Chapter4.

Introduction to Networking -Tejas ( IT Dept )

Why Networking?

If your business has more than one computer, chances are you could benefit from networking them. A local area
network (LAN) connects your company's computers, allowing them to share and exchange a variety of information.
While one computer can be useful on its own, several networked computers can be much more useful

*File sharing: A network makes it easy for everyone to access the same file and prevents people from accidentally
creating different versions.

*Printer sharing: With a network, several computers can share the same printer. Although you might need a more
expensive printer to handle the added workload, it's still cheaper to use a network printer than to connect a separate
printer to every computer in your office.

*Communication and collaboration: It's hard for people to work together if no one knows what anyone else is doing. A
network allows employees to share files, view other people's work, and exchange ideas more efficiently. In a larger
office, you can use e-mail and instant messaging tools to communicate quickly and to store messages for future
reference.

*Remote access: Having your own network allows greater mobility while maintaining the same level of productivity.
With remote access in place, users are able to access the same files, data, and messages even when they're not in the
office. This access can even be given to mobile handheld devices.

*Data protection: You should know by now that it's vital to back up your computer data regularly. A network makes it
easier to back up all of your company's data on an offsite server, a set of tapes, CDs, or other backup systems. (Of
course, another aspect of data protection is data security
________________________________________________________________________________________
1.Client-Server:

Client – Server architecture

*Client and Server both are an application program
*Role of client is to send query/request to server & Role of server is to search clients requested data into database.
Once requested data is found, server will send it back to requested client as a response.
*What is node?

-A node is any device connected to a computer network. Nodes can be computers, personal digital assistants (PDAs),
cell phones, or various other network appliances.
_________________________________________________________________________________________
2.Networking Components / Connecting Devices in Networking:

1.Hub
A hub is the simplest of these devices. Any data packet coming from one port is sent to all other ports. It is then up to
the receiving computer to decide if the packet is for it. Imagine packets going through a hub as messages going into a
mailing list. The mail is sent out to everyone and it is up to the receiving party to decide if it is of interest. The biggest
problem with hubs is their simplicity. Since every packet is sent out to every computer on the network, there is a lot of
wasted transmission. This means that the network can easily become bogged down. Hubs are typically used on small
networks where the amount of data going across the network is never very high.

__________________________________________________________________________________________

2.Bridge
A bridge goes one step up on a hub in that it looks at the destination of the packet before sending. If the destination
address is not on the other side of the bridge it will not transmit the data. A bridge only has one incoming and one
outgoing port.To build on the email analogy above, the bridge is allowed to decide if the message should continue on. It
reads the address bob@smith.com and decides if there is a bob@smith.com on the other side. If there isn’t, the
message will not be transmitted.Bridges are typically used to separate parts of a network that do not need to
communicate regularly, but still need to be connected.

_________________________________________________________________________________________
3.Switch
A switch steps up on a bridge in that it has multiple ports. When a packet comes through a switch it is read to
determine which computer to send the data to. This leads to increased efficiency in that packets are not going to
computers that do not require them. Now the email analogy has multiple people able to send email to multiple users.
The switch can decide where to send the mail based on the address. Most large networks use switches rather than
hubs to connect computers within the same subnet.

_________________________________________________________________________________________

4.Router
A router is similar in a switch in that it forwards packets based on address. But, instead of the MAC address that a
switch uses, a router can use the IP address. This allows the network to go across different protocols.The most
common home use for routers is to share a broadband internet connection. The router has a public IP address and that
address is shared with the network. When data comes through the router it is forwarded to the correct computer.This
comparison to email gets a little off base. This would be similar to the router being able to receive a packet as email
and sending it to the user as a fax.

_________________________________________________________________________________________
 3.Network Topology (Geometrical arrangement of n/w)

Network topology are the physical layout of the network that the locations of the computers and how the cable is run
between them. Each topology has its own strengths and weakness.

1.Bus topology
A bus topology connects computers along a single or more cable to connect linearly as figure 1. A network that uses a
bus topology is referred to as a "bus network" which was the original form of Ethernet networks. Ethernet 10Base2
(also known as thinnet) is used for bus topology.

Figure 1: Bus Topology. T-Connector

*Bus topology is the cheapest way of connecting computers to form a workgroup or departmental LAN, but it has the
disadvantage that a single loose connection or cable break can bring down the entire LAN !!!

*Termination is important issue in bus networks. The electrical signal from a transmitting computer is free to travel
the entire length of the cable. Without the termination, when the signal reaches the end of the wire, it bounces back
and travels back up the wire. When a signal echoes back and forth along an unterminated bus, it is called ringing. The
terminators absorb the electrical energy and stop the reflections.

Advantages of the bus:

1.Installation is very easy because it is a single cable network.

2.It uses less cabling than any other topology.
3.Additional nodes can be connected to an existing bus network at any point along its length.
4.It is a resilient (flexible) architecture means simple and reliable .
5.It is very economical.

Disadvantages of the bus:

*A bus topology becomes slow by heavy network traffic with a lot of computer because networks do not coordinate with each other to
reserve times to transmit. (When computers are added to bus, n/w performance is decreases)
*It is difficult to troubleshoot a bus because a cable break or loose connector will cause reflections and bring down the whole network.
*The damage area reflects signals back in the direction of origin, creating noise in both directions
2.Star topology
A star topology links the computers by individual cables to a central unit, usually a hub as in figure 2. When a computer
or other networking component transmits a signal to the network, the signal travels to the hub. Then, the hub forwards
the signal simultaneously to all other components connected to the hub. Ethernet 10BaseT is a network based on the
star topology. Star topology is the most popular way to connect computers in a workgroup or departmental network.

Figure 2: Star topology

Advantages of star topology:

*The failure of a single computer or cable doesn't bring down the entire network.
*The centralized networking equipment can reduce costs in the long run by making network management much easier.
*It allows several cable types in same network with a hub that can accommodate multiple cable types.

Disadvantages of star topology:

*Failure of the central hub causes the whole network failure.
*It is slightly more expensive than using bus topology.

__________________________________________________________________________________________________

3.Ring topology
A ring topology connects the computers along a single path whose ends are joined to form a circle as figure 3. The
circle might be logical only but the physical arrangement of the cabling might be similar to star topology, with a hub or
concentrator at the center. The ring topology is commonly used in token ring networks that the ring of a token ring
network is concentrated inside a device called a Multistation Access Unit (MAU) and Fiber Distributed Data
Interface (FDDI) networks that the ring in this case is both a physical and logical ring and usually runs around a
campus or collection of buildings to form a high-speed backbone network.

Figure 3: Ring topology

Advantages are following:
*One computer cannot monopolize the network.
*Each device incorporates a receiver and a transmitter, and serves as a repeater(to improve strength of signal) that
passes the signal on to the next device in the ring
*A ring relatively easy to install and reconfigure.
*Less cabling involved in a ring topology comparable to that of bus and is small relative to other.
*Each device is linked only to its immediate neighbors so to add or delete a device requires moving only two
connections.
*It is good for small number of workstations operating at high speeds over short distances are to be connected.

Disadvantages are following:

*Failure of one computer can affect the whole network.
*It is difficult to troubleshoot.
*A ring requires relatively complex hardware to implement

_________________________________________________________________________________________

4.Types of N/W: [Types of N/W is not apart of syllabus and

wont be asked in CIA 1]
1.LAN:
*A LAN can be as simple as two PCs and printer in ones home, office or it can be throughout a company and include
voice, and video peripherals. At present LAN size is restricted to one kilometers.

Features of LAN

1.LAN uses NOS (Networking Operating System) , which ties all the components together and makes operations
transparent to user.
2.LANs are wholly owned by an organization.
3.LAN is a system of interlinked personal computers.
4.A LAN works on the principle of load sharing because the program to be executed is downloaded into the
personal computer memory.
5.LAN has a very limited geographic range normally less than 1 km.

Advantage of LAN:

1.It provide cost effective multi-user computer environment.

2.It provide high transmission rate to accommodate the needs of both user and equipment.
3.Error rate is very less because in-built method of detecting and compensating for systems error is implied.
4.It allows file/record locking.
 What is Malware?

Malware is short for malicious software, meaning software that can be used to compromise computer
functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is
a broad term that refers to a variety of malicious programs. This post will define several of the most
common types of malware; adware, bots, bugs, rootkits, spyware, Trojan horses, viruses, and worms.
---------------------------------------------------------------------------------------------------------------

1.Adware

Adware (short for advertising-supported software) is a type of malware that automatically delivers
advertisements. Common examples of adware include pop-up ads on websites and advertisements that
are displayed by software. Often times software and applications offer “free” versions that come
bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue
generating tool. While some adware is solely designed to deliver advertisements, it is not uncommon
for adware to come bundled with spyware (see below) that is capable of tracking user activity and
stealing information. Due to the added capabilities of spyware, adware/spyware bundles are
significantly more dangerous than adware on its own.
 2.Bot

Bots are software programs created to automatically perform specific operations. It ia an Artificial
Intelligence program(eg.Fake Chat).While some bots are created for relatively harmless purposes
(video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots
being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third
parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that
scrape server data, and for distributing malware disguised as popular search items on download sites.
Websites can guard against bots with CAPTCHA tests that verify users as human.

3.Bug

In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the
result of human error and typically exist in the source code or compilers of a program. Minor bugs only
slightly affect a program’s behavior and as a result can go for long periods of time before being
discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type
of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data.
Bugs can be prevented with developer education, quality control, and code analysis tools.

4.Ransomware
Ransomware is a form of malware that essentially holds a computer system captive while demanding a
ransom. The malware restricts user access to the computer either by encrypting files on the hard drive
or locking down the system and displaying messages that are intended to force the user to pay the
malware creator to remove the restrictions and regain access to their computer. Ransomware typically
spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or
through some other vulnerability in a network service.

5.Rootkit

A rootkit is a type of malicious software designed to remotely access or control a computer without
being detected by users or security programs. Once a rootkit has been installed it is possible for the
malicious party behind the rootkit to remotely execute files, access/steal information, modify system
configurations, alter software (especially any security software that could detect the rootkit), install
concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and
removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence,
typical security products are not effective in detecting and removing rootkits. As a result, rootkit
detection relies on manual methods such as monitoring computer behavior for irregular activity,
signature scanning, and storage dump analysis. Organizations and users can protect themselves from
rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating
virus definitions, avoiding suspicious downloads, and performing static analysis scans.

6.Spyware

Spyware is a type of malware that functions by spying on user activity without their knowledge. These
spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account
information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging
from modifying security settings of software or browsers to interfering with network connections.
Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in
Trojans.

7.Trojan Horse
A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal
file or program to trick users into downloading and installing malware. A Trojan can give a malicious
party remote access to an infected computer. Once an attacker has access to an infected computer, it is
possible for the attacker to steal data (logins, financial data, even electronic money), install more
malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in
botnets, and anonymize internet activity by the attacker.

8.Virus

A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses
often spread to other computers by attaching themselves to various programs and executing code when
a user launches one of those infected programs. Viruses can also spread through script files, documents,
and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host
computers and networks, create botnets, steal money, render advertisements, and more.

9.Worm

Computer worms are among the most common types of malware. They spread over computer networks
by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by
consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that
damage host computers. Payloads are pieces of code written to perform actions on affected computers
beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or
create botnets. Computer worms can be classified as a type of computer virus, but there are several
characteristics that distinguish computer worms from regular viruses. A major difference is that
computer worms have the ability to self-replicate and spread independently while viruses rely on
human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass
emails with infected attachments to users’ contacts.

10.Key Logger:

A keylogger is also termed Keystroke Logger, developed to monitor and record the keystrokes that the
user enters through the keyboard. Keyloggers are also available to monitor keystrokes from
smartphones – iPhone and Android. A keystroke may be a password or username or even the most
confidential banking information.
The keyloggers are installed along with the regular functioning program and it does not appear to look
dangerous.
What Does a Keylogger Trojan Do?
A keylogger monitors each keystroke of the user. The malware keeps track of the keystroke and saves
the user’s information locally – later the hacker requires physical access to retriever the stored user
information. It also works the other way where the hacker can gain instant access to the user data
through the Internet.
Some keyloggers are programmed to record/log the keystrokes only after a certain activity is initiated.
For instance, the keylogger program would start recording only when the user opens the browser to
access a specific website.
Malware Symptoms
While these types of malware differ greatly in how they spread and infect computers, they all can
produce similar symptoms. Computers that are infected with malware can exhibit any of the following
symptoms:
• Increased CPU usage
• Slow computer or web browser speeds
• Problems connecting to networks
• Freezing or crashing
• Modified or deleted files
• Appearance of strange files, programs, or desktop icons
• Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn
off antivirus and firewall programs)
• Strange computer behaviour
• Emails/messages being sent automatically and without user’s knowledge (a friend receives a
strange email from you that you did not send)

-----------------------------------------------------------------------------------------------------------------------------------------------------------
 Symmetric vs. Asymmetric Encryption – What are differences?

•
Information security has grown to be a colossal factor, especially with modern communication networks,
leaving loopholes that could be leveraged to devastating effects. This article presents a discussion on two
popular encryption schemes that can be used to tighten communication security in Symmetric and Asymmetric
Encryption. In principle, the best way to commence this discussion is to start from the basics first. Thus, we
look at the definitions of algorithms and key cryptographic concepts and then dive into the core part of the
discussion where we present a comparison of the two techniques.

1.Algorithms
An algorithm is basically a procedure or a formula for solving a data snooping problem. An encryption
algorithm is a set of mathematical procedure for performing encryption on data. Through the use of such an
algorithm, information is made in the cipher text and requires the use of a key to transforming the data into its
original form. This brings us to the concept of cryptography that has long been used in information security
in communication systems.

2.Cryptography
Cryptography is a method of using advanced mathematical principles in storing and transmitting data in a
particular form so that only those whom it is intended can read and process it. Encryption is a key concept in
cryptography – It is a process whereby a message is encoded in a format that cannot be read or understood by
an eavesdropper. The technique is old and was first used by Caesar to encrypt his messages using Caesar
cipher. A plain text from a user can be encrypted to a ciphertext, then send through a communication channel
and no eavesdropper can interfere with the plain text. When it reaches the receiver end, the ciphertext is
decrypted to the original plain text.

3.Cryptography Terms
▪ Encryption[Process of converting plain text into cypher text]: It is the process of locking up information
using cryptography. Information that has been locked this way is encrypted.

▪ Decryption:[Process of converting cipher text into plain text ] The process of unlocking the encrypted
information using cryptographic techniques.

▪ Key: A secret like a password used to encrypt and decrypt information. There are a few different types of
keys used in cryptography.eg.Private key, Public key etc.

▪ Steganography: It is actually the science of hiding information from people who would snoop on you.
The difference between steganography and encryption is that the would-be snoopers may not be able to
tell there’s any hidden information in the first place.
1.Symmetrical Encryption

This is the simplest kind of encryption that involves only one secret key to cipher and decipher information.
Symmetrical encryption is an old and best-known technique. It uses a secret key that can either be a number,
a word or a string of random letters. It is a blended with the plain text of a message to change the content in a
particular way. The sender and the recipient should know the secret key that is used to encrypt and decrypt all
the messages. Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption. The most
widely used symmetric algorithm is AES-128, AES-192, and AES-256.

The main disadvantage of the symmetric key encryption is that all parties involved have to exchange the key
used to encrypt the data before they can decrypt it.

2.Asymmetrical Encryption

Asymmetrical encryption is also known as public key cryptography, which is a relatively new method,
compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a plain text. Secret keys
are exchanged over the Internet or a large network. It ensures that malicious persons do not misuse the keys.
It is important to note that anyone with a secret key can decrypt the message and this is why asymmetrical
encryption uses two related keys to boosting security. A public key is made freely available to anyone who
might want to send you a message. The second private key is kept a secret so that you can only know.
A message that is encrypted using a public key can only be decrypted using a private key, while also, a message
encrypted using a private key can be decrypted using a public key. Security of the public key is not required
because it is publicly available and can be passed over the internet. Asymmetric key has a far better power in
ensuring the security of information transmitted during communication.