Networking Tutorial (Basic Networking) II

[usman_latif_ch]

Clients and Servers



In addition to the various ways networked systems can be physically connected, there are two basic ways that network activities can be arranged. In one, all of the computers have equal status. This is called peer-to-peer, because a peer means someone (or something) that is the equal of another. Peer-to-peer is used mostly in very small networks of less than a dozen systems.
The more common arrangement is called client-server. One system, called the server, is responsible for a particular activity or resource. The other systems are called clients, and they go through the server when they want to use the function or resource that the server is responsible for.
Some of the things servers are commonly used for include network administration, e-mail, printers, file storage, and Internet access. Often several of these functions will be combined into one machine. There is no rule that says a network server and a print server can�t be the same system.

print server

There is also no rule that says a server must serve the entire network. It is usually convenient to have a separate network server for each subnet. There are other divisions that can occur even within a subnet. Computers that need to share the same resources can be organized into workgroups. With the Windows NT operating system, the LAN can be divided into sections called domains, and each domain needs its own server called a domain controller.
Protocols
A protocol is an agreed-upon standard for how something will be done. When your mother taught you to chew with your mouth closed and keep your elbows off the table, that was a protocol for proper dining. Computer protocols are the rules for connecting with other computers and exchanging information with them.
Ethernet is a protocol. Earlier we called it a technology, but it is also a set of rules for how that technology is used. If each piece of hardware and software complies with the rules, then information can be correctly transferred from one from one system to another in a LAN.
There are many protocols used in networking. There are some protocols that are used together with other protocols, where each one takes care of different aspects of networking. Sometimes two protocols do the same thing in different ways, and it is necessary to choose one or the other. The important thing is that both systems trying to communicate with each other have matching protocols that they can use.



TCP/IP

One very important set of protocols is called TCP/IP. It is important because it is what the creators of the Internet decided would be used for that particular network, which means that any computer that wants to connect to the Internet must also use TCP/IP. TCP/IP stands for Transmission Control Protocol / Internet Protocol.
TCP/IP is actually in two parts. The TCP portion covers the agreements between systems about how they will carry on their �conversation�, and the IP portion deals with addressing the packets and routing them.
The TCP part all happens in the background and we don�t really need to concern ourselves with it under normal circumstances. However, in a network that uses TCP/IP, every system must have a unique IP address, and that is something that requires human intervention in one way or another.


IP Addresses

An IP address is made up of four sets of numbers separated by periods. An example is:
192.168.42.122

Each of these sets of numbers is called an octet, because they started out as 8-digit binary numbers. By changing them into 3-digit decimal numbers, the whole address is shorter and easier to remember. The highest value for any octet is 255, because the highest number you can make with eight binary digits is equal to 255 in decimal.
In most networks, the first three octets are the same for all systems, and the last octet is different for every machine. If there are more than 255 computers in a network, it is usually divided into smaller subnets.






Static or Dynamic?


There are two ways to associate a unique IP address to a specific computer. One way is for the administrator to assign a number, which stays the same unless somebody decides to change it some day. That number is then a static IP address.
The other way is to assign a group of addresses to a server, and let the server hand them out as needed to any system that wants to communicate on the network. This produces a dynamic IP address. It is sometimes important to know which method is in use on a network, because with dynamic addressing, the IP address of a machine may be different each time you try to communicate with it.

Computer Names

The example address 192.168.42.122 is only one digit longer than a phone number with area code, but that�s plenty long enough to give most of us a hard time. It�s much easier for people to remember a name instead of a number, and for this reason computers in a network are also given a unique name. It may be something mundane like Sales14, but at least it�s a name and not a number.
This is not only easier to remember, but it solves the problem of a dynamic address that changes all the time, because the computer name doesn�t normally change. It does create another problem though, because the computers use only the addresses and not the names to keep track of each other. Fortunately there is a part of the TCP/IP protocol called address resolution, and it matches up the names and addresses so things keep rolling smoothly along.


Security


The problem with connecting computers to the Internet is that they are then sharing a network with many other computers from all over the world, and the users of some of those other computers are not such nice folks. Protecting the network and the information on it is one of the most important parts of a network administrator�s job.



Encryption


One way to protect information is to scramble it so that it appears to be gibberish unless someone has the right �key� to unscramble it. Scrambling it is called encryption, and unscrambling it is called decryption. There are many ways to encrypt information, and of course just as many keys to decrypt it.

Encrypting and decrypting information slows things down a bit, so a decision must be made about when to use it. For packets going around the LAN, it depends on how likely it is that someone will gain unauthorized access to the LAN, called hacking. It also depends on how much damage would be done if that happened. If the threat is severe, encryption can be done not only on the transmitted packets but also to information stored on the disk drive.

For information going over the Internet, encryption is much more important unless it�s all right for the whole world to see the information. If you send your credit card number to a vendor, you must trust that vendor to encrypt and safeguard the information.



Virus Software



A computer virus is a little program that makes copies of itself to send to other computers. It�s very similar in some ways to contagious germs spreading a disease from one person to the next. And like diseases, some of these computer viruses have some really nasty side effects, like wiping out important files in the operating system or filling up the hard drive with garbage data.

As we will discuss a little later, there are ways to keep these virus programs from getting to your computer, but they are not foolproof. A lot of viruses come in attached to e-mail, and then they will mail copies of themselves to everyone in your e-mail address folder. You can�t completely block them without blocking e-mail, and most of us like to get e-mail from our friends and coworkers.

The most important prevention for viruses is to have a good anti-virus program installed on your computer. Norton, McCaffey and Panda are probably the most popular. The next most important thing is to keep the anti-virus software up-to-date, because the delinquents who write virus software are always coming up with new tricks, and the anti-virus companies are just as quickly coming up with new versions to stop them.






Access Control


If you have ever had a computer that was connected to a local area network, you almost certainly had to type in a user name and password to get network access. It�s two forms of ID, just like when you cash a check at department store.

The network administrator used that identification information to determine what you could and couldn�t do on the network. And there may have been additional passwords to access the company� customer database, employee payroll records, or files stored on someone else�s computer.

Here are a few tips about passwords:

1. First, if you share files on your computer, use password protection for them even if they are available to everyone in the network. That way they can�t be tampered with if a hacker breaks in.
2. In choosing a password, never use your name, your birthday or other obvious personal information. The best is a random combination of letters and numbers.
3. Commit the password to memory, and if you must write it down, hide it. A password written on a post-it note stuck to your monitor is probably worse than no password at all.
4. Don�t give your password to someone you don�t know personally just because they claim to be tech support, the phone company, the police or your long-lost Aunt Matilda. Refer them to the network administrator, or better yet, get their phone number and have the network administrator call them back.

Firewalls



In a building, a firewall is a wall to keep fire from spreading from one area to another. In a computer network, a firewall is a boundary that can block unwanted data packets. The firewall may be program running on the server or router, or it may be a separate piece of hardware or even a complete computer system just for that purpose. In any case, its purpose is to look at all of the packets coming through, and decide which ones can pass and which ones get blocked.

Ports � Several pages ago, we defined a port as the place in a hub that a cable plugs into. There is another completely different kind of thing called a port, and that is a location in a computer�s memory that is used by a device or application to send and receive data. Each application will have one (or more) of these locations for its own use.

For instance, there is a common e-mail program that has port # 110, which means that the program exchanges information with the rest of the system at memory location 110. The popular game called Doom uses port # 666.

When a packet is sent over a network, it will contain not only the destination address, but also the port number of the application that will use it at that destination. One of the ways a firewall controls the packets is by looking at the port number, and only passing packets with ports that are appropriate for the destination. If nobody should be playing Doom on the network�s computers, then it would make sense to block port 666.

Another way a firewall can control traffic is to look at the source of the packet. It can have a �prohibited� list that keeps out packets from certain IP addresses, or it can have an �allowed� list and block everyone who isn�t on it. Ports can be done the same way, with a �prohibited� or �allowed� list of ports.