Geek Certs Blog

Okay, you guys probably think I’m crazy, but this is the stuff I love! I guess I say that all the time, don’t I?

Security is broadly defined as the protection of assets from unauthorized access, change, or destruction and can be broken down into two general categories: physical security and logical security. Physical security involves protecting asset you can touch, such as computers, routers, tapes, and vaults. Security of nonphysical - or logical - assets protects the rules and policies that allow and restrict access to the network. Anything that endangers an asset is known as a threat. The measures that you take to protect your assets are known as countermeasures.

One way to protect your computer is to place it behind a locked door and securely attaching it by steel cable to the desk on which it sits. The methods we use to secure hardware can range from total control, where the computer hosting is not connected to any network (including the Internet), to no security at all, where the computer is connected to the Internet, allowing public access to its files. A middle-of-the-road approach is where the computer is protected from potential threats and is not completely isolated from the outside world. This approach is adequate for most home and business environments.

The depth and number of your countermeasures depend upon the potential threats to your physical and logical data and their value to your organization. A network housing your recipes on a database might be considered a low-value asset and we might decide that a simple firewall will do. On the other hand, a network that contains your bank and other financial data would probably be considered high-value and be protected with a number of measures.

In the latter case, we plan for a heavy attack against our assets and hope we never have to implement our plan. Always consider your valued assets as under attack as the best course of action. Usually, the countermeasures we take are dependent on the amount of funds we have available for the project. Just remember that the value of the data on the network moves this up (more value = more funds) or down (less value = less funds).

You’ve probably noticed that when you bank or access credit card data online, your URL looks like https://www.somewhere.com, as opposed to the http://www.somewhere.com that we usually see in our address line. The difference between these two (the “s”) is based on security. The financial institution is using public-key encryption in an attempt to validate your identity and safeguard your assets.

You might recall that using the PGP email client introduced us to Public-key encryption, which uses two different keys – a public key known to everyone and a private key which is known only to the (computer of the) sender. So, if I’m using PGP, I can send you my public key but I never share my private key. The only way a message encrypted with a public key can be decrypted is by using the private key. Therefore, if you send me a message that your PGP client encrypts using my public key, only my private key can decrypt (or read) it.

If someone else gets a copy of my public key, we’re still safe. One of my public keys cannot decrypt a message encrypted with one of my public keys. Only my private key has the ability to do this and as long as I safeguard it, my messages are safe. As you can see, the security of my private key is paramount to my security.

With this in mind, if my computer is infected with a virus, or hacked, then my private key might be stolen. When this happens, my private key isn’t very secure anymore, since that private key is the basis for my security! Can you see why keeping my computer (or server) virus and hacker free is of utmost importance? I can take all types of countermeasures that cost a lot of money. But, if I don’t keep the computer clean, it’s all for naught.

In the old days (about 7-10 years ago), most hackers were quite skilled in writing programs that were designed to hack into other computers. You don’t need much skill anymore because there are free programs available online that write the code for you! People who use these programs are sometimes called script kiddies by old school hackers in an attempt to separate themselves from their less talented peers. And, it’s true; many hackers are of high school age. Kids, looking for a thrill rather than thieves at work. However, don’t underestimate any threat. Once your network has been compromised, anyone can get in as hackers often tell each other about where they’ve been successful.

About 18 months ago, a student at one of the colleges I teach at notified me that she had purchased a motorcycle online via eBay for approximately $6,700. She said that the seller told her to send half the payment to two countries located in the old Soviet Union in certified funds. Further, they said that when the checks cleared, they would then send her the cycle. Guess what happened? You got it. She never heard from them again. Further, she wasn’t really on eBay. It appeared that she was on a site with the name of Square Trade. It was a total fraud. Just Google the term “ebay square fraud” and you will see many stories similar to the one above.

In this case, there was no hacker. It was an online scam. Therefore, always purchase by credit card online to protect yourself. Some credit cards, in an effort to protect consumers, let you create transaction credit card numbers. These are pretty cool because you can say that the new credit card number is only good with a specific vendor, up to a certain amount, for a certain period of time. You never have to disclose your real credit card number.

Many people think that cookies are, on their own, a threat to their computer. They’re not. The Web site that creates the cookie is the only site that can read it. However, they can pose a small risk if the Web site’s server is compromised by a virus or hacker. Cookies only store information. They are not programs, they are only text files. These text files can store usernames and passwords along with information about things you’ve done online. Whoever owns the server can read the cookie. That’s the risk with cookies.

I’m no fan of adware. I don’t have a problem with free products and adware so long as they are honest about what they’re going to do to your computer and give you a clean way to uninstall it. On the other hand, I detest those who through deceit, install adware on your computer and make it virtually impossible to remove it. My personal view on this is that it should be illegal with heavy fines.

Digital signatures are electronic, encryption-based, secure stamps of authentication that are applied to objects (databases, documents, spreadsheets, or macros) that you create. To obtain a digital signature you must purchase one from a qualified certification authority (CA) or you can create one yourself. CAs are commercial companies that issue and validate identities using digital signatures, for a fee. Choose a CA if you need a high-level of security. Most countries have stringent laws that regulate CAs so that purchasers can be sure that their digital signatures are valid.

We can create a personal digital signature, which is known as self-signing, using Microsoft Office Tools and attach it to items immediately before we distribute it to other users. Keep in mind that a digital signature does not prove that you own the object. By use of a time stamp, it can prove that you were the last person to modify it. You provide the timestamp information to others when you distribute, or publish, your object. By examining the timestamp on your object, you can prove that is has or has not been modified since you applied your signature. A timestamp is a combination of the date and time that is encrypted as part of the digital signature. For a timestamp to be truly valid to others, it must be passed through some time stamping service provider. Again, this can be a commercial entity or a server located on your network. Further discussion of this process is outside the scope of our discussion.

Phishing is another form of attack against your security. Protecting yourself from this type of assault depends more upon having educated users than any other course of action you might take as a countermeasure. Phishing occurs when you are contacted, usually via email, by someone representing themselves to be someone they’re not. For example, on occasion I receive email from admin@paypal.com or services@paypal.com asking me to log in to my account to verify my identity. PayPal does not ever ask its customers to do this (and I know it). When I examine the email item’s properties (right-click it and select Properties), I notice that if I click the Web page link within the email I’m redirected to a completely unrelated Web site. If I log in, they capture my login name and password. Then, they use it later to hack my account. Don’t fall for this type of trap! I always send these to PayPal (or any other company being falsely represented). PayPal and other financial institutions always investigate every item you send to them.

I love Web page design. It’s a lot of fun and if you’re creative can make boring material seem truly exciting!

Web pages can be created using applications that hide its complexity from you. Start out by creating new document in Microsoft Word and by formatting it with cool fonts, pictures, and graphs. Then, save the document as a Web page. You just created your own Web page! You can tell that it’s a Web page by the file’s extension. Web pages have the .html file extension instead of the standard Microsoft Word .doc extension.

Creating a Web page in this way is fine when we want to publish a simple page to our company Intranet or our own personal Web site. As you might have guessed, when Web pages are so easily created, they contain a lot of behind the scenes formatting (also known as overhead) that makes the page load slower than if we had created it manually using HTML (hyper text markup language) code.

If you want a professional looking Web site, you’ve got to hire someone who can program in HTML (and a few other Web languages) or you’ll have to learn how to do it yourself. Most Web pages are written in HTML - one of the programming languages that designers use to create Web pages. Open any Web page and right-click it. Then, select View Source to see that page’s HTML code.

A Web page written in HTML can include different elements, such as headings, paragraphs, and bulleted lists. These elements are indicated by special codes (called tags) that are attached to some type of content. As an example, consider this HTML code:

<p>This is a paragraph</p>

This simple piece of code contains a paragraph start (<p>), some content, and a paragraph end (</p>). The content is the sentence I typed in between the HTML tags. You’ll read all about many of the tags available for use in this week’s chapter reading on HTML. If you’re following our discussion without our book (ISBN 1-4188-6071-9), you can visit a number of Web sites to get started. Here are a few that I found by Googling “html tutorial”:

W3C http://www.w3.org/MarkUp/Guide/
Dave’s Site http://www.davesite.com/webstation/html/
W3Schools http://www.w3schools.com/html/

We could use a simple text editor, such as Notepad to create our HTML code. Notepad is easy to use, but it doesn’t provide you any tools that help speed up your work. Two popular Web site creation and management tools are Microsoft FrontPage and Adobe Dreamweaver. I’ve used them both and prefer Dreamweaver even though it costs about twice as much as FrontPage. Dreamweaver’s price is approximately $350.

Both of these let you enter HTML code or skip the code and format as you would in a word processing program. Remember that taking the easy way out means that your HTML code will contain generic formatting that might make your Web page load slow. Again, this is why most Web page designers write their own HTML code. Some Web page designers feel that FrontPage adds more generic HTML code to your Web page than does Dreamweaver. However, both programs offer similar functionality.

Why else might you invest in Dreamweaver instead of using Notepad, which is free? There are many reasons, however suffice it to say that Dreamweaver contains the entire current HTML language, allowing it to highlight typing errors and make suggestions. Dreamweaver color codes tags and text with blue, red, and black font so that they are easily spotted. Your book has a few examples of this starting on page 426. Check them out!

Besides HTML, Web pages also can contain JavaScript, PHP, VB Script, and SQL code. Suppose you want to list the current date and time on your Web page. You could use one of the scripting languages to do this. If you need to save or get data from a database, you could use PHP and SQL code. What you use will depend upon the nature of your Web site.

You should also consider how you expect people to find your Web site out of the millions of sites currently on the Internet. One way to bring people to your site is to submit your site to one or more search engines (such as Google, Yahoo, etc.). You can also use a special type of HTML tag that informs a search engine about your Web site. Then, when a person performs an Internet search, your Web site address will be listed with other sites that match the Internet search terms that were used in the search.

Being listed in a search engine isn’t as pure as I just made it sound! You can also pay the search engine provider so that your name is at or near the top of the list. This is done by bidding on key words. For example, let’s say that you sell Afghan rugs and that you target the Hammond, LA area. You might say that you bid $5, for each word, each time someone searches using the keywords I underlined above. If you’re the high bidder, you are at the top of the list! If not, you’ll be somewhere in the list, depending upon where your bid price fits in. This process is much deeper than how I’ve described it, but I think you get the picture.

All of your Web pages make up your Web site. If you want people to be able to visit your Web site, you need to place it on a Web site name and a Web server that is connected to the Internet. Since most of us don’t have our own Web server with its own Internet address, directly connected to the Internet, we will need to find someone who does.

Some companies, such as GoDaddy.com can sell you a Web site (domain) name and host your web site on their servers. It would be great if this was free, but that’s not the way it works! GoDaddy will sell you a domain name for about $10/year and will host your entire Web site on one of their servers for approximately $6/month. The more functionality you need, the more you will pay for your hosting service. GoDaddy.com will assist you in locating a domain name (to see if it’s available for purchase) at no charge.

Once you secure your domain name and select your host, you’re close to having a live Web site. All that’s left is to upload (or move) your entire Web site folder structure (folders, Web pages, images, and other items) to your host’s server. You can use FTP (which we discussed last week) or publish the Web site on your computer (known as the local Web site) directly to your host (known as the remote Web site) from Dreamweaver.

As soon as you upload your Web site to your host, remember to test every link, download every item, and view every picture. You are now live on the Internet and are part of one of the most fascinating advances in human history. Welcome to the club!

The Internet is all about pictures, video, and sound. Can you imagine the Internet without these? I sure can. That’s the way it was about 15 years ago! Web pages were simple text documents with none of the cool things we now take for granted. The Internet wasn’t something you used to make purchases, post pictures you took, or download sound files.

As computers became more powerful and dialup speed moved from 24,400 bits per second (24.4 Kbps) up to 56 Kbps and on to the speeds many of us enjoy today, Internet site owners realized that people were more likely to visit web sites that were designed with eye captivating graphics and styles. This explosion in multimedia has made the Web what it is today.

With all of this in mind, it’s important to understand the basic properties of files and their format. Don’t invest time memorizing the properties of image, audio, and sound files. For example, look over the features of a .GIF file, but you don’t have to commit them to memory.

While we don’t have to memorize all of the attributes of files, we do need to examine a few of them since it’s good to know a few of the attributes of GIF, JPEG, and WAV files. Later on, when you’re designing your network, this knowledge will come in handy.

JPEGs are preferred over GIFs because of their high-quality color (they can display a maximum of some 16.7 million colors whereas a GIF can only display 256 colors). Of course, having that much color comes at a price in the size of the JPEG’s file. It’s huge compared to a GIF! The size of the file is also known as its foot print. A big foot print is not a good thing.

If you’re at home opening a web site with a lot of high-quality pictures, it might take 30 seconds or more for the page to load – and that’s if you have a high-speed connection. Imagine how long it would take for the web page to load with a 56K dialup connection. Most people would simply close the web page and not find out (I sure would).

So, in order to speed up the time it takes for web pages to load on your computer, web page designers try to avoid using JPEGs and opt for GIF or BMP images. The page will load fast and viewers will still get a good picture. Most web sites don’t play sounds since today people find that somewhat annoying.

You will recall that earlier, we discussed IP addressing and how these are used in networking with port numbers (similar to a phone number with a phone extension) in order to create what is known as a socket. Please review that material if you’ve forgotten how to apply this analogy!

Let’s go back to a happy time in your networking education – back to the OSI model. Layer 4 – the Transport layer – sets up communication between the Application Layer (layer 7) and the lower layers of the OSI model. It is at this layer that TCP and UDP operate and split into their respective roles. Click here if you need a refresher on this topic!

You should recall that TCP (transmission control protocol) is a suite of connection-oriented protocols. UDP (universal datagram protocol) is a suite of connectionless protocols. The differences between these two center on how each deals with errors in network communication. Connectionless protocols do not check for or recover from errors whereas connection-oriented protocols check for errors and can recover from them.

A great way to remember this is: TCP is Trustworthy and UDP is Unreliable.

When we say that TCP is a suite of protocols, we mean that there are many protocols under the TCP umbrella. For example, HTTP is within this suite and is connection-oriented. The same is true for FTP, POP3, DNS, SMTP, and many others. UDP also has a number of associated protocols such as SNMP, TFTP, NFS, and others.

FTP (file transfer protocol) and Telnet are two DOS-based programs that allow us to connect to other computers (generally servers) for a variety of reasons. With FTP, we connect to servers so that we can quickly download files. On the other hand, Telnet was designed to allow us to connect to another computer in order to run commands as if we were sitting right in front of the remote computer! Both of these tools have been around for a long time, nearly 40 years!

Why use FTP when we can just click a link from a web page to download a file? The answer lies in the rules that were put into place when FTP was created. You’ll recall that a protocol is simply a set of rules (similar to rules – or protocols – used by ambassadors when they engage to resolve issues) that govern communication and events. FTP doesn’t have much ‘overhead’ built into it, so, for example, when we use it to download a file, the transaction completes fast. This is similar to the difference between a runner in a race, who is carrying nothing and wearing light clothing and another runner who is carrying items in each hand, with a backpack strapped to her back.

FTP communicates on two ports (20 and 21). Port 20 is used only for sending or receiving data whereas port 21 is utilized to control the communication. When you open FTP, log in, or change directories while logged in, you are using port 21. Therefore, when you issue a get command, the command is acknowledged by port 21 and the file you asked for is sent to you by port 20. It’s important to note that FTP sends your password in clear text (it’s not encrypted), so be aware that if a hacker or spy is monitoring (sniffing) your communication, they will be able to steal your login name, password, and files uploaded or downloaded.

If you’re worried about security, you might want to consider using SFTP (secure FTP). Using this protocol, all communication is encrypted and is much more secure than FTP. On the other hand, if you don’t care about security and want even faster communication, you might try TFTP (trivial FTP). TFTP, which uses port 69, has even less overhead than FTP because it is a connectionless protocol, unlike FTP which is connection-oriented. The big deal here is that under TFTP there is no attempt made by the protocol to prove that the file transfer occurred without errors. If errors occur, they are ignored! You will use TFTP to connect to Cisco routers when you transfer text files between your PC and router.

Keep in mind that TFTP isn’t used on the Internet and was exploited by the MSBlaster worm a while ago. Lacking error checking and recovery, TFTP doesn’t do well with large file transfers.

If you would like to review tutorials on FTP, simply Google the term “ftp tutorial” and you will find a number of good examples. Here’s a link that I found useful. Use this tutorial to manually perform the synopsis of FTP that follows.

You start a FTP session by choosing Start/Run. Type command and press ENTER to begin DOS mode. In the DOS window, enter the text FTP ip_address to start your FTP client and request a connection to the FTP server. You should be asked for your logon credentials and after that, you are connected to the server. Make sure that you practice using the FTP client because you will use it in the real world of networking.

When you’re logged into your FTP session, pay attention to the “response codes” that appear on the screen after you enter a command. As an example, before you enter your password, you should see the code “220” on the previous line. This response code indicates that the FTP server stands ready to service the user (in other words, to accept your login name after you enter it). If you see another code, don’t enter your login name since a server is not there to receive it!

Telnet, on the other hand, uses only one port (23) for its communication. As with TFTP, you’ll find this tool useful when connecting from one router to another. Making a connection with Telnet, which operates at Layer 7, proves that all seven layers of the OSI model are functioning properly. If you can’t connect, then you know that functionality at one or more of the layers is not working. At this point, you can put your troubleshooting skill to work and determine just where the problem is! For example, if you can’t ping your own NIC, then the problem probably can be found at Layer 1 – the Physical Layer. Look at your cable and/or NIC for the solution.

Let’s take a ‘hands on’ approach to joining mail lists (or groups) online. Navigate to www.groups.google.com and look around.

Notice that you can create an account, set up your own group, or invite people to join your existing group. So, this begs the question: what is a group? Well, to get the answer, click the link (small text) near the middle right of the page that reads “Take the tour >>”. This text is on the same line as the text that is in bold and reads “What can you do with groups?”

Just keep clicking the “Next” link until you’re finished with the demo. Now, you know what groups are and what you can do with them. Groups are great for people who want to talk with those who share a similar interest. For example, let’s say that you want to discuss History – but only history that relates to the Hammond area. You could create a group to do this.

When you create a group on Google, you’re really creating a number of web pages that only your group members can log into. You can restrict membership or let anyone in. Your web pages can be super fancy or just plain boring! That’s up to you. Web pages within your group web site can contain pictures, documents on things you want to share with each other, discussion forum areas (similar to Blackboard!), and information about yourself.

Groups are similar to “Usenet” and different than list servers. A list server is just a mailing list that contains user names and email addresses. When you email to the “list” your email is then forwarded by the list server to everyone whose email address is contained in the mailing list.

RSS (Really Simple Syndication) is also a pretty cool technology. With this technology, you can add ‘live’ content to your personal browser or your web site. The idea is that some other site creates information that you find interesting (also known as a news feed) and then you subscribe to it. Sometimes the feed doesn’t cost you anything (in which case the RSS provider earns money via advertising through the feed) or you pay a fee for the right to add the feed’s contents to your web page (and avoid their advertising).

Navigate to http://www.msnbc.msn.com and look near the top (in the middle) of the page for the RSS link and click it. This page, entitled RSS Feeds on MSNBC.com, explains what is available from their site and how you can subscribe to the news feed using your Internet browser. Click on a number of the links here and subscribe to a feed is you find one that excites you!

You might be tempted to believe email concepts are unimportant and easy. Don’t fall into that trap!

Email is the lifeblood of every organization and if you don’t understand how it works, you probably won’t be able to install a server-based email system (examples being Netscape Email, Microsoft Exchange or Lotus Notes), install clients (desktops who use, for example, Outlook or Outlook Express and maintain email on their PCs), or troubleshoot problems that you are sure to face.

As you can see from the above, you need an email server and an email client in order for email to function. Sometimes people simply access email using their web browser. Other times, people have a client installed on their systems and this client allows email to be stored on the local hard drive. When you access email via your browser, you do not store your email on your local PC – it is maintained on the server. This is a client/server relationship and you are unable to work on your email if you are not connected to the email server. Personally, I prefer to work with a desktop client so I can work on email whenever I want to.

Having a client installed on my PC means that I can review previously received email and compose new email even when I’m not connected to the Internet. If I’m using Microsoft Outlook, my email is stored in a file named something like Outlook.pst. The PST file is a special database file that stores all of your email, attachments, contacts, calendar events, notes, tasks, and journal entries. If you’re using Outlook Express (which I view as a home edition of Outlook), your items are all stored in a file named something like Outlook.dbx.

As a side note, when you back up an Outlook user’s PC, don’t forget to back up these files (they will have one or the other on their system). If you don’t back it up, and their PC fails, all of the items I mentioned above may be lost (keep reading for an explanation as to why I used the word “may” instead of “will”).

When you install an email client, you must provide a pair of server addresses (something like smtp.domain_name.com and pop3.domain_name.com), the user’s login name, and the user’s password to the install program. During the setup process, you will be asked for the address of the incoming (POP3) and outgoing (SMTP) server addresses.

The SMTP (Simple Mail Transfer Protocol) address represents the email server to whom the client will connect so that the client can send email. Keep in mind that this email server also uses SMTP to communicate with other email servers.

Your company’s email server stores your email in something called a “mailbox.” When email is downloaded from the email server to the client email program, mail is taken from the mailbox on the server and transferred to mailbox on your local PC. In each Outlook program, you can modify its options so that only a copy of the email is sent to the local PC, leaving the original email item on the server.

This means that you can have the best of both worlds with one exception! You can have email stored on your local PC and at the same time bask in the sunlight, knowing that the email on the server is being backed up along with other important company data. But, you knew there had to be a catch and there is! Email that you send from your PC might not be backed up since it originated on your system. But then again, it might be. Your email administrator can tell you which applies.

When your email server transfers email to your local PC, another protocol is used. In this case, POP3 (Post Office Protocol, version 3) is the protocol that performs this task.

There are other protocols that help email function properly. One of them is MIME (Multipurpose Internet Mail Extensions). You see, basic email allows for the transfer of text from one email server to another (and then on to each email server’s clients). MIME allows us to attach non-text objects to an email item and provides the functionality for these to be received and opened by client email software. Cool, huh?

IMAP4 (Internet Message Access Protocol, version 4) can be viewed as a more robust version of POP that allows for advanced use of email server functionality.

If you don’t encrypt your email, it can be captured by any simple packet sniffer. You might recall that a free, personal use, software client – PGP – can encrypt your email.

Don’t worry about memorizing SMTP commands or reply codes. Just know what they are and that they exist!

To better understand how email works, make sure you take the time to install one of the Outlook and one Netscape email clients. Also, play with a free software packet sniffer (like Ethereal).

Have a great week and enjoy this fun study material.

The concept of having a backup just in case your hard drive fails is not a new one. About 40 years ago, an engineer devised the RAID (Redundant Array of Independent Disks) concept and this has been the core of recovering from a failure ever since. The idea is that if your server’s hard drive goes down, your server should not go down with it. This is done by having redundancy.

Redundancy means to have more than one (hard drive, in this case) piece of hardware. Redundancy makes it possible for us to have fault tolerance. Fault tolerance (in our world) means that we can tolerate losing a piece of hardware (in this case, a hard drive) and continue to function.

So, let’s say that we have a server with two hard drives installed. If we set up RAID-0, we do NOT have redundancy. This is because the operating system writes whatever it is saving to both hard drives at the same time. So, you’d have pieces of one file stored in two places. Unfortunately, this means that if one of the places (hard drive) goes down, we lose that data and we probably lose the ability to get that file back. Therefore, RAID-0 is not really RAID (now, if that isn’t goofy all by itself, I don’t know what is).

RAID-0 works by using a math concept known as striping. Look at your book, page 229 for the picture and explanation.

But, what if we had set up RAID-1, assuming the same scenario as above? In this case, our file would be saved only to one of the hard drives. Then, after that was done, the second hard drive would get a copy of that file. Under RAID-1, hard drive 2 is an exact copy of hard drive 1. Therefore, if hard drive 1 fails, the operating system automatically moves over to use hard drive 2 (but if hard drive 2 fails before we replace hard drive 1 we will be in big trouble since we don’t have fault tolerance until we do that).

RAID-5 is the best of both RAID-0 and RAID-1. We need at least 3 disks to do RAID-5 and here, if one of our hard drives fails, the remaining drives know just enough about the data on the failed disk that they are able to work together to reconstruct the data on the failed disk and keep going as if nothing had happened! Look at page 231 for the picture and explanation of this. It is really cool. Of course, we would need to replace the failed disk immediately otherwise we are great risk of server failure (we lose fault tolerance when we lose one of our disks).

Under RAID-0 and RAID-5, the disks are organized by the operating system into what is called an “array.” This means that while they are physically separate units, they are viewed as one logical unit by the operating system and they are managed in a special way, allowing them to be fault tolerant. If more than one disk fails remember ~ we lose fault tolerance.

The public key / private key concept is tough. However, let’s look at an example to see if we can make sense of it. Let’s say that email between you and me must be private and secure. We might go online, download and install PGP (which is a free email program that accomplishes our ‘must haves’). Then, using PGP, we each give the other a public key. The program has an easy way to do this, but at this point, we don’t care how this is done. We only care about understanding the concept. So, your public key would be stored on my computer and my public key would be stored on yours. We never share with anyone our private key as this is the item that keeps everything secret!

Now, I send you an email via PGP. Well, PGP on my system finds your public key and encrypts my email message to you. The only way possible to decrypt that message is through the use of YOUR private key. No other private key can do this (the math odds are like 1:5 trillion, which is almost impossible without luck).

Let’s say that someone else wants to read our message and tries to intercept the message I sent to you. As you probably guessed, they can’t do it because you can only decrypt a message using your private key. Even if they have one of your public keys, they can’t do it because again, only your private key can decrypt a message encrypted with the public key you gave to me.

Plus, my public key has a code associated with it. Only your private key knows this code (no matter how many public keys you generate, only your private key can identify each one of them). This means that each public key + private key combination is unique in this universe. Ah, the power of math (the math for all of this is way beyond me!). By the way, I’ve left out a lot of details and simplified things here.

As a matter of fact, all computer security is done via math (encryption). Think of encryption as you did when you were a child speaking in ‘Pig Latin.’ Remember? We all thought that no one could understand us except the other kids who understood our code. Computer encryption is much tougher than that, but now, I hope you get the concept!

Again, don’t focus much on all of the header info, socket numbers, and packet sizes. None of that is important at our level. Just know what these are.

Check out RIP (the routing Information Protocol). Note that this is a routing protocol whereas TCP/IP and IPX/SPX are routed protocols. What’s the difference? A router receives a routed protocol (such as one packet from the many thousands of packets that make up an email you send) from another router (or puts one together if it is the first router in the path of the packet). The router needs to figure out the next destination for the routed protocol. This destination is another router unless the router is the last router in the path of the packet. The router figures this out by talking to other routers, making a ‘map’ of where IP addresses ought to be routed to. For example, let’s say that the router receives a packet with a destination IP address of 170.77.15.4. The router would need to find this destination in its routing table or not deliver the packet (drop it). As you can imagine, this is bound to happen, so router administrators can set up what is known as a default route on any router. A default route set up in a router orders the router to send undeliverable packets to a specified router.

RIP is known as a distance vector routing protocol. This means that RIP keeps track of how many ‘hops’ it takes to get from where the packet is until the packet gets to its destination. RIP will drop a packet if it has been hopping around for 16 times or more. Thus, RIP is not a good routing protocol choice for large-scale networks. RIP only allows a router to see paths in its immediate vicinity; but not too far!

So, routers have more than one routing protocol choice! Another choice is OSPF (Open Shortest Path First). Unlike RIP, OSPF is known as a link state routing protocol (LSRP). Link state routing protocols don’t use hops to keep track of when a packet should be dropped. Routers that use a LSRP use really small packets to talk to each other, saying “hello” every few seconds. They also broadcast the state of their links to each other so that LS routers get a more complete view of the network. So, LSRPs are a much better choice than RIP for large-scale networks.

LSRPs are faster than RIP for large networks. They also don’t clog your network with as much traffic (made when routers talk to each other).

A hub is almost useless in today’s world. They have been replaced with switches because of many reasons. Here are a few of them.

Hubs can only talk (send) or listen (receive) simultaneously. This is like talking on a walkie-talkie - where you talk or listen, but not both at the same time. Switches can talk and listen at the same time.

All of the ports on a hub share the hub’s reported speed (for example, 100 Mbps). Let’s say that we have a 4-port hub with 100 Mbps capacity. Let’s also assume that the hub has a PC plugged into each port and that all of the PCs are downloading pictures from the Internet at the same time. In this case, each port on the hub can only send or receive at the same time. Also, each port will get, at best, 25 Mbps throughput. I say “at best” because the ports don’t get an equal split of capacity. This depends on a variety of factors, but one port might have a higher priority than another port and the higher priority port will get more throughput! Now, let’s check out a switch.

Using the same scenario as above, except that we now have a 100 Mbps switch, each port would be able to send and receive at the same time. Now, here’s the big deal about the difference between hubs and switches: each port on the switch has its own dedicated throughput that is equal to the switch’s capacity. So, each port gets 100 Mbps when it sends and 100 Mbps when it receives. This means that each port gets a dedicated throughput of 200 Mbps.

The hub gets, at best, 25 Mbps whereas the switch gets, for sure, 200 Mbps throughput. That’s at least 8x faster!

A hub can be viewed as an extension of the network cable. This is why the hub is said to work at Layer 1 of the OSI model. A switch works by using a NIC’s MAC address. The rules say that MAC addresses have life at Layer 2 of the OSI model. Routers work by using the NIC’s IP address. Again, the rules say that IP addresses live at Layer 3 of the OSI model.

You might not yet appreciate why the OSI layers matter. Trust me that you will need to understand what each layer does and does not do so that you can later learn and apply difficult networking concepts (IP addresses, security, domain administration, and domain protocols – to name a few). So, take the time to learn this now because when you encounter these concepts later is will be assumed that you are familiar with them.

IP version 4 (IPv4) is used by most networks today. IP version 6 (IPv6) is new, in use, and quite different from IPv4.

IPv4 is based on a 32-bit, binary address whereas IPv6 is based on a 128-bit, hexadecimal address (which allows a gazillion more addresses to be created). You should know the start and end of each class of IP addresses for IPv4 (A, B, C, D, and E). If you plan on becoming Cisco certified (CCNA), then you must know how to use IPv4 concepts off of the top of your head. This takes time and you should start now!

Make sure you try out all of the DOS commands listed in the chapter and that you’re familiar with how these work (including switches used to modify the command). Also install a free FTP client and download something (ftp://ftp.microsoft.com/ if you need an address to try!).

Hubs and switches are different. Hubs operate at OSI layer 1 whereas switches usually are at layer 2 (and sometimes layer 3 if they are also acting as a router, called a “brouter” in this case). Hubs are usually “dumb.” All they do is accept electronic signals in and move electronic signals out. No thinking or filtering. Switches though examine the source and destination address. Note that I just said that switches operate at L2. This is because the address they examine is the MAC address, which is a L2 address (you might recall that the actual IP address of a machine operates at L3). If the destination address is a L2 address, the switch tries to figure it out using its own routing table. If the switch gets stuck, it sends the frame (the PDU that is in use at L2) to a router. So, if the destination PC is on another or outside of the current network (meaning, outside of the switches IP address range, or subnet), the switch uses the router to handle the routing.

Ports are another important topic here. Think of a port as a phone line extension. When you call an office, you dial its number and then have to select the extension of the person you want to talk to.

To create an analogy, you can liken the phone number to an IP address, and a phone extension to a port number. A PC has thousands of them (65,535 to be exact).

Certain applications like to operate using certain ports. For example, a web browser likes to use port 80. The first 1,024 ports (0-1,023) are reserved for applications like this and are known as “well-known ports.” You obviously don’t need to memorize them all, but you should know HTTP, DNS, FTP (uses 2 ports – one for data transfer and one for keeping track of it all), TFTP, DNS, SMTP, POP3, and SNMP. That should get you started!

Don’t worry about memorizing the pieces of an Ethernet frame. You don’t even need to memorize those for Cisco!

Do pay attention to and memorize the distances for each technology. For example, the maximum cable length for an Ethernet network is 100 meters (about 328 feet). Now, look for the answer for the maximum distance for fiber (for example, 1000Base-SX) in your readings.

Regular category 6e cable (CAT6) is almost the same as CAT5. The difference is mostly in the math that relates to the copper itself. When you open up a cable, you see 8 wires inside (right?). Those 8 wires are surrounded by a plastic cladding. Groups of wires are twisted around each other too. The twisting is important! Physics requires so many twists per inch (unimportant how many) so that electricity (or signals) on one wire does not interfere with (or cancel out) the signal on another wire.

Fiber cabling is delicate as it has a glass core. Look up a picture of single-mode fiber on the Internet. The cable has a lot of protection outside and on the inside is an extremely small glass tube that looks like only a pin could pass into (that’s about right). A fiber switch will initiate a light signal (instead of electricity used on Ethernet) – photons – and send millions of these per second into the glass. If the light hits the side of the glass, the insulation cladding pushes it back to the center. Crazy, wouldn’t you say.

A switch is much better than a hub. For now, consider a hub as extremely old school and think of a switch as about 20 times faster. Any hub you find on your network should be replaced with a switch. You can buy cheap switches for about $25. Any switch if faster than any hub. We will get into more details as we move on this semester.

A packet sniffer can actually intercept electricity (or photons) on your cable (or fiber). The sniffer then translates that into something readable so that you can actually read the contents. For example, if a sniffer intercepts an email, you would be able to read all of its contents such as who it was from and to, its subject line, and the email message itself.

Most network admins know this and don’t allow them on their networks (and you can use a sniffer to find other sniffers!). Network admins might also encrypt network traffic so that a sniffer wouldn’t be able to display anything it picked up (it would show as jumbled text). Encryption is a math process that mixes up characters such that a normal reader wouldn’t know what they meant. Think of encryption as advanced ‘Pig Latin.’ Some encryption algorithms (the math formula used to scramble the characters) are so complex that even if you devoted thousands of computers to trying to figure out the math formula, you would need to invest billions of years.