used for short-range, line-of-sight, communications. However, it is possible to reflect the IR signal off objects to extend the range. For greater ranges, higher frequencies of electromagnetic waves are required.
Radio Frequency (RF)
RF waves can penetrate through walls and other obstacles, allowing a much greater range than IR.
Certain areas of the RF bands have been set aside for use by unlicensed devices such as wireless LANs, cordless phones and computer peripherals. This includes the 900 MHz, 2.4 GHz and the 5 GHz frequency ranges. These ranges are known as the Industrial Scientific and Medical (ISM) bands and can be used with very few restrictions.
Bluetooth is a technology that makes use of the 2.4 GHz band. It is limited to low-speed, short-range communications, but has the advantage of communicating with many devices at the same time. This one-to-many communications has made Bluetooth technology the preferred method over IR for connecting computer peripherals such as mice, keyboards and printers.
Other technologies that make use of the 2.4 GHz and 5GHz bands are the modern wireless LAN technologies that conform to the various IEEE 802.11 standards. They are unlike Bluetooth technology in that they transmit at a much higher power level, which gives them a greater range.
Benefits And Limitation Of Wireless Technologies
Wireless technology offers many advantages compared to traditional wired networks.
One of the main advantages is the ability to provide anytime, anywhere connectivity. The widespread implementation of wireless in public locations, known as hotspots, allows people to easily connect to the Internet to download information and exchange emails and files.
Wireless technology is fairly easy and inexpensive to install. The cost of home and business wireless devices continues to decrease. Yet, despite the decrease in cost, the data rate and capabilities of these devices have increased, allowing faster, more reliable wireless connections.
Wireless technology enables networks to be easily expanded, without the limitations of cabled connections. New and visiting users can join the network quickly and easily.
Despite the flexibility and benefits of wireless, there are some limitations and risks.
First, Wireless LAN (WLAN) technologies make use of the unlicensed regions of the RF spectrum. Since these regions are unregulated, many different devices make use of them. As a result, these regions are congested and signals from different devices often interfere with each other. In addition, many devices such as microwave ovens and cordless phones use these frequencies and can interfere with WLAN communications.
Second, a major concern with wireless is security. Wireless provides ease of access. It does this by broadcasting data in a manner that allows anyone the ability to access it. However, this same feature also limits the amount of protection wireless can provide for the data. It allows anyone to intercept the communication stream, even unintended recipients. To address these security concerns, techniques have been developed to help secure wireless transmissions including encryption and authentication.
Types Of Wireless Network And Their Boundaries
Wireless networks are grouped into three major categories: Wireless Personal Area networks (WPAN), Wireless Local Area networks (WLAN), and Wireless Wide Area networks (WWAN).
Despite these distinct categories, it is difficult to place boundary limitations on a wireless implementation. This is because, unlike a wired network, wireless networks do not have precisely defined boundaries. The range of wireless transmissions can vary due to many factors. Wireless networks are susceptible to outside sources of interference, both natural and man-made. Fluctuations in temperature and humidity can greatly alter the coverage of wireless networks. Obstacles within the wireless environment can also affect the range.
WPAN
This is the smallest wireless network used to connect various peripheral devices such as mice, keyboards and PDAs to a computer. All of these devices are dedicated to a single host with usually use IR or Bluetooth technology.
WLAN
WLAN is typically used to extend the boundaries of the local wired network (LAN). WLANs use RF technology and conform to the IEEE 802.11 standards. They allow many users to connect to a wired network through a device known as an Access Point (AP). An Access Point provides a connection between wireless hosts and hosts on an Ethernet wired network.
WWAN
WWAN networks provide coverage over extremely large areas. A good example of a WWAN is the cell phone network. These networks use technologies such as Code Division Multiple Access (CDMA) or Global System for Mobile Communication (GSM) and are often regulated by government agencies.
Wireless LAN Standards
A number of standards have been developed to ensure that wireless devices can communicate. They specify the RF spectrum used, data rates, how the information is transmitted, and more. The main organization responsible for the creation of wireless technical standards is the IEEE.
The IEEE 802.11 standard governs the WLAN environment. There are four amendments to the IEEE 802.11 standard that describe different characteristics for wireless communications. The currently available amendments are 802.11a, 802.11b, 802.11g and 802.11n. (802.11n is not ratified at the time of this writing.) Collectively these technologies are referred to as Wi-Fi, Wireless Fidelity.
Another organization, known as the Wi-Fi Alliance, is responsible for testing wireless LAN devices from different manufacturers. The Wi-Fi logo on a device means that this equipment meets standards and should interoperate with other devices of the same standard.
802.11a:
Uses 5 GHz RF spectrum
Not compatible with 2.4 GHz spectrum, i.e. 802.11b/g/n devices
Range is approximately 33% that of the 802.11 b/g
Relatively expensive to implement compared to other technologies.
Increasingly difficult to find 802.11a compliant equipment
802.11b:
First of the 2.4 GHz technologies
Maximum data-rate of 11 Mbps
Range of approximately 46 m (150 ft) indoors/96 m (300 ft.) outdoors
802.11g:
2.4 GHz technologies
Maximum data-rate increase to 54 Mbps
Same range as the 802.11b
Backwards compatible with 802.11b
802.11n:
Newest standard in development
2.4 GHz technologies (draft standard specifies support for 5 GHz)
Extends the range and data throughput
Backwards compatible with existing 802.11g and 802.11b equipment (draft standard specifies 802.11a support)
Wireless LAN Component
Once a standard is adopted, it is important that all components within the WLAN adhere to the standard, or are at least compatible with the standard. There are various components that must be considered in a WLAN including: a wireless client or STA, an Access Point, a Wireless Bridge and an antenna.
Antennas:
Used on APs and Wireless bridges
Increases the output signal strength from a wireless device
Receives wireless signals from other devices such as STAs
Increase in signal strength from an antenna is known as the gain
Higher gains usually translate into increased transmission distances
Antennas are classified according to the way they radiate the signal. Directional antennas concentrate the signal strength into one direction. Omni-directional antennas are designed to emit equally in all directions.
By concentrating all of the signal into one direction, directional antennas can achieve great transmission distances. Directional antennas are normally used in bridging applications while omni-directional antennas are found on APs.
WLAN And The SSID
When building a wireless network, it is important that the wireless components connect to the appropriate WLAN. This is done using a Service Set Identifier (SSID).
The SSID is a case-sensitive, alpha-numeric string that is up to 32-characters. It is sent in the header of all frames transmitted over the WLAN. The SSID is used to tell wireless devices which WLAN they belong to and with which other devices they can communicate.
Regardless of the type of WLAN installation, all wireless devices in a WLAN must be configured with the same SSID in order to communicate.
There are two basic forms of WLAN installations: Ad-hoc and infrastructure mode.
Ad-hoc
The simplest form of a wireless network is created by connecting two or more wireless clients together in a peer-to-peer network. A wireless network established in this manner is known as an ad-hoc network and does not include an AP. All clients within an ad-hoc network are equal. The area covered by this network is known as an Independent Basic Service Set (IBSS). A simple ad-hoc network can be used to exchange files and information between devices without the expense and complexity of purchasing and configuring an AP.
Infrastructure Mode
Although an ad-hoc arrangement may be good for small networks, larger networks require a single device that controls communications in the wireless cell. If present, an AP will take over this role and control who can talk and when. This is known as infrastructure mode and is the mode of wireless communication most often used in the home and business environment. In this form of WLAN, individual STAs can not communicate directly with each other. To communicate, each device must obtain permission from the AP. The AP controls all communications and ensures that all STAs have equal access to the medium. The area covered by a single AP is known as a Basic Service Set (BSS) or cell.
The Basic Service Set (BSS) is the smallest building block of a WLAN. The area of coverage of a single AP is limited. To expand the coverage area, it is possible to connect multiple BSSs through a Distribution System (DS). This forms an Extended Service Set (ESS). An ESS uses multiple APs. Each AP is in a separate BSS.
In order to allow movement between the cells without the loss of signal, BSSs must overlap by approximately 10%. This allows the client to connect to the second AP before disconnecting from the first AP.
Most home and small business environments consist of a single BSS. However, as the required coverage area and number hosts needing to connect increases it becomes necessary to create an ESS.
Wireless Channel
Regardless if the wireless clients are communicating within an IBSS, BSS or ESS the conversation between sender and receiver must be controlled. One way this is accomplished is through the use of Channels.
Channels are created by dividing up the available RF spectrum. Each channel is capable of carrying a different conversation. This is similar to the way that multiple television channels are transmitted across a single medium. Multiple APs can function in close proximity to one another as long as they use different channels for communication.
Unfortunately it is possible for the frequencies used by some channels to overlap with those used by others. Different conversations must be carried on non-overlapping channels. The number and distribution of channels vary by region and technology. The selection of channel used for a specific conversation can be set manually or automatically, based on factors such as current usage and available throughput.
Normally each wireless conversation makes use of a separate channel. Some of the newer technologies combine the channels to create a single wide channel, which provides more bandwidth and increases the data rate.
Within a WLAN, the lack of well-defined boundaries makes it impossible to detect if collisions occur during transmission. Therefore, it is necessary to use an access method on a wireless network that ensures collisions do not occur.
Wireless technology uses an access method called Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). CSMA/CA creates a reservation on the channel for use by a specific conversation. While a reservation is in place, no other device may transmit on the channel thus possible collisions are avoided.
How does this reservation process work? If a device requires use of a specific communication channel in a BSS, it must ask permission from the AP. This is known as a Request to Send (RTS). If the channel is available, the AP will respond to the device with a Clear to Send (CTS) message indicating that the device may transmit on the channel. A CTS is broadcast to all devices within the BSS. Therefore, all devices in the BSS know that the requested channel is now in use.
Once the conversation is complete, the device that requested the channel sends another message to the AP known as an Acknowledgement (ACK). The ACK indicates to the AP that the channel can be released. This message is also broadcast to all devices on the WLAN. All devices within the BSS receive the ACK and know that the channel is once again available.
Configuring The Access Point
Once the choice of wireless standard, layout and channel assignment have been made it is time to configure the AP.
Most integrated routers offer both wired and wireless connectivity and serve as the AP in the wireless network. Basic configuration settings such as passwords, IP addresses, and DHCP settings are the same whether the device is being used to connect wired or wireless hosts. Basic configuration tasks, such as changing the default password, should be conducted before the AP is connected to a live network.
When using the wireless functionality of an integrated router, additional configuration parameters are required, such as setting the wireless mode, SSID, and wireless channels to be used.
Wireless Mode
Most home AP devices can support various modes, mainly 802.11B, 802.11G and 802.11N. Although these all use the 2.4 GHz range, each uses a different technology to obtain its maximum throughput. The type of mode enabled on the AP depends on the type of host connecting to it. If only one type of host connects to the AP device, set the mode to support it. If multiple types of hosts will connect, select Mixed mode. Each mode includes a certain amount of overhead. By enabling mixed mode, network performance will decrease due to the overhead incurred in supporting all modes.
SSID
The SSID is used to identify the WLAN. All devices that wish to participate in the WLAN must use the same SSID. To allow easy detection of the WLAN by clients, the SSID is broadcast. It is possible to disable the broadcast feature of the SSID. If the SSID is not broadcast; wireless clients will need to have this value manually configured.
Wireless Channel
The choice of channel for an AP must be made relative to the other wireless networks around it. Adjacent BSSs must use non-overlapping channels in order to optimize throughput. Most APs now offer a choice to manually configure the channel or allow the AP to automatically locate the least congested channel or locate the one that offers maximum throughput.
Configuring The Wireless Client
A wireless host, or STA, is defined as any device that contains a wireless NIC and wireless client software. This client software allows the hardware to participate in the WLAN. Devices that are STAs include: PDAs, laptops, desktop PCs, printers, projectors and Wi-Fi phones.
In order for a STA to connect to the WLAN, the client configuration must match that of the AP. This includes the SSID, security settings, and channel information if the channel was manually set on the AP. These settings are specified in the client software that manages the client connection.
The wireless client software used can be software integrated into the device operating system, or can be a stand-alone, downloadable, wireless utility software specifically designed to interact with the wireless NIC.
Integrated Wireless Utility Software
The Windows XP wireless client software is an example of a popular wireless client utility that is included as part of the device OS. This client software is basic management software that can control most wireless client configurations. It is user friendly and offers a simple connection process.
Stand-alone Wireless Utility Software
Wireless utility software, such as that supplied with the wireless NIC, is designed to work with that specific NIC. It usually offers enhanced functionality over Windows XP wireless utility software including feature such as:
Link Information – displays the current strength and quality of a wireless single
Profiles – allows configuration options such as channel and SSID to be specified for each wireless network
Site Survey – enables the detection of all wireless networks in the vicinity
It is not possible to allow both the wireless utility software and Windows XP client software to manage the wireless connection at the same time. For most situations Windows XP is sufficient. However, if multiple profiles must be created for each wireless network or advanced configurations settings are necessary, it is better to use the utility supplied with the NIC.
Once the client software is configured, verify the link between the client and the AP.
Open the wireless link information screen to display information such as the connection data rate, connection status, and wireless channel used. The Link Information feature, if available, displays the current signal strength and quality of the wireless signal.
In addition to verifying the wireless connection status, verify that data can actually be transmitted. One of the most common tests for verifying successful data transmission is the Ping test. If the ping is successful, data transmission is possible.
If the ping is unsuccessful from source to destination, then ping the AP from the wireless client to ensure that wireless connectivity is available. If this fails as well, the issue is between the wireless client and the AP. Check the setting information and try to reestablish connectivity.
If the wireless client can successfully connect to the AP, then check the connectivity from the AP to the next hop on the path to the destination. If this is successful, then the problem is most likely not with the AP configuration, but may be an issue with another device on the path to the destination or the destination device itself.
Why People Attack WLAN
One of the primary benefits of wireless networking is ease and convenience of connecting devices. Unfortunately that ease of connectivity and the fact that the information is transmitted through the air also makes your network vulnerable to interception and attacks.
With wireless connectivity, the attacker does not need a physical connection to your computer or any of your devices to access your network. It is possible for an attacker to tune into signals from your wireless network, much like tuning into a radio station.
The attacker can access your network from any location your wireless signal reaches. Once they have access to your network, they can use your Internet services for free, as well as access computers on the network to damage files, or steal personal and private information.
These vulnerabilities in wireless networking require special security features and implementation methods to help protect your WLAN from attacks. These include simple steps performed during initial setup of the wireless device, as well as more advanced security configurations.
One easy way to gain entry to a wireless network is through the network name, or SSID.
All computers connecting to the wireless network must know the SSID. By default, wireless routers and access points broadcast SSIDs to all computers within the wireless range. With SSID broadcast activated, any wireless client can detect the network and connect to it, if no other security features are in place.
The SSID broadcast feature can be turned off. When it is turned off, the fact that the network is there is no longer made public. Any computer trying to connect to the network must already know the SSID.
Additionally, it is important to change the default setting. Wireless devices are shipped preconfigured with settings such as SSIDs, passwords, and IP addresses in place. These defaults make it easy for an attacker to identify and infiltrate a network.
Even with SSID broadcasting disabled, it is possible for someone to get into your network using the well-known default SSID. Additionally, if other default settings, such as passwords and IP addresses are not changed, attackers can access an AP and make changes themselves. Default information should be changed to something more secure and unique.
These changes, by themselves, will not protect your network. For example, SSIDs are transmitted in clear text. There are devices that will intercept wireless signals and read clear text messages. Even with SSID broadcast turned off and default values changed, attackers can learn the name of a wireless network through the use of these devices that intercept wireless signals. This information will be used to connect to the network. It takes a combination of several methods to protect your WLAN.
Limiting Access To WLAN
One way to limit access to your wireless network is to control exactly which devices can gain access to your network. This can be accomplished through filtering of the MAC address.
MAC Address Filtering
MAC address filtering uses the MAC address to identify which devices are allowed to connect to the wireless network. When a wireless client attempts to connect, or associate, with an AP it will send MAC address information. If MAC filtering is enabled, the wireless router or AP will look up its MAC address a preconfigured list. Only devices whose MAC addresses have been prerecorded in the router’s database will be allowed to connect.
If the MAC address is not located in the database, the device will not be allowed to connect to or communicate across the wireless network.
There are some issues with this type of security. For example, it requires the MAC addresses of all devices that should have access to the network be included in the database before connection attempts occur. A device that is not identified in the database will not be able to connect. Additionally, it is possible for an attacker’s device to clone the MAC address of another device that has access.
Another way to control who can connect is to implement authentication. Authentication is the process of permitting entry to a network based on a set of credentials. It is used to verify that the device attempting to connect to the network is trusted.
The use of a username and password is a most common form of authentication. In a wireless environment, authentication still ensures that the connected host is verified, but handles the verification process in a slightly different manner. Authentication, if enabled, must occur before the client is allowed to connect to the WLAN. There are three types of wireless authentication methods: open authentication, PSK and EAP.
Open Authentication
By default, wireless devices do not require authentication. Any and all clients are able to associate regardless of who they are. This is referred to as open authentication. Open authentication should only be used on public wireless networks such as those found in many schools and restaurants. It can also be used on networks where authentication will be done by other means once connected to the network.
Pre-shared keys (PSK)
With PSK both the AP and client must be configured with the same key or secret word. The AP sends a random string of bytes to the client. The client accepts the string, encrypts it (or scrambles it) based on the key, and sends it back to the AP. The AP gets the encrypted string and uses its key to decrypt (or unscramble) it. If the decrypted string received from the client matches the original string sent to the client, the client is allowed to connect.
PSK performs one-way authentication, that is, the host authenticates to the AP. PSK does not authenticate the AP to the host, nor does it authenticate the actual user of the host.
Extensible Authentication Protocol (EAP)
EAP provides mutual, or two-way, authentication as well as user authentication. When EAP software is installed on the client, the client communicates with a backend authentication server such as Remote Authentication Dial-in User Service (RADIUS). This backend server functions separately from the AP and maintains a database of valid users that can access the network. When using EAP, the user, not just the host, must provide a username and password which is checked against the RADIUS database for validity. If valid, the user is authenticated.
Authentication On WLAN
Once authentication is enabled, regardless of the method used, the client must successfully pass authentication before it can associate with the AP. If both authentication and MAC address filtering are enabled, authentication occurs first.
Once authentication is successful, the AP will then check the MAC address against the MAC address table. Once verified, the AP adds the host MAC address into its host table. The client is then said to be associated with the AP and can connect to the network.
Encryption On WLAN
Authentication and MAC filtering may stop an attacker from connecting to a wireless network but it will not prevent them from being able to intercept transmitted data. Since there are no distinct boundaries on a wireless network, and all traffic is transmitted through the air, it is easy for an attacker to intercept, or sniff the wireless frames. Encryption is the process of transforming data so that even if it is intercepted it is unusable.
Wired Equivalency Protocol (WEP)
Wired Equivalency Protocol (WEP) is an advanced security feature that encrypts network traffic as it travels through the air. WEP uses pre-configured keys to encrypt and decrypt data.
A WEP key is entered as a string of numbers and letters and is generally 64 bits or 128 bits long. In some cases, WEP supports 256 bit keys as well. To simplify creating and entering these keys, many devices include a Passphrase option. The passphrase is an easy way to remember the word or phrase used to automatically generate a key.
In order for WEP to function, the AP, as well as every wireless device allowed to access the network must have the same WEP key entered. Without this key, devices will not be able to understand the wireless transmissions.
WEP is a great way to prevent attackers from intercepting data. However, there are weaknesses within WEP, including the use of a static key on all WEP enabled devices. There are applications available to attackers that can be used to discover the WEP key. These applications are readily available on the Internet. Once the attacker has extracted the key, they have complete access to all transmitted information.
One way to overcome this vulnerability is to change the key frequently. Another way is to use a more advanced and secure form of encryption known as Wi-Fi Protected Access (WPA).
Wi-Fi Protected Access (WPA)
WPA also uses encryption keys from 64 bits up to 256 bits. However, WPA, unlike WEP, generates new, dynamic keys each time a client establishes a connection with the AP. For this reason, WPA is considered more secure than WEP because it is significantly more difficult to crack.
Traffic Filtering On WLAN
In addition to controlling who can gain access to the WLAN and who can make use of transmitted data, it is also worthwhile to control the types of traffic transmitted across a WLAN. This is accomplished using traffic filtering.
Traffic filtering blocks undesirable traffic from entering or leaving the wireless network. Filtering is done by the AP as traffic passes through it. It can be used to remove traffic from, or destined to, a specific MAC or IP address. It can also block certain applications by port numbers. By removing unwanted, undesirable and suspicious traffic from the network, more bandwidth is devoted to the movement of important traffic and improves the performance of the WLAN. For example, traffic filtering can be used to block all telnet traffic destined for a specific machine, such as an authentication server. Any attempts to telnet into the authentication server would be considered suspicious and blocked.
Planning The WLAN
When implementing a wireless network solution, it is important to plan before performing any installation. This includes:
Determining the type of wireless standard to use
Determining the most efficient layout of devices
An installation and security plan
A strategy for backing up and updating the firmware of the wireless devices.
Wireless Standard
It is necessary to consider several factors when determining which WLAN standard to use. The most common factors include: bandwidth requirements, coverage areas, existing implementations, and cost. This information is gathered by determining end-user requirements.
The best way to learn end-user requirements is to ask questions.
What throughput is actually required by the applications running on the network?
How many users will access the WLAN?
What is the necessary coverage area?
What is the existing network structure?
What is the budget?
The bandwidth available in a BSS must be shared between all the users in that BSS. Even if the applications do not require a high-speed connection, one of the higher-speed technologies may be necessary if multiple users are connecting at the same time.
Different standards support different coverage areas. The 2.4 GHz signal, used in 802.11 b/g/n technologies, travels a greater distance than does the 5 GHz signal, used in 802.11a technologies. Thus 802.11 b/g/n supports a larger BSS. This translates into less equipment and a lower cost of implementation.
The existing network also affects new implementation of WLAN standards. For example, the 802.11n standard is backward compatible with 802.11g and 802.11b but not with 802.11a. If the existing network infrastructure and equipment support 802.11a, new implementations must also support the same standard.
Cost is also a factor. When considering cost, consider Total Cost of Ownership (TCO) which includes the purchase of the equipment as well as installation and support costs. In a medium to large business environment, TCO has a greater impact on the WLAN standard chosen than in the home or small business environment. This is because in the medium to large business, more equipment is necessary and installation plans are required, increasing cost.
Installation of Wireless Devices
For home or small business environments, the installation usually consists of a limited amount of equipment which can be easily relocated to provide optimum coverage and throughput.
In the enterprise environment, equipment cannot be easily relocated and coverage must be complete. It is important to determine the optimum number and location of APs to provide this coverage at the least amount of cost.
In order to accomplish this, a site survey is usually conducted. The person responsible for the site survey must be knowledgeable in WLAN design and equipped with sophisticated equipment for measuring signal strengths and interference. Depending on the size of the WLAN implementation, this can be a very expensive process. For small installations a simple site survey is usually conducted by simply using wireless STAs and the utility programs packaged with most wireless NICs.
In all cases, it is necessary to consider known sources of interference such as high-voltage wires, motors, and other wireless devices when determining the placement of WLAN equipment.
Installing And Securing The AP
Once the best technology and placement of the AP is determined, install the WLAN device and configure the AP with security measure. Security measures should be planned and configured before connecting the AP to the network or ISP.
Some of the more basic security measures include:
Change default values for the SSID, usernames and passwords.
Disable broadcast SSID
Configure MAC Address Filtering
Some of the more advanced security measures include:
Configure encryption using WEP or WPA
Configure authentication
Configure traffic filtering
Keep in mind that no single security measure will keep your wireless network completely secure. Combining multiple techniques will strengthen the integrity of your security plan.
When configuring the clients, it is essential that the SSID matches the SSID configured on the AP. Additionally, encryption keys and authentication keys must also match.
Configuration Backups
Once the wireless network is properly configured and traffic is moving, a full configuration backup should be performed on wireless devices. This is especially important if a great deal of customization is done to the configuration.
With most integrated routers designed for the home and small business markets, this is simply a matter of selecting the Backup Configurations option from the appropriate menu and specifying the location where the file should be saved. The integrated router provides a default name for the configuration file. This file name can be changed.
The restore process is just as simple. Select the Restore Configurations option. Then, simply browse to the location where the configuration file was previously saved and select the file. Once the file is selected, click Start to Restore to load the configuration file.
Sometimes it may be necessary to return the setting to the factory default conditions. To accomplish this select either the Restore Factory Defaults option from the appropriate menu or press and hold the RESET button located for 30 seconds. The latter technique is especially useful if you are unable to connect to the AP of the integrated router through the network but have physical access to the device.
Updating the Firmware
The operating system on most integrated routers is stored in firmware. As new features are developed or problems with the existing firmware are discovered, it may become necessary to update the firmware on the device.
The process for updating firmware on an integrated router, such as the Linksys wireless router, is simple. However, it is important that once the process is started, it is not interrupted. If the update process is interrupted before completion, the device may be rendered non-operable.
Determine the version of the firmware currently installed on the device. This information is usually displayed on the configuration screen or the connection status screen. Next, search the manufacturer’s web site and related news groups on the Internet to discover the firmware feature set, issues that may warrant an upgrade, and whether updates are available.
Download the updated version of the firmware and store it on the hard drive of a device that can be directly connected to the integrated router. It is better if the machine is directly connected to the integrated router with a cable to prevent any interruption in the update process caused by a wireless connection.
Select the Firmware Upgrade feature in the GUI. Browse to the appropriate file on the directly connected device and start the upgrade.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Eight – smt1
September 9, 2008Risk Of Network Instrusion
Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals and organizations alike depend on their computers and networks for functions such as email, accounting, organization and file management. Intrusion by an unauthorized person can result in costly network outages and loss of work. Attacks to a network can be devastating and can result in a loss of time and money due to damage or theft of important information or assets.
Intruders can gain access to a network through software vulnerabilities, hardware attacks or even through less high-tech methods, such as guessing someone’s username and password. Intruders who gain access by modifying software or exploiting software vulnerabilities are often called hackers.
Once the hacker gains access to the network, four types of threat may arise:
Information theft
Identity theft
Data loss / manipulation
Disruption of service
Source Of Network Instrusion
Security threats from network intruders can come from both internal and external sources.
External Threats
External threats arise from individuals working outside of an organization. They do not have authorized access to the computer systems or network. External attackers work their way into a network mainly from the Internet, wireless links or dialup access servers.
Internal Threats
Internal threats occur when someone has authorized access to the network through a user account or have physical access to the network equipment. The internal attacker knows the internal politics and people. They often know what information is both valuable and vulnerable and how to get to it.
However, not all internal attacks are intentional. In some cases, an internal threat can come from a trustworthy employee who picks up a virus or security threat, while outside the company and unknowingly brings it into the internal network.
Most companies spend considerable resources defending against external attacks however most threats are from internal sources. According to the FBI, internal access and misuse of computers systems account for approximately 70% of reported incidents of security breaches.
Social Enginering And Fising
One of the easiest ways for an intruder to gain access, whether internal or external is by exploiting human behavior.
One of the more common methods of exploiting human weaknesses is called Social Engineering.
Social Engineering
Social engineering is a term that refers to the ability of something or someone to influence the behavior of a group of people. In the context of computer and network security Social Engineering refers to a collection of techniques used to deceive internal users into performing specific actions or revealing confidential information.
With these techniques, the attacker takes advantage of unsuspecting legitimate users to gain access to internal resources and private information, such as bank account numbers or passwords.
Social engineering attacks exploit the fact that users are generally considered one of the weakest links in security. Social engineers can be internal or external to the organization, but most often do not come face-to-face with their victims.
Three of the most commonly used techniques in social engineering are: pretexting, phishing, and vishing.
Pretexting
Pretexting is a form of social engineering where an invented scenario (the pretext) is used on a victim in order to get the victim to release information or perform an action. The target is typically contacted over the telephone. For pretexting to be effective, the attacker must be able to establish legitimacy with the intended target, or victim. This often requires some prior knowledge or research on the part of the attacker. For example, if an attacker knows the target’s social security number, they may use that information to gain the trust of their target. The target is then more likely to release further information.
Phishing
Phishing is a form of social engineering where the phisher pretends to represent a legitimate outside organization. They typically contact the target individual (the phishee) via email. The phisher might ask for verification of information, such as passwords or usernames in order prevent some terrible consequence from occurring.
Vishing / Phone Phishing
A new form of social engineering that uses Voice over IP (VoIP) is known as vishing. With vishing, an unsuspecting user is sent a voice mail instructing them to call a number which appears to be a legitimate telephone-banking service. The call is then intercepted by a thief. Bank account numbers or passwords entered over the phone for verification are then stolen.
Viruses, Worm And Trojan Horse
Social engineering is a common security threat which preys upon human weakness to obtain desired results.
In addition to social engineering, there are other types of attacks which exploit the vulnerabilities in computer software. Examples of these attack techniques include: viruses, worms and Trojan horses. All of these are types of malicious software introduced onto a host. They can damage a system, destroy data, as well as deny access to networks, systems, or services. They can also forward data and personal details from unsuspecting PC users to criminals. In many cases, they can replicate themselves and spread to other hosts connected to the network.
Sometimes these techniques are used in combination with social engineering to trick an unsuspecting user into executing the attack.
Viruses
A virus is a program that runs and spreads by modifying other programs or files. A virus cannot start by itself; it needs to be activated. Once activated, a virus may do nothing more than replicate itself and spread. Though simple, even this type of virus is dangerous as it can quickly use all available memory and bring a system to a halt. A more serious virus may be programmed to delete or corrupt specific files before spreading. Viruses can be transmitted via email attachments, downloaded files, instant messages or via diskette, CD or USB devices.
Worms
A worm is similar to a virus, but unlike a virus does not need to attach itself to an existing program. A worm uses the network to send copies of itself to any connected hosts. Worms can run independently and spread quickly. They do not necessarily require activation or human intervention. Self-spreading network worms can have a much greater impact than a single virus and can infect large parts of the Internet quickly.
Trojan Horses
A Trojan horse is a non-self replicating program that is written to appear like a legitimate program, when in fact it is an attack tool. A Trojan horse relies upon its legitimate appearance to deceive the victim into initiating the program. It may be relatively harmless or can contain code that can damage the contents of the computer’s hard drive. Trojans can also create a back door into a system allowing hackers to gain access.
Denial Of Service And Brute Force Attack
Sometimes the goal of an attacker is to shut down the normal operations of a network. This type of attack is usually carried out with the intent to disrupt the functions of an organization.
Denial of Service (DoS)
DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended users. DoS attacks can target end user systems, servers, routers, and network links.
In general, DoS attacks seek to:
Flood a system or network with traffic to prevent legitimate network traffic from flowing
Disrupt connections between a client and server to prevent access to a service
There are several types of DoS attacks. Security administrators need to be aware of the types of DoS attacks that can occur and ensure that their networks are protected. Two common DoS attacks are:
SYN (synchronous) Flooding – a flood of packets are sent to a server requesting a client connection. The packets contain invalid source IP addresses. The server becomes occupied trying to respond to these fake requests and therefore cannot respond to legitimate ones.
Ping of death: a packet that is greater in size than the maximum allowed by IP (65,535 bytes) is sent to a device. This can cause the receiving system to crash.
Distributed Denial of Service (DDoS)
DDoS is a more sophisticated and potentially damaging form of the DoS attack. It is designed to saturate and overwhelm network links with useless data. DDoS operates on a much larger scale than DoS attacks. Typically hundreds or thousands of attack points attempt to overwhelm a target simultaneously. The attack points may be unsuspecting computers that have been previously infected by the DDoS code. The systems that are infected with the DDoS code attack the target site when invoked.
Brute Force
Not all attacks that cause network outages are specifically DoS attacks. A Brute force attack is another type of attack that may result in denial of services.
With brute force attacks, a fast computer is used to try to guess passwords or to decipher an encryption code. The attacker tries a large number of possibilities in rapid succession to gain access or crack the code. Brute force attacks can cause a denial of service due to excessive traffic to a specific resource or by locking out user accounts.
Spy Ware, Tracking Cookies, Adware, And Pop-Ups
Not all attacks do damage or prevent legitimate users from having access to resources. Many threats are designed to collect information about users which can be used for advertising, marketing and research purposes. These include Spyware, Tracking Cookies, Adware and Pop-ups. While these may not damage a computer, they invade privacy and can be annoying.
Spyware
Spyware is any program that gathers personal information from your computer without your permission or knowledge. This information is sent to advertisers or others on the Internet and can include passwords and account numbers.
Spyware is usually installed unknowingly when downloading a file, installing another program or clicking a popup. It can slow down a computer and make changes to internal settings creating more vulnerabilities for other threats. In addition, spyware can be very difficult to remove.
Tracking Cookies
Cookies are a form of spyware but are not always bad. They are used to record information about an Internet user when they visit websites. Cookies may be useful or desirable by allowing personalization and other time saving techniques. Many web sites require that cookies be enabled in order to allow the user to connect.
Adware
Adware is a form of spyware used to collect information about a user based on websites the user visits. That information is then used for targeted advertising. Adware is commonly installed by a user in exchange for a “free” product. When a user opens a browser window, Adware can start new browser instances which attempt to advertize products or services based on a user’s surfing practices. The unwanted browser windows can open repeatedly, and can make surfing the Internet very difficult, especially with slow Internet connections. Adware can be very difficult to uninstall.
Pop-ups and pop-unders
Pop-ups and pop-unders are additional advertising windows that display when visiting a web site. Unlike Adware, pop-ups and pop-unders are not intended to collect information about the user and are typically associated only with the web-site being visited.
Pop-ups: open in front of the current browser window.
Pop-unders: open behind the current browser window.
They can be annoying and usually advertise products or services that are undesirable.
Spam
Another annoying by-product of our increasing reliance on electronic communications is unwanted bulk email. Sometimes merchants do not want to bother with targeted marketing. They want to send their email advertising to as many end users as possible hoping that someone is interested in their product or service. This widely distributed approach to marketing on the Internet is called spam.
Spam is a serious network threat that can overload ISPs, email servers and individual end-user systems. A person or organization responsible for sending spam is called a spammer. Spammers often make use of unsecured email servers to forward email. Spammers can use hacking techniques, such as viruses, worms and Trojan horses to take control of home computers. These computers are then used to send spam without the owner’s knowledge. Spam can be sent via email or more recently via Instant messaging software.
It is estimated that every user on the Internet receives over 3,000 spam emails in a year. Spam consumes large amounts of Internet bandwidth and is a serious enough problem that many countries now have laws governing spam use.
Common Security Measures
Security risks cannot be eliminated or prevented completely. However, effective risk management and assessment can significantly minimize the existing security risks. To minimize the amount of risk, it is important to understand that no single product can make an organization secure. True network security comes from a combination of products and services, combined with a thorough security policy and a commitment to adhere to that policy.
A security policy is a formal statement of the rules that users must adhere to when accessing technology and information assets. It can be as simple as an acceptable use policy, or can be several hundred pages in length, and detail every aspect of user connectivity and network usage procedures. A security policy should be the central point for how a network is secured, monitored, tested and improved upon. While most home users do not have a formal written security policy, as a network grows in size and scope, the importance of a defined security policy for all users increases drastically. Some things to include in a security policy are: identification and authentication policies, password policies, acceptable use policies, remote access policies, and incident handling procedures.
When a security policy is developed, it is necessary that all users of the network support and follow the security policy in order for it to be effective.
A security policy should be the central point for how a network is secured, monitored, tested and improved upon. Security procedures implement security policies. Procedures define configuration, login, audit, and maintenance processes for hosts and network devices. They include the use of both preventative measures to reduce risk, as well as active measure for how to handle known security threats. Security Procedures can range from simple, inexpensive tasks such as maintaining up-to-date software releases, to complex implementations of firewalls and intrusion detection systems.
Some of the security tools and applications used in securing a network include:
Software patches and updates
Virus protection
Spyware protection
Spam blockers
Pop-up blockers
Firewalls
Update And Patches
Patches and Updates
One of the most common methods that a hacker uses to gain access to hosts and/or networks is through software vulnerabilities. It is important to keep software applications up-to-date with the latest security patches and updates to help deter threats. A patch is a small piece of code that fixes a specific problem. An update, on the other hand, may include additional functionality to the software package as well as patches for specific issues.
OS (operating system, such as Linux, Windows, etc.) and application vendors continuously provide updates and security patches that can correct known vulnerabilities in the software. In addition, vendors often release collections of patches and updates called service packs. Fortunately, many operating systems offer an automatic update feature that allows OS and applications updates to be automatically downloaded and installed on a host.
Anti Virus Software
Antivirus Software (Detecting a virus)
Even when the OS and applications have all the current patches and updates, they may still be susceptible to attack. Any device that is connected to a network is susceptible to viruses, worms and Trojan horses. These may be used to corrupt OS code, affect computer performance, alter applications, and destroy data.
Some of the signs that a virus, worm or Trojan horse may be present include:
Computer starts acting abnormally
Program does not respond to mouse and keystrokes.
Programs starting or shutting down on their own.
Email program begins sending out large quantities of email
CPU usage is very high
There are unidentifiable, or a large number of, processes running.
Computer slows down significantly or crashes
Anti-virus Software
Anti-virus software can be used as both a preventative tool and as a reactive tool. It prevents infection and detects, and removes, viruses, worms and Trojan horses. Anti-virus software should be installed on all computers connected to the network. There are many Anti-virus programs available.
Some of the features that can be included in Anti-virus programs are:
Email checking – Scans incoming and outgoing emails, and identifies suspicious attachments.
Resident dynamic scanning – Checks executable files and documents when they are accessed.
Scheduled scans – Virus scans can be scheduled to run at regular intervals and check specific drives or the entire computer.
Automatic Updates – Checks for, and downloads, known virus characteristics and patterns. Can be scheduled to check for updates on a regular basis.
Anti-virus software relies on knowledge of the virus to remove it. Therefore, when a virus is identified, it is important to report it or any virus-like behavior to the network administrator. This is normally done by submitting an incident report according to the company’s network security policy.
Network administrators can also report new instances of threats to the local governmental agency that handle security problems. For example, an agency in the U.S. is: https://forms.us-cert.gov/report/ . This agency is responsible for developing counter measures to new virus threats as well as ensuring that those measures are available to the various anti-virus software developers.
Anti Spam
Spam is not only annoying; it can overload email servers and potentially carry viruses and other security threats. Additionally, Spammers take control of a host by planting code on it in the form of a virus or a Trojan horse. The host is then used to send spam mail without the user’s knowledge. A computer infected this way is known as a Spam mill.
Anti-spam software protects hosts by identifying spam and performing an action, such as placing it into a junk folder or deleting it. It can be loaded on a machine locally, but can also be loaded on email servers. In addition, many ISPs offer spam filters. Anti-spam software does not recognize all spam, so it is important to open email carefully. It may also accidentally identify wanted email as spam and treat it as such.
In addition to using spam blockers, other preventative actions to prevent the spread of spam include:
Apply OS and application updates when available.
Run an Antivirus program regularly and keep it up to date.
Do not forward suspect emails.
Do not open email attachments, especially from people you do not know.
Set up rules in your email to delete spam that by-pass the anti-spam software.
Identify sources of spam and report it to a network administrator so it can be blocked.
Report incidents to the governmental agency that deals with abuse by spam.
One of the most common types of spam forwarded are virus warnings. While some virus warnings sent via email are true, a large amount of them are hoaxes and do not really exists. This type of spam can create problems because people warn others of the impending disaster and so flood the email system. In addition, network administrators may overreact and waste time investigating a problem that does not exist. Finally, many of these emails can actually contribute to the spread of viruses, worms and Trojan horses. Before forwarding virus warning emails, check to see if the virus is a hoax at a trusted source such as: http://vil.mcafee.com/hoax.asp or http://hoaxbusters.ciac.org/
Anti Spyware
Anti-Spyware and Adware
Spyware and adware can also cause virus-like symptoms. In addition to collecting unauthorized information, they can use important computer resources and affect performance. Anti-spyware software detects and deletes spyware applications, as well as prevents future installations from occurring. Many Anti-Spyware applications also include detection and deletion of cookies and adware. Some Anti-virus packages include Anti-Spyware functionality.
Pop-up Blockers
Pop-up stopper software can be installed to prevent pop-ups and pop-unders. Many web browsers include a pop-up blocker feature by default. Note that some programs and web pages create necessary and desirable pop-ups. Most pop-up blockers offer an override feature for this purpose.
Whats IS A firewall?
In addition to protecting individual computers and servers attached to the network, it is important to control traffic traveling to and from the network.
A Firewall is one of the most effective security tools available for protecting internal network users from external threats. A firewall resides between two or more networks and controls the traffic between them as well as helps prevent unauthorized access. Firewall products use various techniques for determining what is permitted or denied access to a network.
Packet Filtering – Prevents or allows access based on IP or MAC addresses
Application / Web Site Filtering – Prevents or allows access based on the application. Websites can be blocked by specifying a website URL address or keywords.
Stateful Packet Inspection (SPI) – Incoming packets must be legitimate responses to requests from internal hosts. Unsolicited packets are blocked unless permitted specifically. SPI can also include the capability to recognize and filter out specific types of attacks such as DoS.
Firewall products may support one or more of these filtering capabilities. Additionally, Firewalls often perform Network Address Translation (NAT). NAT translates an internal address or group of addresses into an outside, public address that is sent across the network. This allows internal IP addresses to be concealed from outside users.
Firewall products come packaged in various forms:
Appliance-based firewalls – An appliance-based firewall is a firewall that is built-in to a dedicated hardware device known as a security appliance.
Server-based firewalls – A server-based firewall consists of a firewall application that runs on a network operating system (NOS) such as UNIX, Windows or Novell.
Integrated Firewalls – An integrated firewall is implemented by adding firewall functionality to an existing device, such as a router.
Personal firewalls – Personal firewalls reside on host computers and are not designed for LAN implementations. They may be available by default from the OS or may be installed from an outside vendor.
Using A firewall
By placing the firewall between the internal network (intranet) and the Internet as a border device, all traffic to and from the Internet can be monitored and controlled. This creates a clear line of defense between the internal and external network. However, there may be some external customers that require access to internal resources. A demilitarized zone (DMZ) can be configured to accomplish this.
The term demilitarized zone is borrowed from the military, where a DMZ is a designated area between two powers where military activity is not permitted. In computer networking, a DMZ refers to an area of the network that is accessible to both internal and external users. It is more secure than the external network but not as secure as the internal network. It is created by one or more firewalls to separate the internal, DMZ and external networks. Web servers for public access are frequently placed in a DMZ.
Single firewall configuration
A single firewall has three areas, one for the external network, the internal network, and the DMZ. All traffic is sent to the firewall from the external network. The firewall is then required to monitor the traffic and determine what traffic should be passed to the DMZ, what traffic should be passed internally, and what should be denied altogether.
Two firewall configuration
In a two firewall configuration, there is an internal and external firewall with the DMZ located between them. The external firewall is less restrictive and allows Internet user access to the services in the DMZ as well as allowing a traffic that any internal user requested to pass through. The internal firewall is more restrictive and protects the internal network from unauthorized access.
A single firewall configuration is appropriate for smaller, less congested networks. However, a single firewall configuration does have a single point of failure and can be overloaded. A two-firewall configuration is more appropriate for larger, more complex networks that handle a lot more traffic.
Many home network devices, such as integrated routers, frequently include multi-function firewall software. This firewall typically provides Network Address Translation (NAT), Stateful Packet Inspection (SPI) and IP, Application and web site filtering capabilities. They also support DMZ capabilities.
With the integrated router, a simple DMZ can be set up that allows an internal server to be accessible by outside hosts. To accomplish this, the server requires a static IP address that must be specified in the DMZ configuration. The integrated router isolates traffic destined to the IP address specified. This traffic is then forwarded only to the switch port where the server is connected. All other hosts are still protected by the firewall.
When the DMZ is enabled, in its simplest form, outside hosts can access all ports on the server, such as 80 (HTTP), 21 (FTP), and 110 (Email POP3), etc.
A more restrictive DMZ can be set up using the port forwarding capability. With port forwarding, ports that should be accessible on the server are specified. In this case, only traffic destined for those port(s) is allowed, all other traffic is excluded.
The wireless access point within the integrated router is considered part of the internal network. It is important to realize that if the wireless access point is unsecured, anyone who connects to it is within the protected part of the internal network and is behind the firewall. Hackers can use this to gain access to the internal network and completely bypass any security.
Vulnerability Analisis
There are many vulnerability analysis tools for testing host and network security. These are known as security scanners, and can help identify areas where attacks might occur and offer guidance on steps that can be taken. While the capabilities of the vulnerability analysis tools can vary based on manufacturer, some of the more common features include determining:
Number of hosts available on a network
The services hosts are offering
The operating system and versions on the hosts
Packet filters and firewalls in use
Best Practise
There are several recommended practices to help mitigate the risks they pose, including:
Define security policies
Physically secure servers and network equipment
Set login and file access permissions
Update OS and applications
Change permissive default settings
Run anti-virus and anti-spyware
Update antivirus software files
Activate browser tools – Popup stoppers, anti-phishing, plug-in monitors
Use a firewall
The first step towards securing a network is to understand how traffic moves across the network and the different threats and vulnerabilities that exist. Once security measures are implemented, a truly secure network needs to be monitored constantly. Security procedures and tools need to be reviewed in order to stay ahead of evolving threats.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
Chapter Nine – smt1
September 9, 2008Troubleshooting
Troubleshooting is the process of identifying, locating and correcting problems that occur. Experienced individuals often rely on instinct to troubleshoot. However, there are structured techniques that can be used to determine the most probable cause and solution. When troubleshooting, proper documentation must be maintained. This documentation should include as much information as possible about:
The problem encountered
Steps taken to determine the cause of the problem
Steps to correct the problem and ensure that it will not reoccur
Document all steps taken in troubleshooting, even the ones that did not solve the issue. This documentation becomes a valuable reference should the same or similar problem occur again.
When a problem is reported, verify it and determine the extent. Once the problem is confirmed, the first step in troubleshooting is to gather information.
Gathering information
One of the first ways to gather information is to question the individual who reported the problem as well as any other affected users. Questions can include: end user experiences, observed symptoms, error messages and information about recent configuration changes to devices or applications.
Next, collect information about any equipment that may be affected. This can be gathered from documentation. A copy of all log files and a listing of any recent changes made to equipment configurations is also necessary. Other information on the equipment includes the manufacturer, make and model of devices affected, as well as ownership and warranty information. The version of any firmware or software on the device is also important because there may be compatibility problems with particular hardware platforms.
Information about the network can also be gathered using network monitoring tools. Network monitoring tools are complex applications often used on large networks to continually gather information about the state of the network and network devices. These tools may not be available for smaller networks.
Once all necessary information is gathered start the troubleshooting process.
Approaches To Troubleshooting
There are several different structured troubleshooting techniques available, including:
Top-down
Bottom-up
Divide-and-conquer
All of these structured approaches assume a layered concept of networking. An example of a layered approach is the OSI model, in which every function of communication is broken down into seven distinct layers. Using this model, a troubleshooter can verify all functionality at each layer until the problem is located and isolated.
Top-down starts with the application layer and works down. It looks at the problem from the point of view of the user and the application. Is it just one application that is not functioning, or do all applications fail? For example, can the user access various web pages on the Internet, but not email? Do other workstations have similar issues?
Bottom-up starts with the physical layer and works up. The physical layer is concerned with hardware and wire connections. Have cables been pulled out of their sockets? If the equipment has indicator lights, are they on or off?
Divide-and-Conquer typically begins troubleshooting at one of the middle layers and works up or down from there. For example, the troubleshooter may begin at the network layer, by verifying IP configuration information.
The structure of these approaches makes them ideally suited for the novice troubleshooter. More experienced individuals often bypass structured approaches and rely on instinct and experience. They may use less structured techniques such as trial and error or substitution.
Trial and Error
Trial and error relies on individual knowledge to determine the most probable cause of a problem. A troubleshooter makes an educated guess on the most likely solution based on past experience and knowledge of the network structure. Once the solution is implemented, if it does not work, the troubleshooter uses this information to help determine the next most likely cause. This process is repeated until the problem is isolated and solved.
While the trial and error approach has the potential to be extremely fast, it relies on the abilities and experiences of the troubleshooter and can result in incorrect assumptions and overlooking simple solutions.
Substitution
With this technique the problem is assumed to be caused by a specific hardware component or a configuration file. The defective part or code is replaced by a known good device or file. While not necessarily locating the problem, this technique can save time and quickly restore network functionality. This relies on the availability of substitute parts, components, and backup configuration files which can be very expensive to maintain.
An example of a substitution technique is when an ISP replaces a possible broken device rather than send a technician out to troubleshoot and locate a specific issue. This technique is also often used for inexpensive parts such as replacing network interface cards and patch cables.
Detecting The Pisical Problem
A large proportion of networking problems are related to physical components or problems with the physical layer.
Physical problems are concerned mainly with the hardware aspects of computers and networking devices and the cables that interconnect them. Physical problems do not consider the logical (software) configuration of devices.
Physical problems can occur in both wired and wireless networks. One of the best detection methods for physical problems is the use of the senses – vision, smell, touch and hearing.
Sofware Utilites For Trouble shooting Connectivity
A number of software utility programs are available that can help identify network problems. Most of these utilities are provided by the operating system as command line interface (CLI) commands. The syntax for the commands may vary between operating systems.
Some of the available utilities include:
ipconfig – Displays IP configuration information
ping – Tests connections to other IP hosts
tracert – Displays route taken to destination
netstat – Displays network connections
nslookup – Directly queries the name server for information on a destination domain
Trouble Shooting Using Ifconfig
Ipconfig
Ipconfig is used to display the current IP configuration information for a host. Issuing this command from the command prompt will display the basic configuration information including: IP address, subnet mask and default gateway.
Ipconfig /all
The command ipconfig /all displays additional information including the MAC address, IP addresses of the default gateway and the DNS servers. It also indicates if DHCP is enabled, the DHCP server address and lease information.
How can this utility assist in the troubleshooting process? Without an appropriate IP configuration, a host can not participate in communications on a network. If the host does not know the location of the DNS servers it cannot translate names into IP addresses.
Ipconfig /release and ipconfig /renew
If IP addressing information is assigned dynamically, the command ipconfig /release will release the current DHCP bindings. Ipconfig /renew will request fresh configuration information from the DHCP server. A host may contain faulty or outdated IP configuration information and a simple renewal of this information is all that is required to regain connectivity.
If after releasing the IP configuration, the host is unable to obtain fresh information from the DHCP server, it could be that there is no network connectivity. Verify that the NIC has an illuminated link light, indicating that it has a physical connection to the network. If this does not solve the problem, it may be an issue with the DHCP server or network connections to the DCHP server.
Trouble Shooting Using Ping
Ping
If the IP configuration appears to be correctly configured on the local host, next, test network connectivity by using ping. Ping is used to test if a destination host is reachable. The ping command can be followed by either an IP address or the name of a destination host, as for example:
ping 192.168.7.5
ping www.cisco.com
When a ping is sent to an IP address, a packet known as an echo request is sent across the network to the IP address specified. If the destination host receives the echo request, it responds with a packet known as an echo reply. If the source receives the echo reply, connectivity is verified.
If a ping is sent to a name, such as www.cisco.com , a packet is first sent to a DNS server to resolve the name to an IP address. Once the IP address is obtained, the echo request is forwarded to the IP address and the process proceeds. If a ping to the IP address succeeds, but a ping to the name does not, there is most likely a problem with DNS.
If pings to both the name and IP address are successful, but the user is still unable to access the application, then the problem most likely resides in the application on the destination host. For example, it may be that the requested service is not running.
If neither ping is successful, then network connectivity along the path to the destination is most likely the problem. If this occurs, it is common practice to ping the default gateway. If the ping to the default gateway is successful, the problem is not local. If the ping to the default gateway fails, the problem resides on the local network.
The basic ping command usually issues four echoes and waits for the replies to each one. It can, however, be modified to increase its usefulness. The Options listed in the graphic display additional features available.
Trouble Shooting Using Tracert
Tracert
The ping utility can verify end-to-end connectivity. However, if a problem exists and the device cannot ping the destination, the ping utility does not indicate where the connection was actually dropped. To accomplish this, another utility known as tracert must be used.
The Tracert utility provides connectivity information about the path a packet takes to reach the destination and about every router (hop) along the way. It also indicates how long a packet takes to get from source to each hop and back (round trip time). Tracert can help identify where a packet may have been lost or delayed due to bottlenecks or slowdowns in the network.
The basic tracert utility will only allow up to 30 hops between a source and destination device before it assumes that the destination is unreachable. This number is adjustable by using the -h parameter. Other modifiers, displayed as Options in the graphic, are also available.
Trouble Shooting Using Netstat
Netstat
Sometimes it is necessary to know which active TCP connections are open and running on a networked host. Netstat is an important network utility that can be used to verify those connections. Netstat lists the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection.
Unexplained TCP connections can pose a major security threat. This is because they can indicate that something or someone is connected to the local host. Additionally, unnecessary TCP connections can consume valuable system resources thus slowing down the host’s performance. Netstat should be used to examine the open connections on a host when performance appears to be compromised.
Many useful Options are available for the netstat command.
Trouble Shooting Using Nslookup
Nslookup
When accessing applications or services across the network, individuals usually rely on the DNS name instead of the IP address. When a request is sent to that name, the host must first contact the DNS server to resolve the name to the corresponding IP. The host then uses IP to package the information for delivery.
The nslookup utility allows an end-user to look up information about a particular DNS name in the DNS server. When the nslookup command is issued, the information returned includes the IP address of the DNS server being used as well as the IP address associated with the specified DNS name. Nslookup is often used as a troubleshooting tool for determining if the DNS server is performing name resolution as expected.
Connectivity Issues
Connectivity problems occur on wireless networks, wired networks and networks that use both. When troubleshooting a network with both wired and wireless connections, it is often best to troubleshoot using a divide-and -conquer technique to isolate the problem to either the wired or wireless network. The easiest way to determine if the problem is with the wired or the wireless network is to:
1. Ping from a wireless client to the default gateway – this verifies if the wireless client is connecting as expected.
2. Ping from a wired client to the default gateway – this verifies if the wired client is connecting as expected.
3. Ping from the wireless client to a wired client – this verifies if the integrated router is functioning as expected.
Once the problem is isolated it can be corrected.
LED Indicator
Regardless of whether the fault is present on the wireless or wired network, one of the first steps of troubleshooting should be to examine the LEDs, which indicate the current state or activity of a piece of equipment or connection. LEDs may change color or flash to convey information. The exact configuration and meaning of LEDs varies between manufacturers and devices.
Three types of LEDs are commonly found on devices – power, status and activity. On some devices a single LED may convey multiple pieces of information depending on the current status of the device. It is important to check the equipment documentation for the exact meaning of all indicators but some commonality does exist.
Inactive LEDs may be an indication of a device failure, port failure, or cabling issues. It is possible that the device is non-functional due to faulty hardware. The port itself might also have become faulty due to hardware or improperly configured software. Regardless of whether the network is wired or wireless, verify that the device and ports are up and functional before spending large amounts of time trying to troubleshoot other issues.
Connectivity Problem
Wired host cannot connect to the integrated router
If the wired client is unable to connect to the integrated router, one of the first things to check is the physical connectivity and cabling. Cabling is the central nervous system of wired networks and one of the most common issues when experiencing inactivity.
There are several issues to watch for in cabling:
1. Be sure to use the correct type of cable. Two types of TP cables are commonly encountered in networking: Straight-through cables and Cross-over cables. Using the wrong type of cable may prevent connectivity.
2. Improper cable termination is one of the main problems encountered in networks. To avoid this, cables should be terminated according to standards.
Terminate cables via 568A or 568B termination standard
Avoid untwisting too much cable during termination
Crimp connectors on the cable jacket to provide strain relief
3. Maximum cable run lengths exist based on characteristics of the different cables. Exceeding these run lengths can have a serious negative impact on network performance.
4. If connectivity is a problem, verify that the correct ports are being used between the networking devices.
5. Protect cables and connectors from physical damage. Support cables to prevent strain on connectors and run cable through areas that will not be in the way.
Trouble Shooting Radio Problem In WLAN
Wireless host cannot connect to the AP
If the wireless client is unable to connect to the AP, it may be because of wireless connectivity problems. Wireless communications rely on radio frequency signals (RF) to carry data. Many factors can affect our ability to connect hosts using RF.
1. Not all wireless standards are compatible. The 802.11a (5 GHz band) is not compatible with the 802.11b/g/n standards (2.4 GHz band). Within the 2.4 GHz band, each standard uses different technology. Unless specifically configured, equipment that conforms to one standard may not function with that conforming to another.
2. Each wireless conversation must occur on a separate, non-overlapping channel. Some AP devices can be configured to select the least congested or highest throughput channel. Although automatic settings work, manual setting of the AP channel provides greater control and may be necessary in some environments.
3. The strength of an RF signal decreases with distance. If the signal strength is too low, devices will be unable to reliably associate and move data. The signal may be dropped. The NIC client utility can be used to display the signal strength and connection quality.
4. RF signals are susceptible to interference from outside sources, including other devices functioning on the same frequency. A site survey should be used to detect for this.
5. APs share the available bandwidth between devices. As more devices associate with the AP, the bandwidth for each individual device will decrease causing network performance problems. The solution is to reduce the number of wireless clients using each channel.
Trouble Shooitng Asosiation And Authentication On WLAN
Wireless configuration problems
Modern WLANs incorporate various technologies to help secure the data on the WLAN: incorrect configuration of any of these can prevent communication. Some of the most common settings that are configured incorrectly include: the SSID, authentication and encryption.
1. The SSID is a case-sensitive, alpha-numeric string up to 32-characters. It must match on both the AP and client. If the SSID is broadcast and detected, this is not an issue. If the SSID is not broadcast, it must be manually entered onto the client. If the client is configured with the wrong SSID, it will not associate with the AP. Additionally, if another AP is present that is broadcasting the SSID, the client may automatically associate to it.
2. On most APs open authentication is configured by default, allowing all devices to connect. If a more secure form of authentication is configured, a key is necessary. Both the client and the AP must be configured with the same key. If the keys do not match, authentication will fail and the devices will not associate.
Encryption is the process of altering the data so that it is not usable by anyone without the proper encryption key. If encryption is enabled, the same encryption key must be configured on both the AP and the client. If the client associates with the AP but can not send or receive data, the encryption key may be the issue.
DHCP Issues
Determining if your computer is obtaining the correct IP address
If the physical connection to the wired or wireless host appears to be connecting as expected, next, check the IP configuration of the client.
The IP configuration can have a major impact on the ability for a host to connect to the network. An integrated router, such as the Linksys wireless router, acts as a DHCP server for local wired and wireless clients and provides IP configuration, including the IP address, subnet mask, default gateway, and possibly even IP addresses of DNS servers. The DHCP server binds the IP address to a client’s MAC address and stores that information in a client table. On the home Linksys wireless router, this table can be examined through the Status | Local Network page in the GUI.
The client table information should match the local host information, which can be obtained from the ipconfig /all command. Additionally, the IP address on the client must be on the same network as the LAN interface of the Linksys device. The LAN interface of the Linksys device should be set as the default gateway. If the client configuration information does not agree with information in the client table, the address should be released (ipconfig /release) and renewed (ipconfig /renew) to form a new binding.
If both the wired and wireless clients are obtaining the correct IP configuration, and can connect to the Linksys device, but are unable to ping each other, the problem is most likely occurring on the Linksys device. Check all configurations on the Linksys device to ensure no security restrictions could be causing the issue.
Trouble Shooting The IRS To ISP Connection
Wired and wireless hosts can connect to each other, but not to the Internet
If hosts on the wired and wireless local network can connect to the integrated router and with other hosts on the local network, but not to the Internet, the problem may be in the connection between the integrated router and the ISP.
There are many ways to verify connectivity between the integrated router and the ISP. Using the GUI, one way to check connectivity is to examine the router status page. It should show the IP address assigned by the ISP and should indicate if the connection is established.
If this page shows no connection, the integrated router may not be connected. Check all physical connections and LED indicators. If the DSL or Cable modem is a separate device, check those connections and indicators as well. If the ISP requires a login name or password, check that they are configured to match those given by the ISP. Using the GUI, password configurations can normally be located on the Setup configuration page. Next, try to re-establish connectivity by clicking the Connect, or IP address renew, button on the status page. If the integrated router will still not connect, contact the ISP to see if the issue is occurring from their end.
If the status page shows that the connection is up, but a ping to an Internet site fails, it may be that the individual site is down. Try pinging another site to see if that is successful. If not, check for security measures that are enabled that may be creating the issue, such as port filtering.
Documentation
Network documentation is an important part of any troubleshooting process. Network documentation should include a normal or baseline measurement of network performance against which potential problems can be judged.
The performance baseline can include the types of traffic normally expected, as well as the volume of traffic to and from servers and network devices. The baseline should be documented just after the network is installed, when it is running optimally. Baseline performance should be re-established after any major changes to the network are implemented.
Additionally, documentation such as topology maps, network diagrams and addressing schemes can provide valuable information when a troubleshooter is trying to understand the physical layout of the network and the logical flow of information.
When troubleshooting, documentation should be maintained during the troubleshooting process. This documentation can be a valuable reference and can be used when future issues arise. Good troubleshooting documentation should include:
Initial problem
Steps taken to isolate the problem
Results of all steps taken, both successful and unsuccessful
Final determined cause of the problem
Final problem resolution
Preventative measures
Using Outside Sources For Help
If, during the troubleshooting process, the troubleshooter is unable to determine the problem and its resolution, it might be necessary to obtain assistance from outside sources. Some of the most common sources for help include:
Previously kept documentation
Online FAQs (Frequently Asked Questions)
Colleagues and other network professionals
Internet forums
Using The Helpdesk
The helpdesk is the end-user’s first stop for assistance. The helpdesk is a group of individuals with the knowledge and tools required to help diagnose and correct common problems. It provides assistance for the end-user to determine if a problem exists, the nature of the problem, and the solution.
Many companies and ISPs establish helpdesks to assist their users with networking problems. Most large IT companies run helpdesks for their individual products or technologies. For example, Cisco Systems offers helpdesk assistance for problems integrating Cisco equipment into a network, or problems that may occur after installation.
There are many ways to contact a helpdesk, including email, live chat, and phone. While email is good for non-urgent problems, phone or live chat is better for network emergencies. This is especially important in organizations such as banks where small amounts of downtime can cost large amounts of money.
If necessary, the helpdesk can take control of a local host through remote access software. This allows helpdesk technicians to run diagnostic programs and interact with the host and network without having to physically travel to a job site. This greatly reduces the wait time for problem resolution and allows the helpdesk to assist more users.
As an end user, it is important to give the help desk as much information as possible. The helpdesk will require information on any service or support plans that are in place along with specific details of the affected equipment. This can include make, model and serial number along with the version of firmware or operating system running on the device. They may also require the IP and MAC address of the malfunctioning device. The helpdesk will require information specific to the problem including:
Symptoms encountered
Who encountered the problem
When the problem manifests
Steps taken to identify the problem
Results of steps taken
If this is a follow-up call, be prepared to provide the date and time of the previous call, the ticket number, and name of the technician. Be at the affected equipment, and be prepared to provide the helpdesk staff with access to the equipment if requested.
A helpdesk is generally organized in a series of levels of experience and knowledge. If the first-level helpdesk staff is unable to solve the problem they may escalate the problem to a higher level. Higher level staff are generally more knowledgeable and have access to resources and tools that the first-level helpdesk does not.
Record all information regarding the interaction with the helpdesk, such as:
Time/date of call
Name/ID of technician
Problem reported
Course of action taken
Resolution/escalation
Next steps (follow-up)
By working together with the helpdesk, most problems can be resolved quickly and easily. Once resolved, be sure to update all documentation accordingly for future reference.
Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels
