DATA COMMUNICATION & NETWORKING

HDCS 3229

CHAPTER 1

1.0 INTRODUCTION AND BASICS OF DATA COMMUNICATION MODEL

1
Data Communications is the transfer of data or information between a source and a receiver. The
source transmits the data and the receiver receives it. Data communication involved the following like
communication networks, different communication services required, the kind of networks available,
protocol architectures, OSI models, TCP/IP protocol models etc. Data Communication is interested in
the transfer of data, the method of transfer and the preservation of the data during the transfer process.

In Local Area Networks, we are interested in "connectivity", connecting computers together to share
resources. Even though the computers can have different disk operating systems, languages, cabling
and locations, they still can communicate to one another and share resources.

The purpose of Data Communications is to provide the rules and regulations that allow computers with
different disk operating systems, languages, cabling and locations to share resources. The rules and
regulations are called protocols and standards in Data Communications.

Source
It is the generator of data that will pass on the destination using networks. Without any request source
never passes the data to destination. So, if source is passing the data means any of the destinations is
requesting for data using some query languages.

Transmitter
It is simply a device used to convert the data as per the destination requirement. For example a modem,
converts the analog (telephonic signals) signal to digital (computer signals) signals and alternatively
digital to analog also.

Transmission System
To transmit the data on different connected systems we use different transmission systems. Data
transmission using transmission system means the physical transfer of data over point-to-point or
point-to-multipoint communication channels. Example of such channels are copper wires, optical
fibers even wireless communication channels etc.

Receiver
This receives the signals from the transmission system and converts it into a form that is suitable to the
destination device. For example, a modem accepts analog signal from a transmission channel and
transforms it into digital bit stream which is acceptable by computer system.

Destination
It is simply a device for which source device sends the data.

1.1 TYPES OF DATA TRANSMISSION

2
1. Parallel transmission

Definition: Within a computing or communication device, the distances between different subunits are
too short. Thus, it is normal practice to transfer data between subunits using a separate wire to carry
each bit of data. There are multiple wires connecting each sub-unit and data is exchanged using a
parallel transfer mode. This mode of operation results in minimal delays in transferring each word.

• In parallel transmission, all the bits of data are transmitted simultaneously on separate
communication lines.

• In order to transmit n bits, n wires or lines are used. Thus each bit has its own line.

• All n bits of one group are transmitted with each clock pulse from one device to another i.e. multiple
bits are sent with each clock pulse.

• Parallel transmission is used for short distance communication.

• As shown in the fig, eight separate wires are used to transmit 8 bit data from sender to receiver.

Advantage of parallel transmission

It is a speedy way of transmitting data as multiple bits are transmitted simultaneously with a single
clock pulse.

Disadvantage of parallel transmission

It is costly method of data transmission as it requires n lines to transmit n bits at the same time.

2. Serial Transmission

3
Definition: When transferring data between two physically separate devices, especially if the
separation is more than a few
kilometers, for reasons of cost, it is
more economical to use a single pair
of lines. Data is transmitted as a
single bit at a time using a fixed time
interval for each bit. This mode of
transmission is known as bit-serial
transmission.

• In serial transmission, the various bits of data are transmitted serially one after the other.

• It requires only one communication line rather than n lines to transmit data from sender to receiver.

• Thus all the bits of data are transmitted on single line in serial fashion.

• In serial transmission, only single bit is sent with each clock pulse.

• As shown in fig., suppose an 8-bit data 11001010 is to be sent from source to destination. Then least
significant bit (LSB) i,e. 0 will be transmitted first followed by other bits. The most significant bit
(MSB) i.e. 1 will be transmitted in the end via single communication line.

• The internal circuitry of computer transmits data in parallel fashion. So in order to change this
parallel data into serial data, conversion devices are used.

• These conversion devices convert the parallel data into serial data at the sender side so that it can be
transmitted over single line.

• On receiver side, serial data received is again converted to parallel form so that the interval circuitry
of computer can accept it

• Serial transmission is used for long distance communication.

Advantage of Serial transmission

Use of single communication line reduces the transmission line cost by the factor of n as compared to
parallel transmission.

Disadvantages of Serial transmission

1. Use of conversion devices at source and destination end may lead to increase in overall transmission
cost.

2. This method is slower as compared to parallel transmission as bits are transmitted serially one after
the other.

1.2 TYPES OF SERIAL TRANSMISSION

4
There are two types of serial transmission-synchronous and asynchronous both these transmissions use
'Bit synchronization'

Bit Synchronization is a function that is required to determine when the beginning and end of the data
transmission occurs.

Bit synchronization helps the receiving computer to know when data begin and end during a
transmission. Therefore bit synchronization provides timing control.

Asynchronous Transmission

• Asynchronous transmission sends only one character at a time where a character is either a letter of
the alphabet or number or control character i.e. it sends one byte of data at a time.

• Bit synchronization between two devices is made possible using start bit and stop bit.

• Start bit indicates the beginning of data i.e. alerts the receiver to the arrival of new group of bits. A
start bit usually 0 is added to the beginning of each byte.

• Stop bit indicates the end of data i.e. to let the receiver know that byte is finished, one or more
additional bits are appended to the end of the byte. These bits, usually 1s are called stop bits.

• Addition of start and stop increase the number of data bits. Hence more bandwidth is consumed in
asynchronous transmission.

• There is idle time between the transmissions of different data bytes. This idle time is also known as
Gap

• The gap or idle time can be of varying intervals. This mechanism is called Asynchronous, because at
byte level sender and receiver need not to be synchronized. But within each byte, receiver must be
synchronized with the incoming bit stream.

Application of Asynchronous Transmission

1. Asynchronous transmission is well suited for keyboard type-terminals and paper tape devices. The
advantage of this method is that it does not require any local storage at the terminal or the computer as
transmission takes place character by character.

5
2. Asynchronous transmission is best suited to Internet traffic in which information is transmitted in
short bursts. This type of transmission is used by modems.

Advantages of Asynchronous transmission

1. This method of data transmission is cheaper in cost as compared to synchronous e.g. If lines are
short, asynchronous transmission is better, because line cost would be low and idle time will not be
expensive.

2. In this approach each individual character is complete in itself; therefore if character is corrupted
during transmission, its successor and predecessor character will not be affected.

3. It is possible to transmit signals from sources having different bit rates.

4. The transmission can start as soon as data byte to be transmitted becomes available.

5. Moreover, this mode of data transmission in easy to implement.

Disadvantages of asynchronous transmission

1. This method is less efficient and slower than synchronous transmission due to the overhead of
extra bits and insertion of gaps into bit stream.

2. Successful transmission inevitably depends on the recognition of the start bits. These bits can be
missed or corrupted.

Synchronous Transmission

• Synchronous transmission does not use start and stop bits.

• In this method bit stream is combined into longer frames that may contain multiple bytes.

• There is no gap between the various bytes in the data stream.

6
• In the absence of start & stop bits, bit synchronization is established between sender & receiver by
'timing' the transmission of each bit.

• Since the various bytes are placed on the link without any gap, it is the responsibility of receiver to
separate the bit stream into bytes so as to reconstruct the original information.

• In order to receive the data error free, the receiver and sender operates at the same clock frequency.

Application of Synchronous transmission

• Synchronous transmission is used for high speed communication between computers.

Advantage of Synchronous transmission

1. This method is faster as compared to asynchronous as there are no extra bits (start bit & stop bit)
and also there is no gap between the individual data bytes.

Disadvantages of Synchronous transmission

1. It is costly as compared to asynchronous method. It requires local buffer storage at the two ends of
line to assemble blocks and it also requires accurately synchronized clocks at both ends. This lead to
increase in the cost.

2. The sender and receiver have to operate at the same clock frequency. This requires proper
synchronization which makes the system complicated.

Comparison between Serial and Parallel transmission

7
Comparison between Asynchronous and Synchronous.

1.3 TRANSMISSION IMPAIRMENT

When signals travel through the medium they tend to deteriorate. This may have many reasons as
given:

 Attenuation

For the receiver to interpret the data accurately, the signal must be sufficiently strong. When
the signal passes through the medium, it tends to get weaker. As it covers distance, it loses
strength.

 Dispersion

As signal travels through the media, it tends to spread and overlaps. The amount of dispersion
depends upon the frequency used.

 Delay distortion

Signals are sent over media with pre-defined speed and frequency. If the signal speed and
frequency do not match, there are possibilities that signal reaches destination in arbitrary

8
 fashion. In digital media, this is very critical that some bits reach earlier than the previously
sent ones.

 Noise

Random disturbance or fluctuation in analog or digital signal is said to be Noise in signal,

which may distort the actual information being carried. Noise can be characterized in one of the
following class:

o Thermal Noise

Heat agitates the electronic conductors of a medium which may introduce noise in the
media. Up to a certain level, thermal noise is unavoidable.

o Intermodulation

When multiple frequencies share a medium, their interference can cause noise in the
medium. Intermodulation noise occurs if two different frequencies are sharing a
medium and one of them has excessive strength or the component itself is not
functioning properly, then the resultant frequency may not be delivered as expected.

o Crosstalk

This sort of noise happens when a foreign signal enters into the media. This is because
signal in one medium affects the signal of second medium.

o Impulse

This noise is introduced because of irregular disturbances such as lightening, electricity,

short-circuit, or faulty components. Digital data is mostly affected by this sort of noise.

1.4 SIGNALS

When data is sent over physical medium, it needs to be first converted into electromagnetic signals.
Data itself can be analog such as human voice, or digital such as file on the disk. Both analog and
digital data can be represented in digital or analog signals.

 Digital Signals

Digital signals are discrete in nature and represent sequence of voltage pulses. Digital signals
are used within the circuitry of a computer system.

 Analog Signals

Analog signals are in continuous wave form in nature and represented by continuous
electromagnetic waves.

9
 CHAPTER TWO
OSI MODEL

PHYSICAL Layer - OSI Model

Physical layer is the lowest layer of all. It is

responsible for sending bits from one computer to
another. This layer is not concerned with the
meaning of the bits and deals with the physical
connection to the network and with transmission
and reception of signals.

This layer defines electrical and physical details

represented as 0 or a 1. How many pins a network
will contain, when the data can be transmitted or
not and how the data would be synchronized.

FUNCTIONS OF PHYSICAL LAYER:

1. Representation of Bits: Data in this layer consists of stream of bits. The bits must be encoded
into signals for transmission. It defines the type of encoding i.e. how 0’s and 1’s are changed to
signal.
2. Data Rate: This layer defines the rate of transmission which is the number of bits per second.
3. Synchronization: It deals with the synchronization of the transmitter and receiver. The sender
and receiver are synchronized at bit level.
4. Interface: The physical layer defines the transmission interface between devices and
transmission medium.
5. Line Configuration: This layer connects devices with the medium: Point to Point
configuration and Multipoint configuration.
6. Topologies: Devices must be connected using the following topologies: Mesh, Star, Ring and
Bus.
7. Transmission Modes: Physical Layer defines the direction of transmission between two
devices: Simplex, Half Duplex, Full Duplex.
8. Deals with baseband and broadband transmission.

DATA LINK Layer - OSI Model

Data link layer is most reliable node to node delivery of

data. It forms frames from the packets that are received
from network layer and gives it to physical layer. It also
synchronizes the information which is to be transmitted
over the data. Error controlling is easily done. The
encoded data are then passed to physical.

Error detection bits are used by the data link layer. It also
corrects the errors. Outgoing messages are assembled into frames. Then the system waits for the
acknowledgements to be received after the transmission. It is reliable to send message.

10
FUNCTIONS OF DATA LINK LAYER:

1. Framing: Frames are the streams of bits received from the network layer into manageable data
units. This division of stream of bits is done by Data Link Layer.
2. Physical Addressing: The Data Link layer adds a header to the frame in order to define
physical address of the sender or receiver of the frame, if the frames are to be distributed to
different systems on the network.
3. Flow Control: A flow control mechanism to avoid a fast transmitter from running a slow
receiver by buffering the extra bit is provided by flow control. This prevents traffic jam at the
receiver side.
4. Error Control: Error control is achieved by adding a trailer at the end of the frame.
Duplication of frames are also prevented by using this mechanism. Data Link Layers adds
mechanism to prevent duplication of frames.
5. Access Control: Protocols of this layer determine which of the devices has control over the
link at any given time, when two or more devices are connected to the same link.

Network Layer - OSI Model

The main aim of this layer is to deliver packets

from source to destination across multiple links
(networks). If two computers (system) are
connected on the same link then there is no
need for a network layer. It routes the signal
through different channels to the other end and
acts as a network controller.

It also divides the outgoing messages into

packets and to assemble incoming packets into messages for higher levels.

FUNCTIONS OF NETWORK LAYER:

1. It translates logical network address into physical address. Concerned with circuit, message or
packet switching.
2. Routers and gateways operate in the network layer. Mechanism is provided by Network Layer
for routing the packets to final destination.
3. Connection services are provided including network layer flow control, network layer error
control and packet sequence control.
4. Breaks larger packets into small packets.

Transport Layer - OSI Model

The main aim of transport layer is to be delivered

the entire message from source to destination.
Transport layer ensures whole message arrives
intact and in order, ensuring both error control and
flow control at the source to destination level. It
decides if data transmission should be on parallel
path or single path. Transport layer breaks the message (data) into small units so that they are handled
11
more efficiently by the network layer and ensures that message arrives in order by checking error and
flow control.

FUNCTIONS OF TRANSPORT LAYER:

1. Service Point Addressing : Transport Layer header includes service point address which is
port address. This layer gets the message to the correct process on the computer unlike Network
Layer, which gets each packet to the correct computer.
2. Segmentation and Reassembling : A message is divided into segments; each segment
contains sequence number, which enables this layer in reassembling the message. Message is
reassembled correctly upon arrival at the destination and replaces packets which were lost in
transmission.
3. Connection Control : It includes 2 types :
o Connectionless Transport Layer : Each segment is considered as an independent packet
and delivered to the transport layer at the destination machine.
o Connection Oriented Transport Layer : Before delivering packets, connection is made
with transport layer at the destination machine.
4. Flow Control : In this layer, flow control is performed end to end.
5. Error Control : Error Control is performed end to end in this layer to ensure that the complete
message arrives at the receiving transport layer without any error. Error Correction is done
through retransmission.

Session Layer - OSI Model

Its main aim is to establish, maintain and

synchronize the interaction between communicating
systems. Session layer manages and synchronize the
conversation between two different applications.
Transfer of data from one destination to another
session layer streams of data are marked and are
resynchronized properly, so that the ends of the
messages are not cut prematurely and data loss is
avoided.

FUNCTIONS OF SESSION LAYER:

1. Dialog Control : This layer allows two systems to start communication with each other in half-
duplex or full-duplex.
2. Synchronization : This layer allows a process to add checkpoints which are considered as
synchronization points into stream of data. Example: If a system is sending a file of 800 pages,
adding checkpoints after every 50 pages is recommended. This ensures that 50 page unit is
successfully received and acknowledged. This is beneficial at the time of crash as if a crash
happens at page number 110; there is no need to retransmit 1 to100 pages.

Presentation Layer - OSI Model

The primary goal of this layer is to take care of the syntax and semantics of the information exchanged
between two communicating systems. Presentation layer takes care that the data is sent in such a way
12
 that the receiver will understand the information
(data) and will be able to use the data. Languages
(syntax) can be different of the two
communicating systems. Under this condition
presentation layer plays a role translator.

FUNCTIONS OF PRESENTATION LAYER:

1. Translation : Before being transmitted, information in the form of characters and numbers
should be changed to bit streams. The presentation layer is responsible for interoperability
between encoding methods as different computers use different encoding methods. It translates
data between the formats the network requires and the format the computer.
2. Encryption : It carries out encryption at the transmitter and decryption at the receiver.
3. Compression : It carries out data compression to reduce the bandwidth of the data to be
transmitted. The primary role of Data compression is to reduce the number of bits to be
0transmitted. It is important in transmitting multimedia such as audio, video, text etc.

Application Layer - OSI Model

It is the top most layer of OSI Model.

Manipulation of data (information) in various
ways is done in this layer which enables user or
software to get access to the network. Some
services provided by this layer includes: E-Mail,
transferring of files, distributing the results to
user, directory services, network resource etc.

FUNCTIONS OF APPLICATION LAYER:

1. Mail Services : This layer provides the basis for E-mail forwarding and storage.
2. Network Virtual Terminal : It allows a user to log on to a remote host. The application
creates software emulation of a terminal at the remote host. User’s computer talks to the
software terminal which in turn talks to the host and vice versa. Then the remote host believes
it is communicating with one of its own terminals and allows user to log on.
3. Directory Services : This layer provides access for global information about various services.
4. File Transfer, Access and Management (FTAM) : It is a standard mechanism to access files
and manages it. Users can access files in a remote computer and manage it. They can also
retrieve files from a remote computer.

13
 CHAPTER THREE

CHARACTERISTICS OF NETWORK MEDIA & CABLING

When it comes to working with an existing network or implementing a new network, you need to be
able to identify the characteristics of network media and their associated cabling. This tutorial focuses
on the media and connectors used in today's networks.

3.0 GENERAL MEDIA CONSIDERATIONS

In addition to identifying the characteristics of network media and their associated cabling, an
administrator requires knowledge of some general terms and concepts that are associated with network
media. Before looking at the individual media types, it is a good idea to first have an understanding of
some general media considerations.

BROADBAND VERSUS BASEBAND

Networks employ two types of signaling methods: baseband and broadband. Baseband transmissions
use digital signaling over a single wire. Communication on baseband transmissions is bidirectional,
allowing signals to be sent and received but not at the same time. To send multiple signals on a single
cable, baseband uses something called Time Division Multiplexing (TDM). TDM divides a single
channel into time slots.

In terms of LAN network standards, broadband transmissions, on the other hand, use analog
transmissions. For broadband transmissions to be sent and received, the media has to be split into two
channels. Multiple channels are created using Frequency Division-Multiplexing (FDM).

Simplex, half duplex, and full duplex are referred to as dialog modes, and they determine the direction
in which data can flow through the network media.

Simplex allows for one-way communication of data through the network, with the full bandwidth of
the cable being used for the transmitting signal. One-way communication is of little use on LANs,
making it unusual at best for network implementations. Far more common is the half-duplex mode,
which accommodates transmitting and receiving on the network but not at the same time. Many
networks are configured for half-duplex communication.

The preferred dialog mode for network communication is the full-duplex mode. To use full duplex,
both the network card and the hub or switch must support full duplexing. Devices configured for full
duplexing are capable of transmitting and receiving simultaneously. This means that 100Mbps network
cards are capable of transmitting at 200Mbps using full-duplex mode.

3.1 MEDIA INTERFERENCE

Depending on where network cabling (commonly referred to as media) is installed, interference can be
a major consideration. Two types of media interference can adversely affect data transmissions over
network media: electromagnetic interference (EMI) and crosstalk.

14
EMI is a problem when cables are installed near electrical devices, such as air conditioners or
fluorescent light fixtures. If a network media is placed close enough to such a device, the signal within
the cable might become corrupt. Network media vary in their resistance to the effects of EMI. Standard
UTP cable is susceptible to EMI, whereas fiber cable with its light transmissions is resistant to EMI.
When deciding on a particular media, consider where it will run and the impact EMI can have on the
installation.

A second type of interference is crosstalk. Crosstalk refers to how the data signals on two separate
media interfere with each other. The result is that the signal on both cables can become corrupt. As
with EMI, media varies in its resistance to crosstalk, with fiber-optic cable being the most resistant.

Attenuation refers to the weakening of data signals as they travel through a respective media. Network
media varies in its resistance to attenuation. Coaxial cable is generally more resistant than UTP, STP is
slightly more resistant than UTP, and fiber-optic cable does not suffer from attenuation at all. That's
not to say that a signal does not weaken as it travels over fiber-optic cable, but the correct term for this
weakening is 'chromatic dispersion,' rather than attenuation.

It's important to understand attenuation or chromatic dispersion and the maximum distances specified
for network media. Exceeding a media's distance without using repeaters can cause hard-to-
troubleshoot network problems. Most attenuation or chromatic dispersion related difficulties on a
network require using a network analyzer to detect them.

3.2 DATA TRANSMISSION RATES

One of the more important media considerations is the supported data transmission rate or speed.
Different media types are rated to certain maximum speeds, but whether or not they are used to this
maximum depends on the networking standard being used and the network devices connected to the
network.

Transmission rates are normally measured by the number of data bits that can traverse the media in a
single second. In the early days of data communications, this measurement was expressed as bits per
second (bps), but today's networks are measured in Mbps (megabits per second) and Gbps (gigabits per
second).

The different network media vary greatly in the transmission speeds they support. Many of today's
application-intensive networks require more than the 10Mbps offered by the older networking
standards. In some cases, even 100Mbps, which is found in many modern LANs, is simply not enough
to meet current network needs. For this reason, many organizations deploy 1Gbps networks, and some
now even go for 10Gbps implementations.

Whatever type of network is used, some type of network media is needed to carry signals between
computers. Two types of media are used in networks: cable-based media, such as twisted pair, and the
media types associated with wireless networking, such as radio waves.

In networks using cable-based media, there are three basic choices:

 Twisted pair
15
  Coaxial
 Fiber-optic

Twisted-pair and coaxial cables both use copper wire to conduct the signals electronically; fiber-optic
cable uses a glass or plastic conductor and transmits the signals as light.

For many years, coaxial was the cable of choice for most LANs. Today, however (and for the past 10
years), twisted pair has proved to be far and away the cable media of choice, thus retiring coax to the
confines of storage closets. Fiber-optic cable has also seen its popularity rise butbecause of costhas
been primarily restricted to use as a network backbone where segment length and higher speeds are
needed. That said, fiber is now increasingly common in server room environments as a server to switch
connection method, and in building to building connections in what are termed as metropolitan area
networks (MANs).

The following sections summarize the characteristics of each of these cable types.

Twisted-pair cabling has been around a very long time. It was originally created for voice
transmissions and has been widely used for telephone communication. Today, in addition to telephone
communication, twisted pair is the most widely used media for networking.

The popularity of twisted pair can be attributed to the fact that it is lighter, more flexible, and easier to
install than coaxial or fiber-optic cable. It is also cheaper than other media alternatives and can achieve
greater speeds than its coaxial competition. These factors make twisted pair the ideal solution for most
network environments.

Two main types of twisted-pair cabling are in use today: Unshielded Twisted Pair
(UTP) and Shielded Twisted Pair (STP). UTP is significantly more commonplace
than STP and is used for most networks. Shielded twisted pair is used in
environments in which greater resistance to EMI and attenuation is required. The
greater resistance comes at a price, however. The additional shielding, plus the
need to ground that shield (which requires special connectors), can significantly
add to the cost of a cable installation of STP.

STP provides the extra shielding by using an insulating material that is wrapped
around the wires within the cable. This extra protection increases the distances
that data signals can travel over STP but also increases the cost of the cabling.

There are several categories of twisted-pair cabling, with the early categories most commonly
associated with voice transmissions. The categories are specified by the Electronics Industries
Association/Telecommunications Industries Association (EIA/TIA). Table 1 shows the categories
along with the speeds that they are used to support in common network implementations.

Table 1 UTP Cable Categories

Category Common Application
1 Analog voice applications
2 1Mbps

16
 Table 1 UTP Cable Categories
Category Common Application
3 16Mbps
4 20Mbps
5 100Mbps
5e 1000Mbps
6 1000Mbps +

Coaxial cable, or coax as it is commonly referred to, has been around for a long time. Coax found
success in both TV signal transmission as well as in network implementations. Coax is constructed
with a copper core at the center that carries the signal, plastic insulation, braided metal shielding, and
an outer plastic covering. Coaxial cable is constructed in this way to add resistance to attenuation (the
loss of signal strength as it travels over distance), crosstalk (the degradation of a signal caused by
signals from other cables running close to it), and EMI (electromagnetic interference). Figure 2 shows
the construction of coaxial cabling.

Networks can use two types of coaxial cabling: thin coaxial and thick
coaxial. Both have fallen out of favor, but you might still encounter thin
coax in networks.

Thin Coax

Thin coax is much more likely to be seen than thick coax in today's networks, but it isn't common,
either. Thin coax is only .25 inches in diameter, making it fairly easy to install. Unfortunately, one of
the disadvantages of all thin coax types is that they are prone to cable breaks, which increase the
difficulty when installing and troubleshooting coaxial-based networks.

There are several types of thin coax cable, each of which has a specific use. Table 2 summarizes the
categories of thin coax.

Table 2 Thin Coax Categories

Cable Type
RG-58 /U Solid copper core
RG-58 A/U Stranded wire core
RG-58 C/U Military specification
RG-6 Used for cable TV and cable modems

In many ways, fiber-optic media addresses the shortcomings associated with copper-based media.
Because fiber-based media use light transmissions instead of electronic pulses, threats such as EMI,
crosstalk, and attenuation become a nonissue. Fiber is well suited for the transfer of data, video, and
17
voice transmissions. In addition, fiber-optic is the most secure of all cable media. Anyone trying to
access data signals on a fiber-optic cable must physically tap into the media. Given the composition of
the cable, this is a particularly difficult task.

Unfortunately, despite the advantages of fiber-based media over copper, it

still does not enjoy the popularity of twisted-pair cabling. The moderately
difficult installation and maintenance procedures of fiber often require
skilled technicians with specialized tools. Furthermore, the cost of a fiber-
based solution limits the number of organizations that can afford to
implement it. Another sometimes hidden drawback of implementing a
fiber solution is the cost of retrofitting existing network equipment. Fiber
is incompatible with most electronic network equipment. This means that
you have to purchase fiber-compatible network hardware.

Fiber-optic cable itself is composed of a core glass fiber surrounded by

cladding. An insulated covering then surrounds both of these within an outer protective sheath. Figure
3 shows the composition of a fiber-optic cable.

Two types of fiber-optic cable are available: single and multimode fiber. In multimode fiber, many
beams of light travel through the cable bouncing off of the cable walls. This strategy actually weakens
the signal, reducing the length and speed the data signal can travel. Single-mode fiber uses a single
direct beam of light, thus allowing for greater distances and increased transfer speeds. Some of the
common types of fiber-optic cable include the following:

 62.5 micron core/125 micron cladding multimode

 50 micron core/125 micron cladding multimode
 8.3 micron core/125 micron cladding single mode

In the ever-increasing search for bandwidth that will keep pace with the demands of modern
applications, fiber-optic cables are sure to play a key role.

A variety of connectors are used with the associated network media. Media connectors attach to the
transmission media and allow the physical connection into the computing device. It is necessary to
identify the connectors associated with the specific media. The following sections identify the
connectors and associated media.

3.3 CONNECTORS

BNC connectors are associated with coaxial media and 10Base2 networks. BNC
connectors are not as common as they once were, but still are used on some
networks, older network cards, and older hubs. Common BNC connectors
include a barrel connector, T-connector, and terminators. Figure 4 shows two
terminators (top and bottom) and two T-connectors (left and right).

RJ (Registered Jack) -11 connectors are small plastic connectors used on

telephone cables. They have capacity for six small pins. However, in many cases, not
all the pins are used. For example, a standard telephone connection only uses two pins,
while a cable used for a DSL modem connection uses four.
18
RJ-11 connectors are somewhat similar to RJ-45 connectors, which are discussed next, though they are
a little smaller. Both RJ-11 and RJ-45 connectors have small plastic flange on top of the connector to
ensure a secure connection. Figure 5 shows two views of an RJ-11 connector.

RJ-45 connectors are the ones you are most likely going to encounter in your
network travels. RJ-45 connectors are used with twisted-pair cabling, the
most prevalent network cable in use today. RJ-45 connectors resemble the
aforementioned RJ-11 phone jacks, but support up to eight wires instead of
the six supported by RJ-11 connectors. RJ-45 connectors are also larger.
Figure 6 shows the RJ-45 connectors.

F-Type connectors are screw on connections used for attaching coaxial cable
to devices. In the world of modern networking, F-Type connectors are most
commonly associated with connecting Internet modems to cable or satellite Internet
provider's equipment. However, they are also used for connecting to some
proprietary peripherals.

F-Type connectors have a 'nut' on the connection that provides something to grip as the connection is
tightened by hand. If necessary, this nut can be also be lightly gripped with pliers to aid disconnection.
Figure 7 shows an example of an F-Type connector.

A variety of connectors are associated with fiber cabling, and there are several
ways of connecting these connectors. These include bayonet, snap-lock, and
push-pull connectors. Figure 8 shows the fiber connectors.

Universal Serial Bus (USB) ports are now an extremely common sight on both
desktop and laptop computer systems. Like IEEE1394, USB is associated more
with connecting consumer peripherals such as MP3 players and digital cameras
than networking. However, many manufacturers now make wireless network cards
that plug directly in to a USB port. Most desktop and laptop computers have
between two and four USB ports, but USB hubs are available that provide
additional ports if required.

There are a number of connectors associated with USB ports, but the two most popular are Type A and
Type B. Type A connectors are the more common of the two and are the type used on PCs. Although
many peripheral devices also use a Type A connector, an increasing number now use a Type B. Figure
10 shows a Type A connector (left) and a Type B connector (right).

CHAPTER 4

19
 NETWORKING DEVICES

4.0 NETWORK INTERFACE DEVICES

Network interface cards, commonly referred to as NICs, and are used to connect a PC to a network.
The NIC provides a physical connection between the networking cable and the computer's internal bus.
Different computers have different bus architectures; PCI bus master slots are most commonly found
on 486/Pentium PCs and ISA expansion slots are commonly found on 386 and older PCs. NICs come
in three basic varieties: 8-bit, 16-bit, and 32-bit. The larger the number of bits that can be transferred to
the NIC, the faster the NIC can transfer data to the network cable.

Network interface cards, referred to as NICs, are PC integrate cards that give inter-networking
capabilities for a particular computing solution. There are many types of NICs that are utilized in
changeable situations. The biggest variation between cards is depending upon their connective medium
and speed capabilities. To a lesser extent, NICs can be distinguished by their type of connectivity to
PC.

10/100 Ethernet

These are networking cards that are utilized often in home or small office
setting. As name implies, they are able of speeds up to 10 or 100 megabits per
second, not to be confused with megabytes per second. These cards generally
attach to PC using a PCI, PCIe or ISA motherboard interface slot. These
cards are setup to utilize category 5 or 6 networking cables.

Gigabit Ethernet

Gigabit Ethernet NICs give network transfer speeds of up to one Gigabit per second. These cards
attach to PC using same means as before mentioned, though, they are much more likely to be formed
for PCIe slots. These NICs can use Category 5, 5e, 6, and 7 cabling, with a preference for latter.
Though, these NICs are more frequently created to use fiber optic cables for utilize in enterprise
solutions like web servers or data storage centers.

Fiber Optics

Main network infrastructures like tier 1 and 2 Internet backbones need more controlling NICs. Fiber
optic NICs consume fiber optic cabling to achieve speeds of 10 to 100 gigabits per second. These NICs
are frequently, though not always, exterior devices that attach to servers or workstations by an inter-
networking plane which gives a lower connective speed to individual devices like 100 Mb/s. These
NICs are a significant financial investment and need much service and maintenance.
Wireless NICs

Wireless NICs give similar networking capabilities as wired counterparts, though they have their own
transfer capabilities. Speeds of 54 Mb/s are usually available to wireless NICs. These NICs, though
give for wireless networking that permits for freedom in PC topology and installation.

Wireless Dongles
20
 This is a wireless networking device utilized by individual machines that have access to a main PC
that is attached to a wireless router. This wireless router permits user to install wireless dongles rather
than whole routers with every extra machine on network. These devices attach by ether connectors to a
standard Ethernet card; though, they are common in a USB compatible connective specification. This
connectivity through USB permits for real time plug and play installation without financial load of
buying many wireless routers per machine.

4.1 NETWORK DEVICES

Network devices are components used to connect computers or other electronic devices together so
that they can share files or resources like printers or fax machines. Devices used to setup a Local Area
Network (LAN) are the most common types of network devices used by the public. A LAN requires a
hub, router, cabling or radio technology, network cards, and if online access is desired, a high-speed
modem.

Hubs/Repeaters

Hubs/repeaters are used to connect together two or more Ethernet segments of any media type. In
larger designs, signal quality begins to deteriorate as segments exceed their
maximum length. Hubs provide the signal amplification required to allow a
segment to be extended a greater distance. A hub takes any incoming signal
and repeats it out all ports.

Ethernet hubs are necessary in star topologies such as 10BASE-T. A multi-

port twisted pair hub allows several point-to-point segments to be joined
into one network. One end of the point-to-point link is attached to the hub
and the other is attached to the computer. If the hub is attached to a backbone, then all computers at the
end of the twisted pair segments can communicate with all the hosts on the backbone. The number and
type of hubs in any one-collision domain is limited by the Ethernet rules.

Bridges

The function of a bridge is to connect separate networks together. Bridges

connect different networks types (such as Ethernet and Fast Ethernet) or
networks of the same type. Bridges map the Ethernet addresses of the nodes
residing on each network segment and allow only necessary traffic to pass
through the bridge. When a packet is received by the bridge, the bridge
determines the destination and source segments. If the segments are the
same, the packet is dropped ("filtered"); if the segments are different, then
the packet is "forwarded" to the correct segment. Additionally, bridges do not forward bad or
misaligned packets.

Bridges are also called "store-and-forward" devices because they look at the whole Ethernet packet
before making filtering or forwarding decisions. Filtering packets and regenerating forwarded packets
enable bridging technology to split a network into separate collision domains. This allows for greater
distances and more repeaters to be used in the total network design.

Ethernet Switches
21
 Ethernet switches are an expansion of the concept in
Ethernet bridging. LAN switches can link four, six, ten or
more networks together, and have two basic architectures:
cut-through and store-and-forward. In the past, cut-through
switches were faster because they examined the packet
destination address only before forwarding it on to its
destination segment. A store-and-forward switch, on the
other hand, accepts and analyzes the entire packet before forwarding it to its destination.

It takes more time to examine the entire packet, but it allows the switch to catch certain packet errors
and keep them from propagating through the network. Both cut-through and store-and-forward
switches separate a network into collision domains, allowing network design rules to be extended.
Each of the segments attached to an Ethernet switch has a full 10 Mbps of bandwidth shared by fewer
users, which results in better performance (as opposed to hubs that only allow bandwidth sharing from
a single Ethernet). Newer switches today offer high-speed links, FDDI, Fast Ethernet or ATM. These
are used to link switches together or give added bandwidth to high-traffic servers. A network
composed of a number of switches linked together via uplinks is termed a "collapsed backbone"
network.

Routers:

Routers filter out network traffic by specific protocol

rather than by packet address. Routers also divide
networks logically instead of physically. An IP router
can divide a network into various subnets so that only
traffic destined for particular IP addresses can pass
between segments. Network speed often decreases due
to this type of intelligent forwarding. Such filtering takes
more time than that exercised in a switch or bridge, which only looks at the Ethernet address.
However, in more complex networks, overall efficiency is improved by using routers.

Network firewall

A firewall is a system or group of systems that enforces an

access control policy between two networks. The actual
means by which this is accomplished varies widely, but in
principle, the firewall can be thought of as a pair of
mechanisms: one which exists to block traffic, and the other
which exists to permit traffic. Some firewalls place a greater
emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important
thing to recognize about a firewall is that it implements an access control policy. If you don't have a
good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also
important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy,
imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for
a large number of hosts therefore have a heavy responsibility.

Modem

22
 A modem links your home network to the Internet through your
Internet Service Provider (ISP). The high speed types of data outside
of your home aren’t suitable for your direct use, so modems convert the
data into digital Ethernet, which all the network equipment in your
home can use.

The internet services that are outside your home (or business) which
are supplied by your ISP are either DSL, cable, dial-up, satellite or
fiber. Modems are often combined with a router into a single unit, which then also gives you a firewall
protecting your network from attack. If your modem is not also a router, then you will probably want a
router in addition to your modem.

Wireless Access point

A wireless access point is a central communications device that allows computers and
devices to transfer data wirelessly among them or to transfer data wirelessly to a wired
network. Wireless access points have high-quality antennas for optimal signals. For the
best signal, some manufacturers suggest positioning the wireless access point at the
highest possible location.

Wireless access points around schools allow students to access the school network
wirelessly from their classrooms, the notebook computer, or mobile device must have built-in wireless
capability or a wireless network card.

4.2 IP ADDRESSING & CONFIGURATION BASICS:

An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network.
An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8
bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted
decimal" notation.

Example: 140.179.220.200

It is sometimes useful to view the values in their binary form.

140 .179 .220 .200

10001100.10110011.11011100.11001000

Every IP address consists of two parts, one identifying the network and one identifying the node. The
Class of the address and the subnet mask determine which part belongs to the network address and
which part belongs to the node address.

Address Classes:
23
There are 5 different address classes. You can determine which class any IP address is in by examining
the first 4 bits of the IP address.

Class A addresses begin with 0xxx, or 1 to 126 decimal.

Class B addresses begins with 10xx, or 128 to 191 decimal.

Class C addresses begin with 110x, or 192 to 223 decimal.

Class D addresses begin with 1110, or 224 to 239 decimal.

Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal testing
on a local machine. [You can test this: you should always be able to ping 127.0.0.1, which points to
yourself] Class D addresses are reserved for multicasting. Class E addresses are reserved for future
use. They should not be used for host addresses.

Now we can see how the Class determines, by default, which part of the IP address belongs to the
network (N) and which part belongs to the node (n).

Class A -- NNNNNNNN.nnnnnnnn.nnnnnnn.nnnnnnn

Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn

In the example, 140.179.220.200 is a Class B address so by default the Network part of the address
(also known as the Network Address) is defined by the first two octets (140.179.x.x) and the node part
is defined by the last 2 octets (x.x.220.200). In order to specify the network address for a given IP
address, the node section is set to all "0"s. In our example, 140.179.0.0 specifies the network address
for 140.179.220.200. When the node section is set to all "1"s, it specifies a broadcast that is sent to all
hosts on the network. 140.179.255.255 specifies the example broadcast address. Note that this is true
regardless of the length of the node section.

Private Subnets:

There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal IP networks, such
as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses

Subnetting an IP Network can be done for a variety of reasons, including organization, use of different
physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The
most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see
all the packets transmitted by all the other nodes on that segment. Performance can be adversely
24
affected under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used
to connect IP networks to minimize the amount of traffic each segment must receive.

Subnet Masking

Applying a subnet mask to an IP address allows you to identify the network and node parts of the
address. The network bits are represented by the 1s in the mask, and the node bits are represented by
the 0s. Performing a bitwise logical AND operation between the IP address and the subnet mask results
in the Network Address or Number.

For example, using our test IP address and the default Class B subnet mask, we get:

10001100.10110011.11110000.11001000 140.179.240.200 Class B IP Address

11111111.11111111.00000000.00000000 255.255.000.000 Default Class B Subnet Mask

10001100.10110011.00000000.00000000 140.179.000.000 Network Address

Default subnet masks:

Class A - 255.0.0.0 - 11111111.00000000.00000000.00000000

Class B - 255.255.0.0 - 11111111.11111111.00000000.00000000
Class C - 255.255.255.0 - 11111111.11111111.11111111.00000000

NETWORK CONFIGURATION BASICS

In a TCP/IP network, there are several settings to configure to enable a client system to access peer and
server services. Configuring a client system for TCP/IP can be a relatively complex task, or it can be
simple. Any complexity involved is related to the possible need to configure TCP/IP manually. The
simplicity is related to the fact that TCP/IP configuration can occur automatically via DHCP. Brief
explanations of the IP related settings used to connect to a TCP/IP network follow:

 IP address; Each system must be assigned a unique IP address so that it can communicate on
the network.
 Subnet mask; The subnet mask enables the system to determine which portion of the IP
address represents the network address and which portion represents the node address.
 Default gateway; The default gateway enables the system to communicate with systems on a
remote network, without the need for explicit routes to be defined.
 DNS server addresses; DNS servers enable dynamic hostname resolution to be performed. It
is common practice to have two DNS server addresses defined so that if one server becomes
unavailable, the other can be used.

CHAPTER 4
25
 NETWORK VULNERABILITIES

4.0 INTRODUCTION

Computer security can be very complex and may be very confusing to many people. It can even be a
controversial subject. Network administrators like to believe that their network is secure and those who
break into networks may like to believe that they can break into any network. There are many fallacies
that network administrators may fall victim to. These fallacies may allow administrators to wrongfully
believe that their network is more secure than it really is.

There are many different aspects to computer and network. These different areas of computer security
are interdependent on each other in order for a network to be secure. If one or more areas of computer
security are ignored, then the entire security integrity of the organization's network may be
compromised. A clear example of this is in the area of computer virus or worm protection. Computer
virus protection programs can only filter known viruses or worms. There are viruses or worms that are
not yet recognized as virus programs immediately after their release. The best way to make
unrecognized virus or worm programs less effective is by quickly removing the vulnerabilities that
they use. Some of these vulnerabilities are operating system and application program errors. When
security patches are created for software, they should be quickly applied. In this way the vulnerability
to viruses is minimized but not eliminated. There are other steps which may further reduce this
vulnerability, but it can never be completely eliminated.

Computer and network security is required because most organizations can be damaged by hostile
software or intruders. There may be several forms of damage which are obviously interrelated. These
include:

 Damage or destruction of computer systems.

 Damage or destruction of internal data.
 Loss of sensitive information to hostile parties.
 Use of sensitive information to steal items of monetary value.
 Use of sensitive information against the organization's customers which may result in legal
action by customers against the organization and loss of customers.
 Damage to the reputation of an organization.
 Monetary damage due to loss of sensitive information, destruction of data, hostile use of
sensitive data, or damage to the organization's reputation.

The methods used to accomplish these unscrupulous objectives are many and varied depending on the
circumstances

4.1 Attack Techniques

Any information system that is exposed to the Internet or network is vulnerable to attack. Attacks
come in all shapes and sizes and an exact definition can prove problematic. For instance, is guessing
someone’s password an attack? What if you then proceed to read their files? Moreover what if you
then delete them? Each of these could constitute an attack given the correct circumstances. There are
various different types of attack each with their own nuances and subtleties. Attacks can be classified
in terms of their type, target and/or goal. But other aspects can be considered.

26
This chapter will provide an overview of an attacker (Intruder) before looking at the malicious
software they can use to setup the infrastructure needed to perform network based attacks. The
remainder of this chapter will then look at three types of network based attacks Scan-based, DNS-
based and Botnet-based that they, the intruder can perform utilizing the infrastructure.

Other attacks that utilize malicious software, such as Worms, Viruses and other similar software shall
also be addressed.

4.1.1 Intruder

The Intruder is an important part of the attacking process, they initiate it. They are the ones who press
the button, type in the commands and reap the benefits. They can be classed as either a:

i) Masquerader — those not authorized to access a resource but do so anyway;

ii) Misfeasor — a legitimate user that access resources without their remit and/or abuses their
privileges;
iii) Clandestine User — an individual that seizes supervisory control and uses this control to
hide their actions. Such individuals can be an insider or an outsider. An attacker’s
motivation can range from the most benign where they simply want to explore what is out
there to the more serious, when they wish to turn a profit from their actions.

The two most important tools that attackers utilize are a sophisticated knowledge of intrusion
techniques and persistence. The former implies a willingness to spend countless hours investigating
systems to identify weak spots. While the latter concentrates on the know how to guide their actions
and perform them.

As it is commonly known there are two levels of hackers, the script kiddies, the ones who simply use
the tools and may not know the underlying principles and technology at length. The others are the true
hackers, those who possess the wherewithal to actual build the tools, maintain them and ultimately
profit from them.

4.2.1 Malicious Software

Malicious software is perhaps one of the more well known and oldest form of threat that can threaten
an information system. These software programs can be used on their own or together as part of the
aforementioned network based attacks. More often than not malicious software is used as a means to
set up and establish the infrastructure needed to perform the network based attacks.

4.2.2 Trapdoors

Trapdoors are both a godsend and a nuisance for administrators. They are secret entry points into the
information system that allows the user who is aware of such trapdoors to bypass any and all security
mechanisms. They are primarily used during the testing and development of software, as it quickens
certain actions. However, if left in the actual production version of the code, an intruder can use them
to gain access.

27
4.2.3 Trojan Horses

Trojan Horses owe their name to Greek mythology and the sacking of Troy by the Greeks. A Trojan
Horse is an innocuous piece of software or file that normally adds little to no extra functionality with
its presence i.e. 10 minute games, email attachments, but contained within the program is code that is
launched when the software has been activated. On launch this new code will perform some unwanted
or harmful action.

4.2.4 Viruses

Computer Viruses are programs that distribute themselves by attaching copies of themselves to mobile
software that is distributed from machine to machine. Once the virus has infected a machine it will
then perform some action. Many of the above types of malicious software are used by viruses to
perform their distinct phases: Dormant — the virus is idle; Propagation — distribution; Trigger —
activation; and Execution — perform damage. Viruses always have code that detects whether or not a
host is infected. Viruses can be classified into several categories. A Parasitic virus is one with the aim
of self-propagation. Memory-Resident viruses reside in main memory and infect programs when the
program is executed. Boot Sector viruses infect the boot records of a system as propagates on disk
start up. A Stealth virus constantly covers its tracks from anti-virus software. The final type is that of
Polymorphic viruses, such viruses constantly mutate their structure thus hindering the development of
a signature.

4.2.7 Worms

Similar to a virus in that they distributed themselves from machine to machine, a Worm is a program
that actively seeks outs new hosts to infect and each newly infected machine seeks out more machines
to infect. It can be said that worms are viruses at host level and not program level, as such they share
the same life cycle. Worms propagate themselves through network connections and has a multitude of
was to achieve this. For instance a worm can take advantage of Email, Remote Login and/or Remote
Execution.

28
 CHAPTER 5
NETWORK ADMINISTRATIVE AND SECURITY TOOLS

5.1 NETWORK ADMINISTRATIVE & SECURITY TOOLS

There are a number of tools a network administrator might be required to use. Some of these tools
(such as the tone generator and locator) can be used for troubleshooting media connections, and others
(such as wire crimpers and punchdown tools) are used to create network cables and connections.

5.1.1 WIRE CRIMPERS

Wire crimpers are tools that most network administrators will find themselves using at some point.
Basically, a wire crimper is a tool that you use to attach media connectors to the ends of cables. For
instance, you use one type of wire crimper to attach RJ-45 connectors on Unshielded Twisted Pair
(UTP) cable, and you use a different type of wire crimper to attach Bayonet Neill Concelman (BNCs)
to coaxial cabling.

In a sense, you can think of a wire crimper as a pair of special pliers. You insert the cable and
connector separately into the crimper, making sure that the wires in the cable align with the appropriate
connectors. Then, by squeezing the crimper's handles, you force metal connectors through the wires of
the cable, making the connection between the wire and the connector.

5.1.2 PUNCHDOWN TOOL

If you have ever looked in a network closet, you have probably seen a distribution block, more
commonly called a patch panel. A patch panel is a freestanding or wall-mounted unit with a number of
port connections on the front. In a way, it looks like a wall-mounted hub without the light-emitting
diodes (LEDs). The patch panel provides a connection point between network equipment such as hubs
and switches and the ports to which PCs are connected, which are normally distributed throughout a
building.

Behind each of the individual RJ-45 jacks on the patch panel are connectors to which are attached the
eight wires from a piece of twisted-pair cable. These wires are commonly attached to the patch panel
by using a tool called a punchdown tool. To use the punchdown tool, you place the wires from the
cable into the appropriate slots in the back of the patch panel, and then use the tool to push the wires
firmly down into the slots. The insulation is stripped, and the wire becomes firmly embedded into the
connector. Because the connector strips the insulation on the wire, it is known rather grandiosely as an
insulation displacement connector (IDC).

5.1.3 MEDIA TESTER

A media tester, also called a cable tester, is used to test whether a cable is working properly. Any tool
that facilitates the testing of a cable can be deemed a cable tester. One of the simplest cable-testing
devices is a multimeter. By using the continuity setting, you can test for shorts in a length of coaxial
cable; or, if you know the correct cable pin outs and have needlepoint probes, you can test twisted-pair
cable. Various other single-purpose and multipurpose devices allow you to test cables. Some of these
devices tell you if the cable is working correctly and, if it's not, give you some idea why it's not.

29
Because the majority of network cabling is copper based, most of the tools designed to test cabling are
designed for copper-based cabling. However, when you test fiber-optic cable, you need an optical
tester.

An optical cable tester performs the same basic function as a wire media tester, but on optical media.
Unlike wire cables, the most common problem with an optical cable is a break in the cable that
prevents the signal from reaching the other end. Because of the extended distances that can be covered
with fiber-optic cables, degradation is rarely an issue in a fiber-optic LAN environment.

5.1.4 HARDWARE LOOPBACK CONNECTOR

Hardware loopback connectors are simple devices that redirect outgoing transmissions from a system
directly back into it. Hardware loopback connectors are used in conjunction with diagnostic software
for diagnosing transmission problems. Loopback connectors are available for a number of ports,
including RJ-45, serial, and parallel ports.

Specifically, a hardware loopback connector loops the outgoing data signal wires back into the system
on the incoming data signal line. In effect, it tricks the system into thinking that the PC is sending and
receiving data on the network, when in fact the data being sent is just being rerouted back in. Note that
in some cases, a hardware loopback connector is referred to as an adapter or a plug.

5.2.0 DIAGNOSTIC UTILITIES

Many utilities can be used when troubleshooting TCP/IP. Although the actual utilities available vary
from platform to platform, the functionality between platforms is quite similar. Below are some
troubleshooting tools that can be used

tracert / traceroute: Used to track the path a packet takes as it travels across a network. tracert is used
on Windows systems, traceroute is used on UNIX, Linux, and Macintosh systems.

ping: Used to test connectivity between two devices on a network.

arp: Used to view and work with the IP address to MAC address resolution cache.

netstat: Used to view the current TCP/IP connections on a system.

ipconfig: Used to view and renew TCP/IP configuration on a Windows system.

nslookup: Used to perform manual DNS lookups. nslookup can be used on Windows, UNIX,
Macintosh, and Linux systems.

5.2.1 NETWORK SECURITY TOOLS

In the past, hackers were highly skilled programmers who understood the details of computer
communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by
downloading tools from the Internet. These complicated attack tools and generally open networks have
generated an increased need for network security and dynamic security policies.
30
The easiest way to protect a network from an outside attack is to close it off completely from the
outside world. A closed network provides connectivity only to trusted known parties and sites; a closed
network does not allow a connection to public networks.

Because they have no Internet connectivity, networks designed in this way can be considered safe from
Internet attacks. However, internal threats still exist.

There is an estimate that 60 to 80 percent of network misuse comes from inside the enterprise where
the misuse has taken place.

With the development of large open networks, security threats have increased significantly in the past
20 years. Hackers have discovered more network vulnerabilities, and because you can now download
applications that require little or no hacking knowledge to implement, applications intended for
troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used
maliciously and pose severe threats. Two important elements of a network security strategy are the use
of proxy servers and firewall systems.

5.2.2 FIREWALL

A firewall system acts as a protective layer to network access by controlling the traffic that passes
between the interfaces on a system. In today's network environments, firewalls are being used to
protect systems from external as well as internal threats. Although firewalls initially became popular in
corporate environments, many home networks with a broadband Internet connection now also
implement a firewall to protect against Internet borne threats.

Essentially, a firewall is an application, device, system, or group of systems that controls the flow of
traffic between two networks. The most common use of a firewall is to protect a private network from
a public network such as the Internet. However, firewalls are also increasingly being used as a means
to separate a sensitive area of a private network from less-sensitive areas.

Figure 1 shows the most basic firewall configuration.

Figure 1 A basic firewall implementation.

5.2.3 PROXY SERVER

A proxy service provides management and control over what is now an essential feature of any modern
network Internet access. A proxy server, which can be a computer or dedicated hardware device
running proxy service software, acts as an intermediary between a user on the internal network and a
service on the external network (normally the Internet). The proxy server takes requests from a user
and then performs those requests on behalf of the user. To the external system, the request looks as if it
31
originated from the proxy server, not from the user on the internal network. Figure 2 shows how a
proxy server fits into a network configuration.

Figure 2 A proxy server in a typical network configuration.

There are a couple of excellent reasons to implement a proxy server:

 To perform NAT functions- A proxy server can process and execute commands on behalf of
clients that have private IP addresses. This enables an organization with only one registered IP
address to provide Internet access to a large number of computers. This process is known as IP
proxy.
 To allow Internet access to be controlled- Having a centralized point of access allows for a
great deal of control over the use of the Internet. By using the functionality of a proxy server
application or by using an add-on feature, proxy servers can filter requests made by clients and
either allow or disallow them. You can, for example, implement uniform resource locator
(URL) filtering, which allows or denies users access to certain sites.

5.3.0 AUTHENTICATION

As a security mechanism, authentication is provided by every major network operating system and is
implemented in all but the most insecure networks. Its 'impact on network functionality,' is that it will
require users to identify themselves to the network. This process provides two benefits. It secures the
network from unauthorized access and provides a degree of accountability for users once they are
logged on.

There are three basic categories of authentication used on modern networks:

 Passwords The 'traditional' authentication method, passwords do a good job of providing

security, but users who choose passwords that are too simple to guess can negate their
effectiveness. Additionally, passwords can be passed from one person to another, diminishing
their role as an accountability mechanism. Although network users will likely be very
comfortable with using passwords, you should make them aware of the rules governing
32
 password use in your organization. You should also ensure that they understand the electronic
policies that will dictate conditions such as password length and expiration times.
 Smartcards Smartcards, which are normally used in conjunction with a password or personal
identification number (PIN), provide a higher level of accountability and access control than
passwords. This is because the user has to be in possession of a physical item (the smartcard),
as well as information (the password or PIN) in order to gain access.
 Biometrics Biometrics, which can mean the scanning or verification of some part of your
person, is the ultimate 'proof of person' authentication technique. As it is almost impossible to
fake biometric mediums such as fingerprints or retinal patterns, you can be very sure that
someone gaining access to the system biometrically is who they say they are. Even so,
biometric systems typically also use passwords or PIN numbers as an additional measure of
security.

Passwords are a relatively simple form of authentication in that only a string of characters can be used
to authenticate the user. However, how the string of characters is used and which policies you can put
in place to govern them make usernames and passwords an excellent form of authentication.

All popular network operating systems include password policy systems that allow the network
administrator to control how passwords are used on the system. The exact capabilities vary between
network operating systems. However, generally they allow the following:

 Minimum length of password -Shorter passwords are easier to guess than longer ones. Setting
a minimum password length does not prevent a user from creating a longer password than the
minimum, although each network operating system has a limit on how long a password can be.
 Password expiration -Also known as the maximum password age, password expiration
defines how long the user can use the same password before having to change it. A general
practice is that a password is changed every month or every 30 days. In high-security
environments, you might want to make this value shorter, but you should generally not make it
any longer. Having passwords expire periodically is an important feature because it means that
if a password is compromised, the unauthorized user will not have access indefinitely.
 Prevention of password reuse -Although a system might be able to cause a password to expire
and prompt the user to change it, many users are tempted to simply use the same password
again. A process by which the system remembers the last, say, 10 passwords is most secure
because it forces the user to create completely new passwords. This feature is sometimes called
enforcing password history.

5.3.1 ENCRYPTION

Encryption is the process of encoding data so that, without the appropriate unlocking code, the
encrypted data can't be read. Encryption is used as a means of protecting data from being viewed by
unauthorized users. If you have ever used a secure website, you have used encryption.

On private networks, encryption is generally not a very big issue. Modern network operating systems
often invisibly implement encryption so that passwords are not transmitted openly throughout the
network. On the other hand, normal network transmissions are not usually encrypted, although they
can be if the need arises. A far more common use for encryption is for data that is sent across a public
network such as the Internet or across wireless networks where outside users might be able to gain
access to the data. In both of these cases, there is plenty of opportunity for someone to take the data
33
from the network and then read the contents of the packets. This process is often referred to as packet
sniffing.

By sniffing packets from the network and reading their contents, unauthorized users can gain access to
private information. They can also alter the information in the packet. Therefore, the stronger the
encryption method that is used, the better protected the data is.

A number of encryption methods are commonly used, including

 IP Security (IPSec)
 Secure Sockets Layer (SSL)
 Triple Data Encryption Standard (3DES)
 Pretty Good Privacy (PGP)

EXAMPLES OF NETWORK UTILITIES

The netstat utility produces TCP/IP statistics.

Ping Utility:

Ping determines if a particular IP host is responding.

FTP utility:
34
ipconfig:

35