CPE313

BUILD A
HOME
NETWORK
MODULE 13 - IRISH PARING
CONNECTING HOME
DEVICES
A home network is a small LAN with devices that
usually conne ct to a n integrated router a nd to ea ch
other in order to e xchange information.

One of the ma in advantages of wireless is the

ability to provide a nytime, anywhere connectivity.
 BENEFITS OF WIRELESS LAN
• TECHNOLOGY
Mobility - allows easy connection of both stationary and mobile clients
• Scalability - can be easily expanded to allow more users to connect and to increase the coverage
area.
• Flexibility - provides anytime, anywhere connectivity
• Cost savings - equipment costs continue to fall as the technology matures
• Reduced installation time - installation of a single piece of equipment can provide connectivity
for a large number of people
• Reliability in harsh environments - easy to install in emergency and hostile environments
 COMPONENTS OF A HOME
• Desktop computers NETWORK
• Gaming systems
• Smart TV systems
• Printers
• Scanners
• Security cameras
• Telephones
• Climate control devices
TYPICAL HOME NETWORK ROUTERS
two primary types of ports

• Ethernet Ports - These ports connect to the internal switch portion of the router.
• Internet Port - This port is used to connect the device to another network.

In addition to the wired ports, many home routers include a radio antenna and a built-in wireless
access point
THE ELECTROMAGNETIC SPECTRUM

Wireless technologies use electromagnetic waves to carry information

between devices.

The electromagnetic spectrum includes such things as radio and

television broadcast bands, visible light, x-rays and gamma-rays.
Each of these has a specific range of wavelengths and associated
energies, as shown in the figure.
LAN WIRELESS
FREQUENCIES
• The wireless technologies most frequently used in home
networks are in the unlicensed 2.4 GHz and 5 GHz frequency
ranges.
• Bluetooth is a technology that makes use of the 2.4 GHz band.
⚬ limited to low-speed, short-range communications, but has
the advantage of communicating with many devices at the
same time
• Modern wireless LAN technologies use use the 2.4 GHz and 5
GHz bands.
The figure shows where wireless technologies exist on the electromagnetic spectrum.
WIRED NETWORK
TECHNOLOGIES
• Ethernet - most commonly implemented wired protocol
⚬ uses a suite of protocols that allow network devices to
communicate over a wired LAN connection
⚬ Ethernet LAN can connect devices using many different
types of wiring media.
WI-FI NETWORKS
• The main organization responsible for the creation of wireless technical
standards is the IEEE.
• The IEEE 802.11 standard governs the WLAN environment. There are
amendments to the IEEE 802.11 standard that describe characteristics for
different standards of wireless communications.
• Wi-Fi Alliance is responsible for testing wireless LAN devices from
different manufacturers
⚬ The Wi-Fi logo on a device means that this equipment meets standards
and should operate with other devices that use the same standard
 WIRELESS SETTINGS
Wireless routers using the 802.11 standards have multiple settings that have to be configured.
These settings include the following:
• Network mode - Determines the type of technology that must be supported.
• Network Name (SSID) - Used to identify the WLAN.
⚬ All devices that wish to participate in the WLAN must have the same SSID.
• Standard Channel - Specifies the channel over which communication will occur.
⚬ By default, this is set to Auto to allow the AP to determine the optimum channel to use.
• SSID Broadcast - Determines if the SSID will be broadcast to all devices within range.

SSID stands for Service Set Identifier.

 NETWORK MODE
When building a wireless network, it is important that the wireless components connect to the appropriate
WLAN. This is done using the SSID.

• SSID is a case-sensitive, alphanumeric string that contains up to 32 characters.

⚬ sent in the header of all frames transmitted over the WLAN.
⚬ is used to tell wireless devices, called wireless stations (STAs), which WLAN they belong
to and with which other devices they can communicate.
⚬ We use the SSID to identify a specific wireless network. It is essentially the name of the
network.
⚬ The SSID broadcast allows other devices and wireless clients to automatically discover the
name of the wireless network. When the SSID broadcast is disabled, you must manually
enter the SSID on wireless devices.

SSID stands for Service Set Identifier.

WIRELESS CHANNELS
Wireless devices that transmit over • Channels are created by dividing up the available RF
the same frequency range create spectrum.
interference in a Wi-Fi network. This
⚬ Each channel is capable of carrying a different
interference can slow down the Wi-Fi
conversation
performance and potentially break
network connections. Channels are
created by dividing up the available
RF spectrum.
 WIRELESS AS A SHARED
• In a shared media Ethernet wired network, collisions occur when two or more devices attempt
MEDIA
to send messages on the network at the same time.
• Ethernet protocols detect the collisions and all devices stop transmitting for a period of time in
order to ensure that there is no additional contention for the media.
• Wireless technology uses an access method called Carrier Sense Multiple Access with
Collision Avoidance (CSMA/CA)
⚬ CSMA/CA creates a reservation on the channel for a specific conversation between
devices. While a reservation is in place, no other device may transmit on the channel, thus
possible collisions are avoided.
 HOW DOES THIS RESERVATION
PROCESS WORK?
• Request to Send (RTS) - If a device requires use of a specific communication channel in the
wireless network, it must ask permission from the AP.
• If the channel is available, the wireless access point (AP) will respond to the device with a
Clear to Send (CTS) message indicating that the device may transmit on the channel.
• A CTS is broadcast to all devices within the network. Therefore, all devices in the network
know that the requested channel is now in use.
HOW DOES THIS RESERVATION
PROCESS WORK?
• When the conversation is complete, the device that requested the channel sends
another message to the AP known as an acknowledgment (ACK).
• The ACK indicates to the AP or the router that the channel can be released.
• This message is also broadcast to all devices on the WLAN.
• All devices within the network receive the ACK and know that the channel is now
available.
 SET UP A HOME
ROUTER
Step 1: Access the Router Setup Utility
• Many home wireless routers come with an automatic setup utility to configure basic
settings.
• Connect a PC or laptop to the router using an Ethernet cable (wired connection).

Step 2: Connect Your Computer to the Router

• Plug one end of an Ethernet patch cable into your computer's network port.
• Plug the other end into one of the LAN ports on the router.
• Note: Avoid connecting the cable to the port labeled "Internet," which is meant for
your DSL or cable modem.
 SET UP A HOME
ROUTER
Step 3: Verify Internet Connection Type
• Check if your router has a built-in modem for internet connections (some do).
• Ensure the connection type (cable or DSL) matches your internet service.
• Cable modems use coaxial cables, while DSL connections use telephone-type cables (usually
an RJ-11 connector).

Step 4: Confirm Network Connection

• Check if the computer is successfully connected to the router.
• Look for active link lights on the computer's Network Interface Card (NIC).
 SET UP A HOME
ROUTER
Step 5: Obtain an IP Address
• Most routers use DHCP to assign IP addresses automatically.
• If your computer doesn't have an IP address, consult the router's documentation.
• Manually configure your PC or tablet with a unique IP address, subnet mask, default gateway,
and DNS information if required.
 DESIGN
PlanCONSIDERATIONS
Your Network Usage
• Think about how you'll use your network.
• Avoid configurations that might limit your network's capabilities or leave it vulnerable.

Choosing Your Network Name (SSID)

• Be cautious with SSID broadcasting.
• Don't reveal too much information in your SSID (avoid device models or brands).
• Protect against known security weaknesses.
 DESIGN
CONSIDERATIONS
Device Compatibility
• Check the wireless standards your devices support (e.g., 802.11 b/g).
• Ensure your router matches the supported standards.
• Enable legacy mode for older devices if needed.
• Legacy mode can include 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac for
compatibility.

Wireless Setup Screen

• Familiarize yourself with your router's settings, which might include legacy mode (or
mixed mode).
ENHANCING NETWORK SECURITY
MAC Address Filtering
• Determine network access based on your usage plan.
• Many routers support MAC address filtering, allowing specific devices to connect.
• To grant access, add the MAC address of the device.
• Increases security but limits flexibility when adding new devices.
ENHANCING NETWORK SECURITY
Guest Access
• Some routers offer guest access with certain limitations:
• Guests can use the internet but can't access devices on the LAN.
• Not all routers have this feature, so check the manufacturer's website.

Authentication Methods
• If there's no guest mode, control access with authentication methods.
• Users need a password or passphrase to connect to the SSID.
• Combine non-broadcast SSID with a passphrase for added security.

These measures help secure your network while considering convenience and flexibility.
 CPE313

CONNECT TO
THE
INTERNET
MODULE 14 - OLAY, STEPHEN LOUIE ALEXIE, PABELLAN EULYSIS
CONTENT
01 ISP CONNECTIVITY OPTIONS

02 NETWORK VIRTUALIZATION

03 MOBILE DEVICE CONNECTIVITY

04 SUMMARY
14.1 ISP CONNECTIVITY
OPTIONS
CONTENT
01 ISP SERVICES

02 ISP CONNECTIONS

03 CABLE AND DSL CONNECTIONS

04 ADDITIONAL CONNECTIVITY
OPTIONS
 14.1.1 ISP
SERVICES
An Internet Service Provider (ISP) provides the link between the home network and the internet. An
ISP can be the local cable provider, a landline telephone service provider, the cellular network that
provides your smart phone service, or an independent provider who leases bandwidth on the physical
network infrastructure of another company.
 14.1.1 ISP
SERVICES
Many ISPs also o ffer additio nal services to
th eir con tract subscribers, as sh own in the
fig ure. T hese serv ices can inclu de em ail
accoun ts, network sto rag e, and website
ho sting and au to mated back up or security
services.

ISPs are critical to com m unication s across th e

glob al in ternet. Each ISP co nnects to other
ISPs to form a n etwork of lin ks that
in tercon nect u sers all ov er the world . ISPs are
con nected in a hierarchical man ner th at
ensures that intern et traffic g enerally tak es th e
sh ortest path fro m the source to th e
destin atio n.
 14.1.1 ISP
SERVICES
The internet backbone is like a n informa tion super
highway that provides high-spee d data links to c onnect
the various service provider networks in major
me tropolitan are as around the world. The primary
me dium that connects the internet ba ckbone is fibe r-
optic cable. This cable is typically installed
unde rground to c onnect cities within continents. Fiber-
optic cables also run under the se a to c onnect
continents, countries, and cities.
 14.1.2 ISP
CONNECTIONS
The interconnection of ISPs that forms the backbone of the internet is a complex web of fiber-optic
cables with expensive networking switches and routers that direct the flow of information between
source and destination hosts. Average home users are not aware of the infrastructure outside of their
network. For a home user, connecting to the ISP is a fairly uncomplicated process.
14.1.2 ISP
On the upper portion of the image shown: the most basic

CONNECTIONS
ISP connection approach. It involves a modem that
directly links a computer to the ISP. However, this option
is not recommended, as it leaves your computer
unprotected when connected to the internet.

On the bottom portion of the image shown: a router is

required for a secure computer-to-ISP connection, the
most common connection option. It involves employing
an integrated wireless router to link to the ISP, includes a
switch for wired connections and a wireless Access Point
(AP) for wireless devices. Additionally, the router
manages and prtotects client IP addresses and
information.
 GOALS AND OBJECTIVES
Most home network users do not connect to their service
providers with fiber-optic cables. The figure illustrates
common connection options for small office and home
users. The two most common methods are as follows:
DSL - Digital Subscriber Line Provides
high-bandwidth, always-on Internet
Cable - Typically offered by cable access via a special modem that
television service providers, the internet separates DSL and telephone signals,
providing an Ethernet connection to a
data signal is carried on the same
computer or LAN Uses three channels
coaxial cable that delivers cable
on the telephone line: single for voice
television. It provides a high bandwidth,
calls , one for fast downloads , and the
always on, connection to the internet. A other for uploads, usually a bit slower.
special cable modem separates the DSL quality and speed depend on the
internet data signal from the other type of telephone line and its
signals carried on the cable and proximity to the telephone company’s
provides an Ethernet connection to a central facility, slower connections
host computer or LAN. over long distances
 GOALS AND OBJECTIVES
Cellular internet relies on cell phone
networks for connectivity. It's
CELLULAR
accessible wherever there's a cell
signal, but performance depends on
your phone and the connected cell
tower. This accessibility is valuable
for those in remote areas or always
on the go. However, carriers often
meter bandwidth and charge extra for
exceeding data plan limits.
Satellite internet is a viable choice for locations lacking D SL or Another cost effective option is
cable options . H ow ever, it r equires a clear view of the s atellite, toDial-up
use any Telephone
telephone line and
Satellite
making it challenging in w ooded or obs tructed areas . S peeds vary by modem. To connect to an ISP,
contract but are generally decent. Initial equipment and ins tallation you dial the ISP access number.
cos ts can be high, though s ome providers offer s pecials , follow ed by Dial-up modems offer limited
a moderate monthly fee. Satellite acces s , like cellular, is a valuable
bandwidth, often not enough for
option for areas w ith no other internet connectivity.
large data transfers, but work
well for mobile access while
traveling. Only consider
connecting a dial-up modem only
when faster options are not
readily available.
14.2 NETWORK
VIRTUALIZATION
CONTENT
01 CLOUD AND VIRTUALIZATION

02 CLOUD COMPUTING

03 TYPES OF CLOUDS

04 CLOUD SERVICES

05 CLOUD COMPUTING AND

VIRTUALIZATION
06 ADVANTAGES OF
VIRTUALIZATION
07 HYPERVISORS
CONTENT
08 SOFTWARE-DEFINED
NETWORKING

09 NETWORK VIRTUALIZATION

10 CONTROL PLANE AND DATA

PLANE

11 NETWORK VIRTUALIZATION AND

SDN

12 SDN ARCHITECTURE
14.2.1 CLOUD AND
VIRTUALIZATION
14.2.2 CLOUD
COMPUTING
What is Cloud computing?

Cloud computing is one of the ways that we access and store data. Cloud
computing allows you to store personal files and full drive backups on online
servers. It also provides access to applications such as word processing and
photo editing via the Internet. Data centers including servers, storage devices,
and network infrastructure make cloud computing possible.
 14.2.3 TYPES OF
CLOUDS
• Public clouds
• Private clouds
• Hybrid clouds
• Community clouds
 14.2.3 TYPES OF CLOUDS

Cloud-based applications and In private cloud, cloud-based applications and A hybrid cloud is a combination of
servicesPublic Cloudsin public
available PrivateforClouds
services are designed specific organizations such multipleHybrid
clouds Clouds
(e.g., private and
clouds are accessible to the as government. This can be built upon by the public) as distinct entities connected
general public, usually for free or organization’s own network, which can be expensive by a unified infrastructure. In a
through a pay-as-you-go method, to build and maintain. Alternatively, a private cloud hybrid cloud, users can access
can be managed by an outside organization with strict different services with different
such as payment for online
access security. permissions based on their user
storage. This service is provided
privileges.
via the Internet.
 14.2.3 TYPES OF
CLOUDS

A c ommunity c loud is de signe d e xc lusive ly for use

Community
by a s pe c ific c ommunity. Unlike the public c loud,
Clouds
the c ommunity c loud is de signe d to me e t the
spe c ific c us tomiz e d ne e ds for the c ommunity. For
e xa mple , he a lthc a re orga niz a tions must c omply with
HIPAA (He a lth Insura nc e Porta bility a nd
Ac c ounta bility Ac t of 1996)a nd othe r polic ie s a nd
la ws tha t re quire e xc e ptiona l inte grity a nd priva c y
polic ie s .
 14.2.4 CLOUD
SERVICES
Cloud services are available in a variety of options, tailored to meet customer
requirements. The three main cloud computing services defined by the
National Institute of Standards and Technology (NIST) in their Special
Publication 800-145 are as follows:

• Software as a Service (SaaS)

• Platform as a Service (PaaS)
• Infrastructure as a Service
(IaaS)
• IT-as-a-Service (ITaaS)
 14.2.4 CLOUD
SERVICES
SOFTWARE AS A SE RVICE (SAAS)
The cloud provider is responsible for
access to applications and services, such
as email, communication, and Microsoft
365, that are delivered over the internet.
The user does not manage any aspect of
the cloud services except for limited
user-specific application settings. The
user only needs to provide data.
PL ATFORM AS A SERVICE (PAAS)
The clo ud pro vider is responsible for
pro viding users access to the development
tools and services used to deliver the
app lication s. Th ese users are typically
pro grammers and may have control over
the configu ration settings of the
app lication ho sting environment of the
clou d p rovider.
 14.2.4 CLOUD
SERVICES
INFRASTRUCTURE AS A SERVICE (IAAS)
T he c loud provide r is re sponsible for giving IT
m ana ge rs ac c ess to the ne tw ork equipm ent,
virtua liz e d ne tw ork servic es, and supporting
ne tw ork infra structure . U sing this cloud servic e
a llows IT m a na gers to de ploy a nd run softwa re
c ode, w hic h ca n inc lude opera ting syste ms a nd
a pplic ations.
Cl oud se rvic e provi de rs have extended this m odel to
a l so provi de IT support for each of the cloud
c om put i ng se rvi ce s (ITaaS) , as shown in the figure.
For busi ne sse s, ITa a S c an extend the capability of the
ne t work wi thout re quiring investm ent in new
i nfr a st ruc t ur e , t ra i ni ng new personnel, or licensing
ne w soft wa re . The se se rvices are available on dem and
a nd de l i ve re d e c onom i c ally to any device anywhere in
t he worl d wi t hout c om prom ising security or function.
14.2.5 CLOUD COMPUTING AND
VIRTUALIZATION
"Cloud computing" and "virtualization" are
Dedicated Servers
often used interchangeably, but with
different meanings. Virtualization is a
fundamental building block of cloud
computing, making conventional cloud
computing impossible without it.

To understand virtualization, it’s important

to get into the history of server tech. In the
past, enterprise servers ran on dedicated
hardware with a server OS such as Windows
Server or Linux Server. Resources such as
RAM, processing power, etc. were all
assigned to a single service, such as web
browser or email hosting.
 14.2.5 CLOUD COMPUTING AND
VIRTUALIZATION
To understand virtualization, it’s important to get into
Dedicated Servers
the history of server tech. In the past, enterprise
servers ran on dedicated hardware with a server OS
such as Windows Server or Linux Server. Resources
such as RAM, processing power, etc. were all assigned
to a single service, such as web browser or email
hosting.

The major problem with this configuration is that when

a component fails, the service that is provided by this
server becomes unavailable. This is known as a single
point of failure. Another problem was that dedicated
servers were underused. Dedicated servers often sat
idle for long periods of time, waiting until there was a
need to deliver the specific service they provide. These
servers wasted energy and took up more space than was
warranted by the amount of service provided. This is
known as server sprawl.
 14.2.6 ADVANTAGES OF
VIRTUALIZATION
One major advantage of virtualization is overall reduced cost:

LESS LESS ENERGY IS LESS SPACE IS

EQUIPMENT IS CONSUMED: REQUIRED:
REQUIRED:
Virtualization enables
C onsolidating servers Server consolidation
server consolidation,
low ers the monthly reduces the amount of
which requires fewer
pow er and cooling required floor space.
physical devices and
costs.
low ers maintenance
costs.
 14.2.6 ADVANTAGES OF
VIRTUALIZATION
One major advantage of virtualization is overall reduced cost:

EASIER FASTER SERVER INCREASED

PROTOTYPING: PROVISIONING: SERVER
Self-contained labs, UPTIME:
C reating a virtual C onsolidating servers
operating on isolated
server is far faster low ers the monthly
networks, can be rapidly
than provisioning a power and cooling
created for testing and
physical server. costs.
prototyping network
deployments.
14.2.6 ADVANTAGES OF
VIRTUALIZATION
One major advantage of virtualization is overall reduced cost:

IMPROVED
LEGACY SUPPORT:
DISASTER
RECOVERY: Virtualization can
Most enterprise server
extend the life of OSs
virtualization platforms
and applications
have software that can
providing more time for
help test and automate
failover before a disaster organizations to migrate
happens. to new er solutions.
 14.2.7 HYPERVISORS
The hypervisor is a program, firmware, or hardware that adds an
abstraction layer on top of the physical hardware. The abstraction layer
is used to create virtual machines which have access to all the hardware
of the physical machine such as CPUs, memory, disk controllers, and
NICs. Each of these virtual machines runs a complete and separate
operating system. With virtualization, it is not uncommon for 100
physical servers to be consolidated as virtual machines on top of 10
physical servers that are using hypervisors.
 14.2.7 HYPERVISORS
Type 1 hypervisors are also called the “bare metal”
approach because the hypervisor is installed directly
Type 1
on the hardware.
Hypervisor:
Type 1 hypervisors are usually used on enterprise
servers and data center networking devices.

Wit h Ty pe 1 hyp ervi sors, t h e h y p erv i s o r i s i n s t a l l ed d i rect l y o n t h e serv er o r network ing

hardware. Then , in stances o f a n OS are i n s t a l l ed o n t h e h y p erv i s o r, as sho wn in the fi gure.
Typ e 1 hypervi sors have di rec t a cc es s t o t h e h ard wa re res o u rces ; t h erefore, t hey are mo re
efficient than h osted archi t ect u re s . Ty p e 1 h y p erv i s o rs i mp ro v e s calabil i ty, p erfo rmance,
an d ro bustn ess.
 14.2.7 HYPERVISORS
A Ty p e 2 h yp ervisor is software that creates and run s VM in stan ces. The comp uter, o n which a hy perv iso r
is su p p o rting o ne or mo re VMs, is a ho st machine. Typ e 2 hy perv iso rs are also called h osted hy perv iso rs.
T h is is becau se the hy perv iso r is installed on to p of th e ex isting OS, su ch as macOS, Win do ws, or Lin ux .
T h en , o ne or more add itio nal OS in stances are in stalled on top o f the hy perv iso r, as sh own in th e figure.
A b ig adv antage of Ty pe 2 h yp ervisors is that manag ement con so le software is n ot requ ired.

Not e: It i s i mport ant t o make s ure t hat t h e hos t machi ne i s robus t

enough t o i nst al l and run t he VMs, s o t hat i t does not run out of Type 2
res ources.
Hypervisor:
14.2.8 SOFTWARE-DEFINED
NETWORKING
 14.2.9 Network Virtualization

Virtualization separates the operating system (OS) from the hardware.

Server virtualization takes advantage of idle resources and consolidates the number of required
servers. This also allows for multiple operating systems to exist on a single hardware platform.

For example, in the figure, the previous eight dedicated servers have been consolidated into
two servers using hypervisors to support multiple virtual instances of the operating systems.
14.2.9 Network Virtualization

Network virtualization combines traditional networking

hardware and software network resources into a
software-based entity, which is a virtual network.
Could the network infrastructure also benefit from
virtualization? If so, then how? The answer is found in
how a networking device operates using a data plane
and a control plane.
 14.2.10 Control Plane and Data Plane
The figure below illustrates how Cisco Express Forwarding (CEF) uses the control plane and A network device contains the following planes:
data plane to process packets.
Control plane - This is typically regarded as the brains of
a device. It is used to make forwarding decisions. The
control plane contains Layer 2 and Layer 3 route
forwarding mechanisms, such as the IPv4 and IPv6
routing tables, and the ARP table. Information sent to the
control plane is processed by the CPU.

Data plane - This component, commonly referred to as the

forwarding plane, acts as a switch fabric connecting the
network to the device. It facilitates the transmission of any
device data plane traffic flow. Routers and switches use
details from the control plane to route incoming traffic
through an appropriate outgoing interface. The data plane
usually involves a dedicated processor, reducing CPU
involvement.
14.2.11 Network Virtualization and SDN
Network virtualization combines networking hardware
and software network resources into a software-based
entity which is a virtual network.

Software-Defined Networking (SDN) is a network

architecture that virtualizes the network, offering a new
approach to network administration and management
that seeks to simplify and streamline the administration
process

SDN is basically divided into control plane and data plane.

Instead of individual devices controlling the processing, it
is managed by a central controller, as shown in the figure.
This controller communicates control plane functions for
each device, allowing them to focus on data transmission.
The centralized controller enhances data flow
management, security, and other services.
 14.2.12 SDN Architecture

In a traditional router or switch architecture,

the control plane and data plane functions
occur in the same device. Routing decisions
and packet forwarding are the responsibility
of the device operating system. In SDN,
management of the control plane is moved
to a centralized SDN controller. The figure
compares traditional and SDN architectures.

The SDN controller is a logical entity that enables network administrators to manage and dictate how the data plane of
switches and routers should handle network traffic. It typically runs on a server. It orchestrates, mediates, and facilitates
communication between applications and network elements.
14.3 Mobile Device
Connectivity
CONTENT
01 MOBILE DEVICES AND WI-FI

02 WI-FI SETTINGS

03 CONFIGURE MOBILE WI-FI

CONNECTIVITY
04 CONFIGURE CELLULAR DATA
SETTINGS
05 BLUETOOTH CONFIGURATION

06 SIMPLE CONNECTIVITY WITH

BLUETOOTH
07 BLUETOOTH PAIRING
14.3.1 Mobile Devices and Wi-Fi
Mobile devices give us the power to work, study, play and communicate anywhere.
They free us from the restrictions of a fixed location, enabling voice, video and data
communications. Furthermore, wireless facilities such as internet cafes are common
throughout the world. College campuses use wireless networks, allowing students
to enroll in classes, attend lectures, and give assignments in places where physical
communication networks are not available As mobile devices gain momentum,
many businesses that previously relying on wireless supercomputers, can now be
done on mobile devices over wireless networks
14.3.1 Mobile Devices and Wi-Fi
Most mobile devices can connect to Wi-Fi networks. It is
recommended to do so whenever possible because data
usage over Wi-Fi does not drain your cellular data plan,
and Wi-Fi consumes less battery compared to cellular
Safety is why it is important to treat it safely use over Wi-
Fi network connections. Use these precautions to protect
Wi-Fi connections on mobile devices:

• Never send login or password information using

unencrypted text (plaintext).
• Use a VPN connection when possible if you are
sending sensitive data.
• Enable security on home networks.
• Use WPA2 or higher encryption for security.
 14.3.2 Wi-Fi Settings
Two of the most popular operating systems for mobile devices are Android and Apple iOS. Each operating system has settings that enable you to
configure your device to connect to wireless networks.

ANDROID Wi-Fi Switch iOS Wi-Fi Switch

To connect an Android or iOS device to Wi-Fi, simply enable Wi-Fi, and the device will scan the available networks and display them in a list. Go to
the desired web page and enter a password if necessary.

When the mobile device goes into Wi-Fi range, it searches for another available Wi-Fi network. If none are found, it goes to the cellular
data network. When Wi-Fi is enabled, the device will connect to known networks. It displays the available options for the new network or
asks permission to add them.
 14.3.3 Configure Mobile Wi-Fi Connectivity

If your mobile device does not prompt to connect

to a Wi-Fi network, the network SSID broadcast
may be turned off, or the device may not be set to
connect automatically. Manually configure the
Wi-Fi settings on the mobile device. Remember
that SSIDs and passphrases must be typed exactly
as entered on the wireless router setup or the
device will not connect properly, as shown in the
figure
 14.3.3 Configure Mobile Wi-Fi Connectivity
Operating systems for mobile devices are updated frequently and may be customized by the device manufacturer.
The commands listed below may not be exactly the same on your device. There are online manuals for every type of
device which are usually accessible from the website of the manufacturer.

To connect to a Wi-Fi network manually on To connect to a Wi-Fi network

an Android device, follow these steps: manually on an iOS device, follow
these steps:
Step 1: Select Settings > Add network. Step 1: Select Settings > Wi-Fi > Other.

Step 2: Enter the network SSID. Step 2: Enter the network SSID.

Step 3: Touch Security and select a security type. Step 3: Touch Security and select a security type.

Step 4: Touch Password and enter the password. Step 4: Touch Other Network.

Step 5: Touch Save. Step 5: Touch Password and enter the password.

Step 6: Touch Join.

 14.3.4 Configure Cellular Data Settings
Cellular data plans are offered by most cell phone carriers, but the bandwidth limitations and charges for usage vary
widely by carrier, and by plan within carriers. As a result, many mobile device users only use their cellular data plans
when Wi-Fi service is not available.

ANDROID Cellular Data: iOS Cellular Data

To turn on or off cellular data on

To turn on or off cellular data on
an Android device, as shown in
an iOS device, as shown in the
the figure, use the following path:
figure, use the following path:

Settings > touch More under

Settings > Cellular Data > turn
Wireless and Networks > touch
cellular data on or off
Mobile Networks > touch Data
enabled

Mobile devices are preprogrammed to use a Wi-Fi network for internet if one is available and the device can connect to the access point and receive an
IP address. If no Wi-Fi network is available, the device uses the cellular data capability if it is configured. Most of the time, transitions from one
network to another are not obvious to the user. For example, as a mobile device moves from an area of 4G coverage to 3G coverage, the 4G radio shuts
off and turns on the 3G radio. Connections are not lost during this transition.
14.3.5 BLUETOOTH
CONFIGURATION
 14.3.6 Simple Connectivity with Bluetooth

Mobile devices connect using different methods such as cellular and Wi-Fi, which
can be difficult to configure and require additional equipments such as towers,
access points. Cable connections to connect headsets or speakers together may not
be practical sometimes. In contrast, Bluetooth offers a simple, wireless solution
for devices and accessories to support communication. It is automatic, power
efficient, saves battery life and supports up to eight connections simultaneously.
 14.3.6 SIMPLE
CONNECTIVITY WITH
These are some examples of how devices use Bluetooth:

BLUETOOTH
HANDS-FREE K EYBO ARD OR STEREO CON TROL -
A small earpiece with
HEADSET - a MOorUSE
A keyboard - can be
mouse A mobile device can connect
microphone can be used for connected to a mobile device to to a home or car stereo to
making and receiving calls. make input easier. play music.
 14.3.6 SIMPLE
CONNECTIVITY WITH
These are some examples of how devices use Bluetooth:

BLUETOOTH
CAR TETH ERIN MO BILE SPEA K ER -
ASPEAKERPHONE
device that contains - a A mobile device can connect to another Portable speakers can connect
G -
mobile device or computer to share a
speaker and a microphone can to mobile devices to provide
network connection. Tethering can also be
be used for making and performed with a Wi-Fi connection or a high-quality audio without a
receiving calls. cable connection such as USB. stereo system.
14.3.7 BLUETOOTH
PAIRING
Bluetooth pairing occurs when two Bluetooth devices establish a connection to share resources. In
order for the devices to pair, the Bluetooth radios are turned on, and one device begins searching
for other devices. Other devices must be set to discoverable mode, also called visible, so that they
can be detected. When a Bluetooth device is in discoverable mode, it transmits the following
information when another Bluetooth device requests it:

• Name
• Bluetooth class
• Services that the device can use
• Technical information, such as the features or the Bluetooth specification that it supports
 14.3.7 BLUETOOTH
PAIRING
During the pairing process, a personal identification number (PIN) may be requested to
authenticate the pairing process. The PIN is often a number, but can also be a numeric code or
passkey. The PIN is stored using pairing services, so it does not have to be entered the next time
the device tries to connect. This is convenient when using a headset with a smart phone, because
they are paired automatically when the headset is turned on and within range.
14.3.3 CONFIGURE MOBILE WI-FI
CONNECTIVITY
Remember that mobile device operating systems are updated frequently. Always refer to the documentation of the manufacturer for your specific
model device for the latest command reference.

To pair a Bluetooth device with an Android device, follow these steps:

• Step 1. Follow the instructions for your device to place it in discoverable mode.

• Step 2. Check the instructions for your device to find the connection PIN.

• Step 3. Select Settings > Wireless and networks.

• Step 4. Touch Bluetooth to turn it on.

• Step 5. Touch the Bluetooth tab.

• Step 6. Touch Scan for devices.

• Step 7. Touch the discovered device to select it.

• Step 8. Type the PIN.

• Step 9. Touch the device name again to connect to it.

14.3.3 CONFIGURE MOBILE WI-FI
CONNECTIVITY
Remember that mobile device operating systems are updated frequently. Always refer to the documentation of the manufacturer for your specific
model device for the latest command reference.

To pair a Bluetooth device with an iOS device, follow these steps:

• Step 1. Follow the instructions for your device to place it in discoverable mode.

• Step 2. Check the instructions for your device to find the connection PIN.

• Step 3. Select Settings > Bluetooth.

• Step 4. Touch Bluetooth to turn it on.

• Step 5. Touch the discovered device to select it.

• Step 6. Type the PIN.

14.4 SUMMARY
 14.4 SUMMARY - ISP CONNECTIVITY OPTIONS

14.1 ISP Connectivity Options

An ISP provides the link between the home network and the internet. Each ISP connects to other ISPs to form a
network of links called the internet backbone, which interconnects users all over the world. The internet backbone
uses fiber-optic cable to provide high-speed data links to connect the various service provider networks in major
metropolitan areas around the world.

Use a router to securely connect a computer to an ISP. The router includes a switch to connect wired hosts and a
wireless AP to connect wireless hosts. The router also provides client addresses and security for inside hosts.

The most common connection options for small office and home users are cable and DSL. Other ISP connection
options include cellular, satellite, and dial-up using a telephone line.
 14.4 SUMMARY - NETWORK VIRTUALIZATION
14.2 Network Virtualization

Cloud computing allows us to store personal files, even backup an entire drive on servers over the internet. Cloud computing is possible
because of data centers. Data centers are facilities used to house computer systems and associated components. There are public, private,
hybrid, and community clouds. The four main cloud computing services are SaaS, PaaS, IaaS, and ITaaS.

Virtualization is the foundation of cloud computing. Virtualization reduces costs and enables prototyping, faster server provisioning,
increased server uptime, improved disaster recovery, and extends legacy support. The hypervisor is a program, firmware, or hardware
that adds an abstraction layer on top of the physical hardware. The abstraction layer is used to create virtual machines which have access
to all the hardware of the physical machine such as CPUs, memory, disk controllers, and NICs. The Type 2 Hypervisor is the “hosted”
approach. The Type 1 Hypervisor is known as the “bare metal” approach.

Virtualization separates the operating system (OS) from the hardware. Network virtualization combines traditional networking hardware
and software network resources into a software-based entity, a virtual network. The control plane is typically regarded as the brains of a
device. The data plane (forwarding plane) is typically the switch fabric that is connecting the network ports to a device.
 14.4 SUMMARY - NETWORK VIRTUALIZATION

14.2 Network Virtualization

SDN is basically the separation of the control plane and data plane. The control plane function is removed from each device and is
performed by a centralized controller. The centralized controller communicates control plane functions to each device. Each device
can now focus on forwarding data while the centralized controller manages data flow, increases security, and provides other services.
The SDN controller is a logical entity that enables network administrators to manage and dictate how the data plane of switches and
routers should handle network traffic. It typically runs on a server. It orchestrates, mediates, and facilitates communication between
applications and network elements.
 14.4 SUMMARY - MOBILE DEVICE CONNECTIVITY

14.3 Mobile Device Connectivity

Where possible, connect to Wi-Fi networks because data used over Wi-Fi does not count against most cellular
data plans. Because Wi-Fi radios use less power than cellular radios, connecting to Wi-Fi networks conserves
battery power. Use security when connecting to Wi-Fi networks:

• Never send login information in plaintext.

• Use a VPN connection.
• Enable security on your home networks.
• Use WPA2 or higher encryption.

Two popular operating systems for mobile devices are Android and Apple iOS. They each let you configure them
to connect to wireless networks. When a mobile device is out of the range of the Wi-Fi network, it attempts to
connect to another Wi-Fi network in range. If no Wi-Fi networks are in range, the mobile device connects to the
cellular data network.
 14.4 SUMMARY - MOBILE DEVICE CONNECTIVITY

14.3 Mobile Device Connectivity

If your mobile device does not prompt to connect to a Wi-Fi network, the network SSID broadcast may be turned
off, or the device may not be set to connect automatically. Manually configure the Wi-Fi settings on the mobile
device. Remember that SSIDs and passphrases must be typed exactly as entered on the wireless router setup or
the device will not connect properly.

Cellular data plans are offered by most cell phone carriers, but the bandwidth limitations and charges for usage
vary widely by carrier and by plan within carrier. As a result, many mobile device users only use their cellular data
plans when Wi-Fi service is not available.

Bluetooth pairing is when two Bluetooth devices establish a connection to share resources. In order for the
devices to pair, the Bluetooth radios are turned on, and one device begins searching for other devices. Other
devices must be set to discoverable mode, also called visible, so that they can be detected.
Bluetooth technology provides a simple way for mobile devices to connect to each other and to wireless
accessories. Bluetooth is wireless, automatic, and uses very little power, which helps conserve battery life. Up to
eight Bluetooth devices can be connected together at any one time.
 CPE313

SECURITY
CONSIDERATIO
NS
MODULE 15 - ED JAY OGOY, KIENSHEEN BARROS
TYPES OF THREATS
Wired or wireless, computer networks are crucial to daily life. Organizations and individuals
use computers and networks for email, accounting, organizing, and file management.
Unauthorized intrusions can cause costly network interruptions and lost work. Network
attacks can destroy or steal critical data, costing time and money. Computer vulnerabilities,
hardware assaults, and guessing usernames and passwords can allow intruders to enter a
network. Threat actors tweak software or exploit flaws to get access.

When the threat actor gains access to the network, four types of threat may arise:
• Information theft
• Data loss and manipulation
• Identity theft
• Disruption of service
TYPES OF THREATS
Information theft - is breaking into a computer to obtain confidential
information. Information can be used or sold for various purposes such as when
someone is stealing proprietary information of an organization, like research and
development data.

Data loss and manipulation - is breaking into a computer to destroy or alter data
records. An example of data loss is a threat actor sending a virus that re formats
a computer hard drive. An example of data manipulation is breaking into a
records system to change information, such as the price of an item.
TYPES OF THREATS
Identity theft - is a form of information theft where personal
information is stolen for the purpose of taking over the identity of
someone. Using this information, a threat actor can obtain legal
documents, apply for credit, and make unauthorized online
purchases. Identify theft is a growing problem costing billions of
dollars per year.

Disruption of service - is preventing legitimate users from accessing

services to which they are entitled. Examples include denial of
service (DoS) attacks on servers, network devices, or network
communications links.
 CPE313

INTERNAL AND
EXTERNAL
THREATS
 INTERNAL AND EXTERNAL
THREATS
External threats arise from individuals
working outside of an organization.
They are not permitted to use the
computers or the network. Most
attempts by outsiders to breach a
network are made through the
internet, either via wireless access
points or dial-up servers.
Internal threats occur when someone has authorized
access to the network through a user account, or has
physical access to the network equipment. Internal
attackers know the internal policies and people. They
often know what information is both valuable and
vulnerable, and how to get to it. However, not all
internal attacks are intentional. In some cases, an
internal threat can come from a trustworthy employee
who picks up a virus or security threat while outside
the company and unknowingly brings it into the
internal network. Most companies spend a lot of
money securing against external attacks, but trusted
internal users trigger some of the worst incidents. Lost
smart phones, detachable storage devices, computers,
and inadequate data removal before disposal are
major ways user data finds up in the wrong hands.
 SOCIAL ENGINEERING
ATTACKS
Social engineering is a term that refers to the ability of something or someone to influence
the behavior of a person or group of people. In the context of computer and network
security, social engineering refers to a collection of techniques used to deceive internal
users into performing specific actions or revealing confidential information. The attacker
uses these methods to steal bank account numbers and passwords from unsuspecting
genuine users.

Social engineering attacks exploit the fact that users are generally considered one of the
weakest links in security. Social engineers can be internal or external to the organization,
but most often do not come face-to-face with their victims.
SOCIAL ENGINEERING
ATTACKS
 CPE313

TYPES OF
SOCIAL
ENGINEERING
ATTACKS
TYPES OF SOCIAL ENGINEERING
Pretexting ATTACKS
Pretexting is a form of social engineering where an invented scenario (the
pretext) is used on a victim in order to get the victim to release information or
perform an action. The target is typically contacted over the telephone. For
pretexting to be effective, the attacker must be able to establish legitimacy
with the intended target, or victim. This often requires some prior knowledge
or research on the part of the attacker. For example, if a threat actor knows
the social security number of the target, the threat actor may use that
information to gain the trust of the target. The target is then more likely to
release further information.
TYPES OF SOCIAL ENGINEERING
ATTACKS
 TYPES OF SOCIAL ENGINEERING
Phishing ATTACKS
Phishing is a form of social engineering where the phisher pretends to
represent a legitimate person from another organization. The phisher
typically contacts the target individual via email, as shown in the figure,
or text messaging. The phisher might ask for verification of information,
such as passwords or usernames in order to prevent some terrible
consequence from occurring.
 TYPES OF SOCIAL ENGINEERING
Vishing / Phone Phishing ATTACKS
A new form of social engineering that uses Voice over IP (VoIP) is known
as vishing. With vishing, unsuspecting users are sent a voice mail
instructing them to call a number which appears to be a legitimate
telephone-banking service. The call is then intercepted by a thief. Bank
account numbers or passwords entered over the phone for verification
are then stolen.
In addition to social engineering, there are other types of attacks launched by malicious
software which exploit the vulnerabilities in computer software. Malware is the short name
for malicious software.

Examples of malware attacks include viruses, worms, and trojan horses. All of these are types
of malware introduced onto a host. They can damage a system, destroy data, as well as
deny access to networks, systems, or services. They can also forward data and personal
details from unsuspecting PC users to criminals. In many cases, they can replicate
themselves and spread to other hosts connected to the network. Imagine how difficult it
would be to recreate saved files, such as game files, license key files, photographs, and
videos. These methods are often used with social engineering to lure a person into a hack.
 MALWARE
In addition to social engineering, there are various sorts of assaults that
are conducted by malicious software and which exploit the
vulnerabilities in computer software. These attacks take use of
loopholes in the program. The phrase "malicious software" is often
abbreviated to "malware".
 VIRUSES
A virus is a program that spreads by modifying other programs or files. A
virus cannot start by itself; it needs to be activated. When activated, a virus
may do nothing more than replicate itself and spread. Though simple, even
this type of virus is dangerous as it can quickly use all available memory and
bring a system to a halt. A more serious virus may be programmed to delete
or corrupt specific files before spreading. Viruses can be transmitted via
email, downloaded files, and instant messages, or via CD or USB devices.
 WORMS
A worm is similar to a virus, but unlike a virus, it does not need to attach itself to
an existing program. A worm uses the network to send copies of itself to any
connected hosts. Worms can run independently and spread quickly. They do not
necessarily require activation or human intervention. Self-spreading network
worms can have a much greater impact than a single virus and can infect large
parts of the internet quickly.
 TROJAN HORSES
A Trojan horse is a program that is written to appear like a legitimate
program, when in fact it is an attack tool. It cannot replicate itself. A
Trojan horse relies upon its legitimate appearance to deceive the victim
into initiating the program. It may be relatively harmless or may contain
code that can damage the hard drive content of the computer. Trojans
can also create a back door into a system that then allows threat actors
to gain access.
 SPYWARE
A spyware is any program that gathers personal information from your computer
without your permission or knowledge. This information is sent to advertisers or
others on the internet and can include passwords and account numbers.

Spyware is usually installed unknowingly when downloading a file, installing another

program, or clicking a popup. It can slow down a computer and make changes to
internal settings which creates more vulnerabilities for other threats. In addition,
spyware can be very difficult to remove.
 TRACKING COOKIES
Cookies are a form of spyware but are not always bad. They are
used to record information about an internet user when the
user visits websites. Cookies may be useful or desirable by
allowing personalization and other time saving techniques.
Many websites require that cookies be enabled in order to allow
the user to connect.
 ADWARE
Adware is a form of spyware that is used to collect information about a user
based on websites the user visits. That information is then used for targeted
advertising. Adware is commonly installed by a user in exchange for a "free"
product. When a user opens a browser window, adware can start new
browser instances which attempt to advertise products or services based on
the surfing practices of a user. The unwanted browser windows can open
repeatedly, and can make surfing the internet very difficult, especially with
slow internet connections. Adware can be very difficult to uninstall
 POPUPS AND POP-UNDERS
Popups and pop-unders are additional advertising windows that display when a website
is visited. Unlike adware, popups and pop-unders are not intended to collect information
about the user and are typically associated only with the website being visited. They can
be annoying and usually advertise products or services that are not wanted by the user.

• Popups - These open in front of the current browser window.

• Pop-unders - These open behind the current browser window.
 BOTNETS AND ZOMBIES
"Bot" is derived from the word "robot" which describes how the devices act when they are
infected. Malicious bot software infects a host, usually through an email or web page link, by
downloading and installing a remote control function. When infected, the “zombie” computer
contacts servers managed by the botnet creator. These servers operate a botnet of infected
devices. Infected devices may spread the program to unprotected network devices, expanding
the botnet. A botnet may have thousands of infected devices.

Bot software can also compromise the security of infected machines. Installed software may
track keystrokes, acquire passwords, capture and analyze packets, gather financial data,
perform DoS attacks, and relay spam. Bots take advantage of time zones, often waking up the
zombie systems during the idle times in each time zone. Many users keep their computers
always connected to the internet, even when they are away from home or sleeping. This
creates the perfect environment for botnet creators to use the bandwidth and processing
power of the idle devices.
15.4 DENIAL OF
SERVICE
 DENIAL OF SERVICES
(DOS)
•These are aggressive attacks on an individual computer
computers with the intent to deny services to intended users
or groups of

•It can target end user systems, servers, routers, and network links. DoS
attacks are relatively simple and can be initiated by an unskilled threat actor.

A threat actor uses a DoS attack to perform these functions:

•Flood a network, host, or application with traffic to prevent legitimate
network traffic from flowing.
•Disrupt connections between a client and server to prevent access to a
service.
 DENIAL OF SERVICES
Types of DoS attacks
(DOS)
•SYN (synchronous) flooding - This is when a flood of packets are sent to a
server requesting a client connection. The packets contain invalid source IP
addresses. The server becomes occupied trying to respond to these fake
requests and therefore cannot respond to legitimate ones.

•Ping of death - This is when a packet that is greater in size than the
maximum allowed by IP (65,535 bytes) is sent to a device. This can cause the
receiving system to crash.
DENIAL OF SERVICES
(DOS)
 DISTRIBUTED DENIAL OF
SERVICE (DDOS)
•It is a more sophisticated and potentially damaging form of the DoS attack.
•Its designed to saturate and overwhelm network links with useless data. DDoS operates on a much
larger scale than DoS attacks.
•The systems that are infected with the DDoS code attack the target site when invoked. This group
of infected computers is often called a botnet.

Brute Force
•With brute force attacks, a fast computer is used to try to guess passwords or to decipher an
encryption code. The attacker tries a large number of possibilities in rapid succession to gain access
or crack the code.
•Brute force attacks can cause a denial of service due to excessive traffic to a specific resource, or
by locking out user accounts.
DISTRIBUTED DENIAL OF
SERVICE (DDOS)
15.5 SECURITY
TOOLS
 SECURITY PRACTICES AND
PROCEDURES
•Taking protective measures can guard you from loss of sensitive or confidential
data, and can protect your systems from being damaged or compromised.
Security procedures can range from simple, inexpensive tasks such as
maintaining up-to-date software releases, to complex implementations of
firewalls and intrusion detection systems.

•Some of the most effective security procedures are simple to implement and do
not require extensive technical knowledge. A username and password are two
pieces of information that a user needs to log on to a computer or application.
SECURITY PRACTICES AND
PROCEDURES
• Bios Password
SECURITY PRACTICES AND
PROCEDURES
• Windows Login
SECURITY PRACTICES AND
PROCEDURES
• Network Login
 SECURITY PRACTICES AND
PROCEDURES
•It is important to change the default username for accounts such as administrator or guest,
because these default usernames are widely known.

•Whenever possible, change the default usernames of all users on computers and network
equipment.

•Internet security is a major concern around the world. As a result, many tools are available
to network users to protect the devices from attacks and to help remove malware from
infected machines.

•Internet security is a major concern around the world. As a result, many tools are available
to network users to protect the devices from attacks and to help remove malware from
SECURITY PRACTICES AND
APPLICATIONS
PATCHES AND UPDATES

• It is important to keep software applications up-to-date with the latest security

patches and updates to help deter threats.
•A patch is a small piece of code that fixes a specific problem.
•An update, on the other hand, may include additional functionality to the software
package as well as patches for specific issues
 PATCHES AND UPDATES
Windows 10 Update Settings
15.6 ANTIMALWARE
SOFTWARE
 SIGNS OF INFECTIONS
•Even when the OS and applications have all the current patches and updates, they may
still be susceptible to attack. Any device that is connected to a network is susceptible to
viruses, worms, and Trojan horses.

Some of the signs that a virus, worm, or Trojan horse may be present include the
following:
•Computer starts acting abnormally
•Program does not respond to mouse and keystrokes
•Programs starting or shutting down on their own
•Email program begins sending out large quantities of email
•CPU usage is very high
•There are unidentifiable processes or a large number of processes running
•Computer slows down significantly or crashes, such as the when the Windows “blue
screen of death” (BSoD) appears,
 SIGNS OF INFECTIONS
Windows BSoD
 ANTIVIRUS SOFTWARE
•Antivirus software can be used as both a preventive tool and as a reactive
tool. It prevents infection. It detects and removes viruses, worms, and Trojan
horses. Antivirus software should be installed on all computers connected to
the network.

•Antivirus software relies on known “virus signatures” to find and prevent new
viruses from infecting the computer. Virus signatures are patterns within the
programs that are common to other malicious programs that have already been
identified as harmful. When new virus programs are found on the internet, the
signature files for the antivirus are updated with the new information. It is
important to keep virus checker software updated with the latest signature files
to protect the system from infection.
 ANTIVIRUS SOFTWARE
Some of the features that can be included in antivirus programs are:
•Email checking - Scans incoming and outgoing emails, and identifies spam
and suspicious attachments.
•Resident dynamic scanning - Checks program files and documents when they
are accessed.
•Scheduled scans - Virus scans can be scheduled to run at regular intervals and
check specific drives or the entire computer.
•Automatic Updates - Checks for and downloads known virus characteristics
and patterns. Can be scheduled to check for updates on a regular basis.
ANTIVIRUS SOFTWARE
 ANTISPAM SOFTWARE
•Antispam software protects hosts by identifying spam and performing an
action, such as placing it into a junk folder or deleting it. Spam filters can
be loaded on individual devices, but can also be loaded on email servers.
In addition, many ISPs offer spam filters. Antispam software does not
recognize all spam, so it is important to open email carefully. It may also
accidentally identify wanted email as spam and treat it as such.
 ANTISPYWARE SOFTWARE
Antispyware and Adware
•Spyware and adware can also cause virus-like symptoms. Antispyware
software detects and deletes spyware applications, as well as prevents future
installations from occurring. Many antispyware applications also include
detection and deletion of cookies and adware. Some antivirus packages include
antispyware functionality.

Popup Blockers
•Popup blocking software can be installed to prevent popups and pop-unders.
Many web browsers include a popup blocker feature by default. Note that
some programs and web pages create necessary and desirable popups. Most
popup blockers offer an override feature for this purpose.
 ADITIONAL SAFEGUARDS
•One of the most common types of spam forwarded is a virus warning.
Although some virus warnings sent via email are true, a large number of them
are hoaxes and do not really exist.

•This type of spam can create problems because people warn others of the
impending disaster and so flood the email system. In addition, network
administrators may overreact and waste time investigating a problem that does
not exist. Finally, many of these emails can actually contribute to the spread of
viruses, worms, and Trojan horses.
 ADITIONAL SAFEGUARDS
In addition to using spam blockers, other actions to prevent the spread of spam
include the following:
•Apply OS and application updates when available.
•Run an antivirus program regularly and keep it up to date.
•Do not forward suspicious emails.
•Do not open email attachments, especially from people you do not know.
•Set up rules in your email to delete spam that bypass the antispam software.
•Identify sources of spam and report it to a network administrator so it can be
blocked.
•Report incidents to the governmental agency that deals with abuse by spam.
ADITIONAL SAFEGUARDS
 15.7 SECURITY
CONSIDERATIONS
SUMMARY
SECURITY THREATS
•When a threat actor gains access to the network, four types of threat may arise:
information theft, identity theft, data loss or manipulation, and disruption of
service. Security threats from network intruders can come from both internal and
external sources.

•External threats come from threat actors working outside of an organization who
do not have authorized access to the computer systems or network. They work
their way into a network mainly from the internet, wireless links, or dialup access
servers.

•Internal threats occur when someone has authorized access to the network
through a user account or has physical access to the network equipment. In some
cases, an internal threat can come from a trustworthy employee who picks up a
OCIAL ENGINEERING ATTACKS
•Social engineering attacks exploit the fact that users are generally considered one
of the weakest links in security. Social engineers are threat actors and can be
internal or external to the organization. Three of the most common methods used
to obtain information directly from authorized users are pretexting, phishing, and
vishing.

•Phishing is where the phisher pretends to represent a legitimate outside

organization. The phiser Typically contacts the target individual via email or text
messaging. Vishing is where the threat actor uses VoIP. With vishing, an
unsuspecting user is sent a voice mail instructing that user to call a number which
appears to be a legitimate telephone-banking service. The call is then intercepted
by a thief. Bank account numbers or passwords entered over the phone for
verification are then stolen.
 MALWARE
Viruses, worms, and Trojan horses are all types of malicious software introduced
onto a host:
•A virus is a program that spreads by modifying other programs or files. A virus
cannot start by itself; it needs to be activated.

•A worm is similar to a virus, but unlike a virus does not need to attach itself to an
existing program. A worm uses the network to send copies of itself to any
connected hosts. Worms can run independently and spread quickly.

•A Trojan horse is a program that is written to appear like a legitimate program,

when in fact it is an attack tool. It cannot replicate itself. A victim must initiate the
program to activate a Trojan horse.

•One of the major ways that spam can be sent is through the use of a botnet or bot.
 MALWARE
•Spyware is any program that gathers personal information from your computer without
your permission or knowledge. This information is sent to advertisers or others on the
internet and can include passwords and account numbers. Cookies are a form of spyware
used to record information about internet users when they visit websites.

•Adware is a form of spyware used to collect information about a user based on websites the
user visits. That information is then used for targeted advertising. . Popups and pop-unders
are additional advertising windows that display when visiting a web site. Unlike adware,
popups and pop-unders are not intended to collect information about the user.

•Malicious bot software infects a host, usually through an email or web page link, by
downloading and installing a remote control function. When infected, the “zombie”
computer contacts servers managed by the botnet creator. These servers act as a command
and control (C&C) center for an entire network of compromised devices, or "botnet."
 DENIAL OF SERVICE
•A DoS attack floods a system or network with traffic to prevent legitimate network traffic
from flowing and disrupts connections between a client and server to prevent access to a
service. Common DoS attacks are SYN flooding and ping of death.

•DDoS is designed to saturate and overwhelm network links with useless data. Typically
hundreds or thousands of attack points attempt to overwhelm a target simultaneously. The
attack points may be unsuspecting computers that have been previously infected by the
DDoS code.

•A brute force attack may also result in denial of services. With brute force attacks, a fast
computer is used to try to guess passwords or to decipher an encryption code. Brute force
attacks can cause a denial of service due to excessive traffic to a specific resource, or by
locking out user accounts.
 SECURITY TOOLS
•A username and password are two pieces of information that a user needs to log on to a
computer or application. When a threat actor knows one of these entries, the attacker needs
only to crack or discover the other entry to gain access to the computer system. Change the
default usernames of all users on computers and network equipment. View passwords as a
key to valuable data and make them as secure as possible.

•Some of the security tools and applications used in securing a network include software
patches and updates, virus protection, spyware protection, spam blockers, popup blockers,
and firewalls.

•It is important to keep software applications up-to-date with the latest security patches and
updates to help deter threats. A patch is a small piece of code that fixes a specific problem.
An update may include additional functionality to the software package, as well as patches
for specific issues.
ANTIMALWARE SOFTWARE
•Some of the signs that a virus, worm, or Trojan horse may be present include these: when a
computer starts acting abnormally; when a program does not respond to mouse and
keystrokes; when programs start up or shut down on their own; when an email program
begins sending out large quantities of email; when CPU usage is very high; when there are
unidentifiable processes, or a large number of processes running; and when the computer
slows down significantly or crashes.

•Antivirus software can be used as both a preventive tool and as a reactive tool. It prevents
infection and detects, and removes, viruses, worms and Trojan horses. Antivirus software
should be installed on all computers connected to the network.

•Antispam software protects hosts by identifying spam and performing an action, such as
placing it into a junk folder or deleting it.
ANTIMALWARE SOFTWARE
•Antispyware software detects and deletes spyware applications, as well as prevents future
installations from occurring. Many antispyware applications also include detection and
deletion of cookies and adware. Popup blocking software can be installed to prevent popups
and pop-unders.

•Other actions to prevent the spread of spam include the following: apply OS and
application updates when available; run an antivirus program regularly and keep it up to
date; do not forward suspicious emails and do not open email attachments, especially from
people you do not know; set up rules in your email to delete spam that bypasses the
antispam software; identify sources of spam and report it to a network administrator so that
it can be blocked; and report incidents to the government agency that deals with abuse by
spam.
 CPE313

CONFIGURE
NETWORK &
DEVICE
MODULE 16 - PAUL F. OGSIMER

SECURITY
 WIRELESS
VULNERABILITIES
One of the primary benefits of wireless networking
is ease and convenience of connecting devices.
Unfortunately, that ease of connectivity and the fact
that the information is transmitted through the air
also makes your network vulnerable to interception
and attacks, as shown in the figure. Before your
wireless network is installed, it is important to
consider how you plan to secure access to it.
WAR DRIVING, WAR WALKING, AND WAR
CHALKING
• War-driving is the process of driving around an area searching for wireless
LANs. When a wireless LAN is discovered, the location of the WLAN is
logged and shared. The goal of war-driving may be to access the WLAN to
steal information. In some cases, the goal is to bring attention to the fact
that most wireless networks are insecure.

• A similar process to war-driving is known as war-walking where the person

walks around an area to discover wireless access. When a WLAN is
discovered, a chalk mark is placed in front of the location to indicate the
status of the wireless connection.

• With wireless connectivity, the attacker does not need a physical connection
to your computer or any of your devices to access your network. It is
possible for an attacker to tune into signals from your wireless network,
much like tuning into a radio station.
A COMPREHENSIVE SECURITY
PLAN
Security measures should be planned
and configured before connecting
the home wireless router to the
network or ISP.

BASIC WIRELE SS
SETTINGS
• Change the default Service Set
Identifier (SSID)
• Disable SSID broadcast
WIRELESS
SECURITY
Set the security profile for each
band:
• Configure the security mode to
use WPA2 Personal.

• Set the encryption to Advanced

Encryption Standard (AES).

• Configure a passphrase.
MAC ADDRESS
FILTERING
Configure the MAC addresses that
you want to prevent or permit on the
WLAN.
PORT
FORWARDING
Configure the ports that should be
forwarded to a specific device,
such as a web server in your
demilitarized zone (DMZ).
DEMILITARIZED ZONE
(DMZ)
Configure the IPv4 address for the
server in the DMZ.
SSID
BROADCASTS
• One easy way to gain entryto a wire less
network is through the network na me , or
SSID.

• All computers connecting to the wire less

network must be configure d with or
connect to the appropriate SSID. By
default, wireless routers and ac ce ss points
broadcast SSIDs to all compute rs within
the wireless range. With SSID broa dca st
activated, as shown in the figure , any
wireless client can detect the ne twork and
connect to it, if no other se curity fe atures
are in place.
CHANGING DEFAULT
SETTINGS
What are default settings and why
are they there? Most wireless
access points and routers are
preconfigured with settings such
as SSIDs, administrator
passwords, and IP addresses.
These settings make it easier for
the novice user to set up and
configure the device in the home
LAN environm ent. Unfortunately,
these defaults can also make it
easy for an attacker to identify
MAC ADDRESS
FILTERING
One way to limit access to the wireless network is to control exactly which devices are
allowed on the wireless network (or on some routers/APs the configuration is what devices
are not allowed) by filtering MAC addresses. If MAC address filtering is configured for
devices that are allowed on the network, when a wireless client attempts to connect, or
associate, with an AP it will send MAC address information. The wireless router or AP will
look up the MAC address of the connecting client and permit or allow the device onto the
wireless network based on the configuration.
OPEN
AUTHENTICATION
The use of a username and password is a most common form of authentication. In a
wireless environment, authentication still ensures that the connected host is verified, but
handles the verification process in a slightly different manner. Authentication, if enabled,
must occur before the client is allowed to connect to the WLAN. There are different types
of wireless authentication methods including open authentication, PSK, EAP, and SAE.
PSK, EAP, and SAE are beyond the scope of this course.
AUTHENTICATION AND
ASSOCIATION
After authentication is enabled, regardless ofthe method used, the client must
successfully pass authentication before it can associate with the AP and join
your network. If both authentication and MAC address filtering are enabled,
authentication occurs first.
AUTHENTICATION
PROTOCOLS
Early wireless routers used a form of encryption known as Wired Equivalency Protocol
(WEP) to secure wireless transmissions between clients and access points. WEP is a
security feature that encrypts network traffic as it travels through the air. WEP uses pre-
configured keys to encrypt and decrypt data. A WEP key is entered as a string of numbers
and letters and is generally 64 bits or 128 bits long. In some cases, WEP supports 256 bit
encryption keys.
FIREWALL
OVERVIEW
A firewall is one of the most effective security tools available for protecting internal
network users from external threats. A firewall is usually installed between two or more
networks and controls the traffic between them, as well as helping to prevent unauthorized
access. Firewall products use various techniques for determining what is permitted or
denied access to a network.
FIREWALL
OPERATION
A hard ware fi rewall is a freestandi ng u ni t th at do es not use t he reso urces of the computers it is
prot ecti ng , so t here is no impact on p ro cessi ng performance. The fi rewall can be configured to block
mul t ip le in di vi dual external devices by IP address, t o p ermi t or deny p ackets matching the range of
TCP o r UDP p orts that you specify, or ev en t raffi c t hat i s speci fi c t o an application such as a
mul t ip layer vi deo game.
Ty pi call y a hardware firewall passes two di fferent t yp es o f t raffi c i nt o y our network:

• Respo nses t o traffic that originates fro m in si de you r n et work

• Traffi c t hat originated from out sid e t he o rg ani zat io n t hat i s desti n ed for a port that you have
i nt ent i on al ly permitted
THE
DMZ
Many home network devices, such as wireless routers, frequently include multifunction
firewall software. This firewall typically provides NAT in addition to IP, application, and
website filtering capabilities. They also support demilitarized zone (DMZ) capabilities, as
shown in the figure.
PORT
FORWARDING
When incoming traffic from the internet reaches your router, the firewall in the router determines if the
traffic should be forwarded to a certain device based on the port number found with the traffic. Port numbers
are associated with specific services, such as FTP, HTTP, HTTPS, and POP3. The rules that you configure in
the firewall settings determine which traffic is permitted on to the LAN. For example, a router might be
configured to forward port 80, which is associated with HTTP. When the router receives a packet with the
destination port of 80, the router forwards the traffic to the device inside the network that serves web pages.

The figure shows a single port forwarding rules table on a Cisco CVR100W Wireless-N VPN router.
PORT
TRIGGERING
Port triggering allow s the router to temporarily forw ard data through inbound TCP or UD P ports to a specific device.
You can use port triggering to forw ard data to a computer only w hen a designated port range is used to make an
outbound request. For example, a video game might use ports 27000 to 27100 for connecting with other players.
These are the trigger ports. A chat client might use port 56 for connecting the same players so that they can
communicate with each other while playing the game. In this instance, if there is gaming traffic on an outbound port
within the triggered port range, inbound chat traffic on port 56 is forwarded to the computer that is being used to play
the video game and chat with friends. When the game is over and the triggered ports are no longer in use, port 56 is
no longer allowed to send traffic of any type to this computer.

The figure show s a port range triggering rules table on a Cisco CV R100W Wireless-N V PN router.