Documente Academic
Documente Profesional
Documente Cultură
4 ESO
UNIT TWO
NETWORKS
SECURITY
Produced by Edgar Mahtani
&
ICT
CONTENTS
1. Networks: Definitions and Types......................................................3
2.1
2.2
2.3
2.4
Physical Devices...............................................................................7
Wireless Networks ...........................................................................9
Basic Network Configuration in Windows ........................................10
Basic Wireless Network Configuration in Windows...........................14
3.1
3.2
3.3
3.4
3.5
4. Computer Security..............................................................................18
Page 2
ICT
On-line antivirus..............................................................................31
1.1
TYPES OF NETWORKS
Page 3
ICT
area network could also be interconnected without wires to the Internet or other
networks.
Page 4
ICT
Page 5
ICT
computers of the star networks are connected to a main cable called the bus. Thus,
a tree network is a bus network of star networks.
Simplex: The communication occurs in one direction only. Only present in some
PAN devices (Bluetooth headphones)
PHYSICAL DEVICES
Page 6
ICT
The most modern ones have 1000 Mbps technology, although the speed will also depend
on the different types of connectors (RJ45 or BCN) and connection cables (coaxial,
twisted pairs or fibre optic). Each card has a specific code so that it can be identified in the
network. This code is known as the MAC address (command interpreter: CMD +
ipconfig/all) of the system, also known as the physical address: it is a hexadecimal
number made of six pairs of digits (e.g. 00:5C:5D:11:08:F3).
NETWORK CABLES
In order to carry out a wired connection, network connection cables are required.
There are three types of connection cables.
Coaxial Cable
Coaxial cabling has a single copper conductor at its centre. A plastic layer provides
insulation between the centre conductor and a braided metal shield. The metal shield
helps to block any outside interference from fluorescent lights,
motors, and other computers. Although coaxial cabling is difficult to
install, it is highly resistant to signal interference. In addition, it can
support greater cable lengths between network devices than
twisted pair cable.
Page 7
ICT
electrical interference. It has also made it the standard for connecting networks
between buildings, due to its immunity to the effects of moisture and lighting.
Fibre optic cable has the ability to transmit signals over much longer distances than
coaxial and twisted pair. It also has the capability to carry information at vastly greater
speeds. This capacity broadens communication possibilities to include services such
as video conferencing and interactive services. The cost of fibre optic cabling is
comparable to copper cabling; however, it is more difficult to install and modify.
10BaseF refers to the specifications for fibre optic cable carrying Ethernet signals.
THE SWITCH
A switch (sends data to PCs of
choice) is used to connect multiple
computer
equipment
in
an
Ethernet network with a star
topology. Since it is an external
device it becomes part of the
hardware peripherals used in the
operation of a computer system. It is
usual that one of the switch ports is
connected to a router to have access
to Internet. Although hubs and
switches both glue the PCs in a
network together, a switch is cheaper
than before and a network built with
switches is generally considered
faster than one built with hubs. These
switches not only receive data
packets, but also have the ability to inspect them before passing them on to the next
computer. In other words, they can figure out the source, the contents of the data, and
identify the destination as well. Because of this uniqueness; it sends the data to the
relevant connected system only, thereby using less bandwidth at high performance
rates.
Ethernet Gigabit networks
Until a few years ago, networks were made up of
network cards and 10/100 type switch that could
transmit up to 100 Mb per second within the local
network. At present there are network cards and
10/100/1000 type switch that can transmit up to 1 Gb
per second within the local network. Although more
expensive equipment, they are an enormous help for
the traffic of data in a LAN network.
ROUTER
Page 8
ICT
A router is a device that interconnects two or more computer networks, and
selectively interchanges packets of data between them. Each data packet contains
address information that a router can use to determine if the source and destination are
on the same network, or if the data packet must be transferred from one network to
another. Where multiple routers are used in a large collection of interconnected
networks, the routers exchange information about target system addresses, so that
each router can build up a table showing the preferred paths between any two systems
on the interconnected networks. The router is connected to at least two networks and
decides which way to send each information packet based on its current understanding
of the state of the networks it is connected to. A router is located at any gateway (where
one network meets another), including each point-of-presence on the Internet. A router
is often included as part of a network switch.
Exercises:
5. How can you find out the MAC address of your network card? Which
command interpreter do you use?
6. Use Internet to find out the colours used by unshielded twisted pair cables.
7. If you had to choose a device to connect the network equipment of a local
network, which order of preference would you choose from these?
Switch 10/100 Hub Switch 10/100/1000
2.2
WIRELESS NETWORKS
Page 9
ICT
connection. It can function in a wired LAN (local area network), a wireless only LAN,
or a mixed wired/wireless network.
Page 10
ICT
2.3
In order for a network to work properly you need to have the computer systems
properly connected and set up the devices with a series of parameters so that these can
share information. In Windows the first thing to take into account is the name of the system
and the workgroup in which we want our computer to belong:
Windows XP
Start Menu -> Control Panel -> System Properties. In the Computer Name tab we
can see the complete name of the computer system and the workgroup.
Windows 7
Start Menu -> Control Panel -> System and Security -> System -> Advanced
system settings. In the Computer Name tab we can see the complete name of the
computer system and the workgroup. If you want change this information, click on the
Change button and carry out the changes on the window that appears.
Page 11
ICT
address has a hierarchical value; in other words, the first three numbers indicate the range
of the network and the last one the individual device.
Automatic network connection set up
For the automatic set up you must have an option in the router settings called DHCP
automatic server activated.
Step 1
o Windows XP
Start Menu -> Control Panel -> Network and Internet connections -> Network
connections. A window will open showing the network connections that your computer
has activated.
o Windows 7
Start Menu -> Control Panel -> Network and Internet -> View network status and
tasks.
Step 2
o Windows XP
Double click on Local area network and select the Properties button which appears in
the dialogue box. Then double click on TCP/IP Protocol. As the router is set up with the
DHCP server activated you dont have to enter any information, you only need to leave the
Obtain an IP address automatically and Obtain DNS server address automatically
selected.
The British School of Aragon
Page 12
ICT
o Windows 7
Change adapter settings -> right hand click on the Local Area Network and select
the Properties option. In This connection uses the following items: double click on
Internet Protocol Version 4 (TCP/IPv4). As the router is set up with the DHCP server
activated you dont have to enter any information, you only need to leave the Obtain an IP
address automatically and Obtain DNS server address automatically selected.
Manual network
connection set up
The
other
option
is
assigning the
IP
address,
the
subnet
mask and the
Default
Gateway (the routers IP address) manually.
You must know the IP address of the router so that we can assign an IP address which
is in our same range (i.e. with the same first three digits and whose last digit is different to
the routers IP. If we have the default gateway 192.168.0.1, our computer must have an IP
address 192.168.0.X (where X must be between 2 and 255 and mustnt be repeated in any
other computer of the local network.
The DNS server is the address of the computer server of our Internet Service Provider
(ISP), and the primary address as well as the alternative address must be provided by the
ISP (Movistar, Jazztel, etc.) Our ISP will give us two addresses to avoid any loss in the
service in case one is lost or because of service saturation. A DNS server has a data base
which relates the domain address (e.g. www.britanicoaragon.com) with the IP address of
the computer that has the information of the Internet page of that domain.
The British School of Aragon
Page 13
ICT
2.4 BASIC WIRELESS NETWORK CONFIGURATION IN WINDOWS
Follow the steps from the previous section to set up the wireless network (fixed or
automatic (DHCP) IP addresses). The difference between a cable and a wireless network
is that the last one has to be within the area of a network in range and
write the network password. You have to access the specific program to
manage wireless networks of your wireless wifi or Windows own:
Step 1
Internet
Step 2
Choose the wireless connection and click on the View wireless networks button, and
a list of the networks detected by your aerial will appear. The signals with a padlock
indicate those that have their security activated.
Step 3
Double click the network you want to connect to and you will
be asked for a security key or password. Write the key and
connect. After a few seconds the DHCP server will assign you an
IP address, you will be able to surf the Internet and have access to the resources of your
local network.
In this configuration we can have access to various wireless networks and arrange your
favourite ones. This arrangement can be changed by clicking on the task Change the
order of the preferred networks which appears in the window of the available wireless
devices.
IMPORTANT: whenever you wish to connect to an open wifi
network they should be known to you or of known public organisations
(Town Hall, Civil Center, etc.), otherwise behind an unprotected
network their maybe a computer pirate that offers this as a bait to
obtain information from the computers that connect to that network. It
is advisable not to surf with private information (social networks,
banks, e-mails) when you are connected to an open wireless
network because you run the risk of your passwords been discovered or stolen.
Page 14
ICT
Step 1
To share a folder from your hard disk, right-hand click on the folder. A contextual menu
of the tasks that you can carry out will appear. Select the Share and security option.
Step 2
A dialogue box to share resources will appear. In this window Set up the name of the
folder that you want to share and which will be known as for the other users of the
network. Remember that the name must have more than eight characters or special
symbols like dashes, accents, slash, etc. By marking the check box Share this folder in
the network you can also add other options like Allow other network users change my
files. We choose this option when you dont mind other computers in the network
changing or creating new folders in the shared folder.
Step 3
Apply and accept the changes: the icon of the folder will change and a hand which
indicates that the folder is shared will appear below it. Special permissions of users in the
folder are assigned from the Share and security menu that we have seen, but in the
advanced option. In this window a special permission button will appear where you add
new users and permit or deny the control of the contents of that folder.
Specify permissions to specific users in Windows XP
network:
To specify permissions with respect to the users you must
view the Share and security tool in its advanced format.
Start menu -> Control Panel and then in the above menu
click on Tools -> Folder options. In the tab View there is an
advanced set up area where you must unmark the check box
that reads: Use simple file sharing (recommended). Accept.
Page 15
ICT
Page 16
ICT
Page 17
ICT
4. COMPUTER SECURITY
Computer security is the process of preventing and detecting unauthorized use of your
computer. Prevention measures help you to stop unauthorized users (also known as
"intruders") from accessing any part of your computer system. Detection helps you to
determine whether or not someone attempted to break into your system, if they were
successful, and what they may have done.
An integrated system: does not allow any unauthorized user to modify any information
on the computer.
A confidential system: does not allow any user without authorisation in the system to
view data.
These characteristics that limit the use of information must go together with the
availability concept because the systems must be available so that authorised users can
use them adequately. Do you think your computer system at home or school is safe? Can
any other user view your files when they use your computer? Do you protect your identity
by using passwords and security keys?
Against accidents and breakdown: it can damage our computer system and
cause loss of data.
Against intruders: from the same computer or from another computer in the
network that can get access to data in our computer.
Page 18
ICT
4.2 Active & passive security
There are two types of tools or recommended practices related to security:
Page 19
ICT
especially if you dont know who they are from. Whenever in doubt, even with ones that
you may recognise the sender, dont open them!!
Troyan
A small application that hides in other utility programs, desktop
backgrounds, images, etc., that doesnt want to delete information,
but wants to create an entrance into our computers so that another
user or application may gather information from our computer or
even to take complete control of the computer system from a remote
site. It uses other applications to get into the computer system and
these may come from the web, e-mails, chats or ftp servers.
Spy
This is a program that installs itself into a computer without the user
knowing it so that it can gather information to send it to other Internet
servers which are managed by publicity companies. The information
that a spy gathers is usually used to send us spam or unwanted (trash)
e-mails. Computers affected by spyware usually find their connection to
Internet is slowed down.
Dialer
These are programs installed into the computer which use the users
Internet modem telephone connection to make high cost phone calls
which generates expensive phone bills for the user and financial
benefits for the creator of the dialer. If the connection to the Internet is
via an ADSL router this problem can be avoided. It is advisable to
inform your Internet Service Provider to block all calls to telephone
services that charge you (803, 806, 807, etc.).
Spam
Also known as trash mail, it sends mass publicity e-mails to the address of any existing
e-mail. Its objective is to sell its products. The main effects on your computer are that it
saturates your e-mail server and hides other malicious e-mails. All e-mail programs to day
include a black list of contacts to block their e-mails and they store suspicious e-mails in a
folder called spam or trash e-mail.
Pharming
This consists of replacing webpages by a local server installed in
your computer without the user knowing it. This replacement is used to
obtain bank data from the users and then carry out illegal financial
crimes.
The British School of Aragon
Page 20
ICT
Phishing
An illegal practice which consists of obtaining confidential information from users with
electronic banking via e-mails that request such information. This fraud is camouflaged by
giving the e-mail the official appearance of our bank and uses the same corporative
(company) logo.
Keylogger (key register)
By using malware or even hardware devices, its aim is to register
all the keys that a user keys in the keyboard to store them in a file
and send them to Internet to the creator of the keylogger. In this
way, private information such as passwords, banking data, private
conversations, etc. can be obtained. Keyloggers may also come in
hardware devices which are connected to the keyboard or CPU. With
a simple visual testing you can discover the spying device.
Rogue software
Also known as a false security program, these are false antivirus or anti-spy
programs which makes the user believe that their computer system is infected by a virus
or spy programs so that they buy a program the eliminates this false infection. If you have
any doubts about a particular security program you can consult a numbers of lists that
exist to inform users.
http://www.infospyware.com/rogue-software/
http://www.spywarewarrior.com/
Page 21
ICT
Many antivirus programs also use heuristic analysis to identify new malware or variants
of known malware (they speed up the process of finding a satisfactory solution). The
heuristic technique of an antivirus consists of analysing the internal code of the file to
determine if it is a virus, even if it isnt included in the data base of malware programs. This
is an important way of detecting new viruses which still have not been included in the data
bases. Antivirus programs have different levels of protection:
Memory resident level: this consists in continuously running and analysing
programs which are executed in the computer, incoming and outgoing e-mails,
webpages, etc. The resident antivirus uses computer resources and may slow it
down.
Complete analysis level: this consists in analysing all the files from the hard disk,
the boot, RAM memory, etc. of the computer. These analysis are done much faster
the more you repeat the procedure because the good files are marked off to avoid
analysing them again in further analysis.
Free antivirus
Many tools are appearing lately which allow you to analyse the computer in a remote
way from Internet; known as online antiviruses. These are some examples of the free
antiviruses for different operating systems and analysis through Internet:
FOR WINDOWS: Panda Cloud Free edition: http://www.cloudantivirus.com
Comodo
Antivirus: http://www.comodo.com
FOR MAC OS X:
FOR ANDROID:
FOR LINUX:
Page 22
ICT
ON-LINE:
4.6 Firewall
The purpose of a firewall program is to allow or not communication between the
applications in our computer system and the network, and also avoid intrusion from other
systems to ours via the TCP/IP protocol. It will control the traffic between the computer and
the local network and Internet. In order for the firewall to function properly it must have a
series of conditions set up for the applications that have permission to communicate with
the network (Internet Explorer, e-mail clients, antivirus updating applications, etc.) and to
stop the communication of applications which you dont wish to interact with Internet.
When the firewall detects an application that wants to communicate with Internet and
doesnt have the required set up conditions, a window will appear which asks you what to
do with the respective communication. Windows XP and Windows 7 have their own
firewall which is simple to set up:
o
Windows XP
Step 1
Start Menu -> Control Panel -> Security Center -> Windows Firewall.
Step 2
Activate the firewall. Open the Exceptions tab and add the programs you wish to
allow access.
Windows 7
Step 1
Start Menu -> Control Panel -> System and Security -> Windows Firewall.
Step 2
With the Allow a program through Windows firewall option you can add
exceptions to the firewall.
Step 3
In the Advanced settings option in Windows Firewall you can give entry or exit
permissions to each program.
Page 23
ICT
Routers that have access to Internet have their own firewall. To set them up you have
to enter the routers set up configuration using the IP of the default gateway of your
network in the browser.
Free firewalls
These are some free versions of firewalls you can also use:
ZoneAlarm: http://www.zonealarm.com
Page 24
ICT
browser and send us to a blank page, of publicity, using a means known as hijacking
(when a homepage is changed without permission of the user).
The purpose of these anti spy programs is similar to the antivirus because it compares
the files of our computer with the data base of spy files. This is the reason why this
software is also very important to have installed in our computers.
Free anti-spyware
Window 7 includes its own anti-spy program called Windows Defender. Linux doesnt
have anti-spy programs incorporated because it has a low number of attacks, but there are
complements for the browser to close webpages with spyware. These are some:
Ad-Aware: http://www.lavasoft.com
Page 25
ICT
Page 26
ICT
Things to remember!!
Page 27
ICT
RJ-45 connectors
There are two kinds of Ethernet cables you can make: Straight Through and Crossover.
STRAIGHT THROUGH - Ethernet cables are the
standard cable used for almost all purposes. The
purpose is to connect the computer to a switch or
hub. It is highly recommend you duplicate the color
order as shown on the left. Note how the orange pair
is not side by side as are all the other pairs. This
configuration allows for longer wire runs.
CROSSOVER CABLES - The purpose of a Crossover
Ethernet cable is to directly connect one computer to
another computer (or device) without going through a
router, switch or hub.
Here's how to make a standard cable:
Cut into the plastic sheath 1 inch (1,5 cm) from the end of the
cut cable. The crimping tool has a razor blade that will do the
trick with practice.
Unwind and pair of the similar colors.
Page 28
ICT
Pinch the wires between your fingers and straighten them
out as shown.
The wire colors line up to form a straight through standard
cat 5 cable as described above.)
(We apologize that this picture on the left is not the exact
same color order as the picture above showing straight
through cables. Please use the color combinations above
and we will replace this photo soon.)
Use scissors to make a straight cut across the wires 1/2 Inch from the cut sleeve to the
end of the wires.
Push the wires into the connector. Note the position of the blue
plastic shielding. Also note how the wires go all the way to the end.
A view from the top. All the wires are all the way in. There are no
short wires.
WRONG WAY - Note how the blue plastic shielding is not inside the
connector where it can be locked into place. The wires are too long.
They should be 1/2 inch from the sleeve.
WRONG WAY - Note how the cables do not go all the way to the end of
the connector.
CRIMPING THE CABLE ... carefully place the connector into the
Ethernet Crimper and cinch down on the handles tightly. The copper
splicing tabs on the connector will pierce into each of the eight wires.
There is also a locking tab that holds the blue plastic sleeve in place
for a tight compression fit. When you remove the cable from the
crimper, the cable is ready to use.
For a standard cable, repeat all steps on the other end of the Ethernet
cable exactly. For a cross-over cable, make sure to get the color order
right.
Make sure to test the cables before installing them. An inexpensive
Ethernet cable tester does this quite well.
Page 29
ICT
Page 30
ICT
Step 8:
The wireless network parameters are modified in the Wireless menu. It is important
the name of the network so that you can connect later on. You can also change the
channel number if you see that there is a lot of interference.
Step 9:
The password of the wireless network is important to avoid intruders who can
reduce our bandwidth. To change the password, go to Wireless -> Security.
Nowadays the WEP encryption of our password is not completely safe because
there are programs that are capable of decoding them. It is advisable to use WPA
and WPA2 type encryptions if your router allows it.
Step 10:
It may be the case that your router acts as a bridge or access point in a wireless
network with several access points. If this is the case, the IP addresses of the
different wireless access points which are in the network must be set up. This
configuration is found in the Wireless menu -> Bridge.
You must confirm all the changes you carry out in each window using the Apply or
Save Settings button of each menu.
Page 31
ICT
On-line antivirus
One of the most demanded services by Internauts today is related to security in our
computer system. As a result of this demand, many web applications have emerged
which can scan any malware in our hard disk without having to install them in our
computer. One of the most used on-line antiviruses is Panda Activescan. If you
access this webpage click on Free Scan of your computer and go to the next page. In
this window you can choose the type of analysis you wish to carry out: quick or
complete. Finally, click on the Scan button for it to start working.
Page 32