cs topic 3: networks

1G/2G

1G/2G

first/second generation of mobile networking and telecommunications technology. used analogue transmission

3G/4G

third/fourth generation. digital and faster than 1G/2G

ADSL modem

necessary for connecting to the internet

advantages of firewalls

• software firewall monitors traffic between device and network and prevents unauthorised access

• router hardware firewall prevents unauthorised persons getting access to the network

advantages of MAC addresses

• extra security

advantages of packet switching

full use of bandwidth, resilient to communications hardware failure, devices of different speeds can communicate easily

advantages of public key encryption

• two sides don't need to share secret key beforehand to continue

advantages of symmetric-key encryption

• faster than public key

• uses less computer resources

advantages of user ID

• easy to use

• prevents unauthorised access

• with web interface password, person cannot access web-based utility page of router

advantages of VPN

• info can be accessed in remote places

• no need for long-distance leased lines (lower cost)

• enhanced security through encryption, can hide your IP address

advantages of wired networks

faster data transmission speeds, more reliable and doesn't depend on distance from router

advantages of wireless networks

no wires, freedom to move around

asymmetric key encryption

one key is used to encrypt data, another to decrypt

bandwidth

amount of data that can be transmitted over a certain period of time

bottleneck

created where there are slower segments in a network due to different factors below

circuit switching

dedicated channel established between both parties and data is sent in one go

client

desktop computer or terminal used to access a computer-based system

client-server

network architecture in which a system is divided between server tasks performed on the instructions received from clients, requesting information

congestion management

prevents requests on network resources exceeding capacity

data compression

data is often compressed to take up less bandwidth and reduce transmission time

data integrity

ensures data is not changed or corrupted during transmission

data packet

formatted unit of data carried on a packet-switched network containing a header and a payload

data transmission directions

simplex, half-duplex and full-duplex

deadlock prevention

prevents situation where two or more competing programs or actions are sharing a resource and preventng each other from using it

denial of service attack

attack designed to overload a server

disadvantages of firewalls

• may slow down device

• issues about censorship with software firewall, depending on organisation

• router hardware firewall can't stop person within range of your Wi-FI getting onto network

disadvantages of MAC addresses

• danger of allowed list of MAC addresses being discovered

• difficult to manage the list as it grows

disadvantages of public key encryption

• messages take longer to encrypt and decrypt

• aunthenitcity of public key needs to be verified

disadvantages of symmetric key encryption

• keys must be shared before used

• danger of key becoming known by unauthorised individuals, another one must be usd

disadvantages of user id

• entering password may be time-consuming

• weak password is easy to crack

disadvantages of VPN

• needs a professional with detailed understanding of security issues and configuration to ensure sufficient security and protection

• reliability of VPN is not directly under the organisation's control

• not all VPN products are compatible different vendors

disadvantages of wired networks

ties users to one location and can degrade if cables are old

disadvantages of wireless networks

transmission depends on number of people per access point, the strength of signal and interference from physical surroundings

dynamic host configuration protocol (DHCP)

allows server to automatically assign IP address to client device

encryption

altering a message into form not understandable to unauthorised person. only person with the correct key can decode the message and read it

extranet

intranet that has been opened up to provide limited access to a selection of users from outside the organisation

fibre optic

visible light bouncing off walls inside a cable

firewall

program that restricts data allowed into and out of a network

flow control

controlling flow/load of resources due to limited bandwidth. transport layer uses protcols to slow down flow rate

hashing

turns a sequence of bits into a fixed length hash

hub

connection point for all devices on a network, devices connected through ethernet cables. data from devices goes to the hub, then sent to all devices

hypertext transfer protocol (HTTPS)

creates secure transmission of data from client to server

importance of standards in networks

we need common rules/standards when forming a network, otherwise some computer systems may not be able to connect due to incompatibilities, especially when trying to connect internationally

internet

network of networks connected using IP, powers a large range of media

internet protocol security

encrypt and authenticate traffic to ensure secure transfer over VPN tunnel

intranet

private internet, made up of web pages and viewed through a browser, but access is restricted to users within an organisation

local area network (LAN)

usually confined to one building, uses wired communications like ethernet

lossless compression

file gets compressed but no data is lost, the original file can be re-created from compressed version

lossy compression

the file gets compressed and some data is lost, the original file can never be re-created from compressed version

MAC addresses

every device in a network has a unique MAC address of 12 characters. network permits access only to specified, trusted devices based on their MAC address. MAC address of an untrusted is device blocked so it can't connect to network

man-in-the-middle attack

attack in which an undetected third party intercepts communications

metal conductor transmission media

fluctuating electrical voltages

network

set of computers or computer systems that are interconnected and share resources and data

NIC drivers

operates hardware of the card. translator between card and applications

node

device on a network

open systems interconnection (OSI) model

model that defines layers of network interaction, each layer deals with one aspect/abstraction of network communication

OSI application layer

supports processes for end-users and applications

OSI data link layer

responsible for coding and decoding data packets, ensuring communication between network and physical layer happens

OSI network layer

responsible for establishing the way in which data is communicated

OSI physical layer

responsible for ensuring physical assets are powered on able to receive and send data

OSI presentation layer

transforms data into a form the application layer can digest

OSI session layer

responsible for initiating and terminating connections between different applications

OSI transport layer

responsible for ensuring complete data transfer

packet switching

data broken into packets and sent over internet via different routes, packets are reassembled and sequences at their destination

peer-to-peer network

different to client-server, no centralised server. all nodes have equal priveleges and responsibility for processing and sending data

personal area network (PAN)

short-range network of personal devices, often using bluetooth short-range audio

phishing

creating mock-ups of a web page and providing a hyperlink that looks like it goes to the real site

protocol

internationally agreed set of rules to ensure transfer of data between devices

proxy

machine that brokers the communication between two other machines

router

device that connects network to another

secure socket layer (SSL)

encryption protocols used on the internet

server

a program that provides services requested by client programs

spoofing

faking your identity online

spyware

software that runs undetected on your system and records your activity

SSID

set of 32 characters to differentiate one WLAN from another

standards

agreements about hardware and software designed to facilitate the interoperability and compatibility between computer systems and devices

storage area network (SAN)

network not normally accessible from main LAN on which the hosts are predominantly high-capacity storage devices

switch

connection point but can identify which device is connected to which port, so can send data to target device

symmetric-key encryption

same key is used to encrypt and decrypt data

technologies needed for VPN

encryption protocols (eg SSL), tunnelling protocols (eg OpenVPN), VPN client software managing encryption

throughput

actual transfer rate of data

trojan horse

malicious program designed to look like a trusted program

user ID

use password to access device and/or password to access web interface used to set up wireless routers or access points

virtual local area network (VLAN)

subgroup of computers on a LAN that are treated like their own isolated LAN. members can move around without changing hardware

virtual private network (VPN)

allows clients from distant locations to connect, that otherwise wouldn't be able to connect with LAN or WAN

what are protocols concerned with in data transfer?

• ensuring the presence of an identified sender and receiver