NETWORKING

CHAPTER 1

1. COMPUTER NETWORKING:

For communication between computers, networking is required. Computer networks have been
mainly divided three categories:

(i) LAN – Local Area Network

(ii) MAN – Metropolitan Area Network
(iii) WAN – Wide Area Network

(i) Local Area Network

A Local Area Network (LAN) is a computer network that connects computers and devices in a
limited geographical area such as home, school, computer laboratory or office building.

(ii) MAN – Metropolitan Area Network

A MAN is a data network designed for a town or city. In terms of geographic breadth, MANs
are larger than local-area networks (LANs) but smaller than wide-area networks (WANs) such
as a city. A MAN is typically owned an operated by a single entity such as a government body
or large corporation.

(iii) WAN (Wide Area Network)

A wide area network (WAN) is a telecommunication network that covers a broad area (i.e., any
network that links across metropolitan, regional, or national boundaries). Business and
government entities utilize WANs to relay data among employees, clients, buyers, and suppliers
from various geographical locations. In essence this mode of telecommunication allows a
business to effectively carry out its daily function regardless of location.

1.1 TYPES OF LAN

1.1.1 Wired LAN (Wired Local Area Networks)

In a wired LAN, coaxial cable or special grades of twisted pair wires and network adapters
connect the devices. Back in the dawn of computing, two computers were directly wired to each
other using a crossover cable. In order to accommodate the demands of a network and connect
more computers, central devices like hubs, switches, or routers have evolved.
1.1.2 Wireless Local Area Networks (WLAN)

WLANs send and receive data through the air and use radio and infrared waves to transmit
information without a physical connection. The access point rceives buffers and transmits data
between the WLAN and the wired network infrastructure. A single access point can support a

1
small group of users and can function within a range of less than one hundred to several hundred
feet.

2. PROTOCOLS

In computing, a protocol is a set of rules which is used by computers to communicate and data
transfer with each other across a network.

Example : IP, DHCP,FTP,HTTP,,POP,SMTP,SSH,Telnet etc.

2.1 INTERNET PROTOCOL:

The Internet Protocol (IP) is the principal communications protocol used for
relaying datagrams (packets) across an internetwork using the Internet Protocol Suite.
Internet Protocol Version 4 (IPV4).Internet Protocol version 4 (IPv4) is the fourth version of
the Internet Protocol (IP) and it is the first version of the protocol to be widely deployed.
Protocol. It uses a 32 bit addressing and allows for 4,294,967,296 unique addresses. Ipv4 has
four different class types, the class types are A, B, C, and D.

2.1.1 Addressing:

IPv4 uses 32-bit (four-byte) addresses, which limits the address space to 4,294,967,296 (232)
possible unique addresses. However, some are reserved for special purposes such as private
networks(~18 million addresses) or multicast addresses (~270 million addresses). This reduces
the number of addresses that can potentially be allocated for routing on the public Internet.
2.1.2 IPv4 Address Classes:
The IPv4 address space can be subdivided into five classes - Class A, B, C, D and E. Each class
consists of a contiguous subset of the overall IPv4 address range.

The values of the leftmost four bits of an IPv4 address determine its class as follows:

Class Leftmost bits Start address Finish address

A 0xxx [Link] [Link]
B 10xx [Link] [Link]
C 110x [Link] [Link]
D 1110 [Link] [Link]
E 1111 [Link] [Link]

Class A - 0nnnnnnn hhhhhhhh hhhhhhhh hhhhhhhh

• First bit 0; 7 network bits; 24 host bits
• Initial byte: 0 - 127
• 126 Class As exist (0 and 127 are reserved)
2
 • 16,777,214 hosts on each Class A

Class B - 10nnnnnn nnnnnnnn hhhhhhhh hhhhhhhh

• First two bits 10; 14 network bits; 16 host bits
• Initial byte: 128 - 191
• 16,384 Class Bs exist

Class C - 110nnnnn nnnnnnnn nnnnnnnn hhhhhhhh

• First three bits 110; 21 network bits; 8 host bits
• Initial byte: 192 - 223
• 2,097,152 Class Cs exist
• 254 hosts on each Class C

2.1.3 Internet Protocol Version 6 (IPv6):

Internet Protocol version 6 (IPv6) is a version of the Internet Protocol (IP) that is designed to
succeed Internet Protocol version 4 (IPv4).The growth of the Internet has mandated a need for
more addresses than are possible with IPv4. IPv6 allows for vastly more addresses.IPv6 was
developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated IPv4
address exhaustion. While IPv4 allows 32 bits for an Internet Protocol address, and can therefore
support 232(4,294,967,296) addresses, IPv6 uses 128-bit addresses, so the new address space
supports 2128 (approximately 340 undecillion or 3.4×1038) addresses.

2.1.4 Public IP addresses:

A public IP address is any valid address, or number, that can be accessed over the
Internet. Internet standards groups, such as the Network Information Center (NIC) or the
Internet Assigned Numbers Authority (IANA), are the organizations responsible for registering
IP ranges and assigning them to organizations, such as Internet Service Providers (ISPs).

2.1.5 Private IP addresses:

A private IP address is any number or address assigned to a device on a private Local Area
Network that is accessible only within the Local Area Network. For a resource inside the Local
Area Network to be accessible over the Internet, a device within the Local Area Network must
be connected to the Internet with a public IP address, and the networking must be appropriately
configured.

2.1.6 Masking:

A subnetwork, or subnet, is a logically visible subdivision of an IP network .The practice of

dividing a network into sub networks is called subnetting.

Binary form Dot-decimal notation

IP address 11000000.10101000.00000101.10000010 [Link]
Subnet mask 11111111.11111111.11111111.00000000 [Link]
Network prefix 11000000.10101000.00000101.00000000 [Link]
Host part 00000000.00000000.00000000.10000010 [Link]

3
The mathematical operation for calculating the network prefix is the binary and. The result of
the operation yields the network prefix [Link] and the host number 130 of a possible
maximum of 256 addresses.

2. PACKET SWITCHING AND CIRUIT SWITCHING:

Packet-switched networks move data in separate, small blocks -- packets -- based on the
destination address in each packet. When received, packets are reassembled in the proper
sequence to make up the message. In packet-based networks, however, the message gets broken
into small data packets that seek out the most efficient route as circuits become available. Each
packet may go a different route; its header address tells it where to go and describes the
sequence for reassembly at the destination [Link] Packet-switched networks handled
data.

Circuit-switched networks require dedicated point-to-point connections during calls.

Circuit-switched networks were used for phone calls. packet-switched networks handled data.
In modern circuit-switched networks, electronic signals pass through several switches before a
connection is established. And during a call, no other network traffic can use those switches.

CHAPTER II

1. NETWORK DEVICES (Active Devices):

Computer networking devices are units that mediate data in a computer network. Computer
networking devices are also called network equipment.

List Of Computer Networking Devices

 Router
 Switch
 Hub
 Firewall

1.1 ROUTER

A router is a device that forwards data packets between telecommunications networks, creating
an overlay internetwork. A router is connected to two or more data lines from different
4
networks. When Then, using information in its routing table or routing policy, it directs the
packet to the next network on its journey or drops the packet.

1.1.1 VPN Tunnel:

Virtual private network technology is based on the idea of tunneling. VPN tunneling involves
establishing and maintaining a logical network connection (that may contain intermediate hops).
On this connection, packets constructed in a specific VPN protocol format are encapsulated
within some other base or carrier protocol, then transmitted between VPN client and server, and
finally de-encapsulated on the receiving side.
Internet-based VPNs, packets in one of several VPN protocols are encapsulated within Internet
Protocol (IP) packets. VPN protocols also support authentication and encryption to keep the
tunnels secure.

1.1.2 Voice over IP (VoIP): It is a methodology and group of technologies for the delivery
of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as
the Internet. Other terms commonly associated with VoIP are IP telephony, Internet
telephony, broadband telephony, and broadband phone service.
The term Internet telephony specifically refers to the provisioning of communications services
(voice, fax, SMS, voice-messaging) over the public Internet, rather than via the public switched
telephone network (PSTN).

1.1.3 Hot Standby Router Protocol (HSRP): It is a routing protocol that allows host
computers on the Internet to use multiple routers that act as a single virtual router, maintaining
connectivity even if the first hop router fails, because other routers are on "hot standby".

1.1.4 Load Balancing:

In computing, load balancing distributes workloads across multiple computing resources, such
as computers, a computer cluster, network links, central processing units or disk drives. Load
balancing aims to optimize resource use, maximize throughput, minimize response time, and
avoid overload of any single resource. Using multiple components with load balancing instead
of a single component may increase reliability through redundancy. Load balancing usually
involves dedicated software or hardware, such as a multilayer switch or a Domain Name
System server process.

1.1.5 Bandwidth: In computer networks, bandwidth is used as a synonym for data transfer rate,
the amount of data that can be carried from one point to another in a given time period (usually a
second). Network bandwidth is usually expressed in bits per second (bps); modern networks

5
typically have speeds measured in the millions of bits per second (megabits per second, or
Mbps) or billions of bits per second (gigabits per second, or Gbps).

1.2 NETWORK SWITCH

A network switch is a small hardware device that joins multiple computers together within one
local area network (LAN)..

Network switches appear nearly identical to network hubs, but a switch generally contains more
intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches are
capable of inspecting data packets as they are received, determining the source and destination
device of each packet, and forwarding them appropriately.

1.2.1 Types Of Switches

[Link] Unmanaged Switch:

These switches have no configuration interface or options. They are plug_and_play. They are
typically the least expensive switches, found in home, or small businesses. They can be desktop
or rack mounted.

[Link] Managed Switches

These switches have one or more methods to modify the operation of the switch. Common
management methods include: a command-line interface (CLI) accessed via serial console,
telnet or Secure Shell.

[Link] VLAN
Basically a Virtual Local Area Network (VLAN) is a collection of nodes that are grouped
together in a single broadcast domain that is based on something other than physical location. A
VLAN is a logical local area network (or LAN) that extends beyond a single traditional LAN to
a group of LAN segments, given specific configurations. Because a VLAN is a logical entity, its
creation and configuration is done completely in software.

1.3 FIREWALL
A firewall is a protective system that lies, in essence, between your computer network and
the Internet. When used correctly, a firewall prevents unauthorized use and access to your
network. The job of a firewall is to carefully analyze data entering and exiting the network based
on your configuration. It ignores information that comes from unsecured, unknown or suspicious
6
locations. A firewall plays an important role on any network as it provides a protective barrier
against most forms of attack coming from the outside world.

When installed, a firewall exists between your computer(s) and the Internet. The firewall lets us
request web pages, download files, chat, etc. while making sure other people on the internet can
not access services on your computer like file or print sharing. Some firewalls are pieces of
software that run on your computer. Other firewalls are built into hardware and protect your
whole network from attacks.

2.3.1 Hardware Firewall

A hardware firewall uses packet filtering to examine the header of a packet to determine its
source and destination. This information is compared to a set of predefined or user-created rules
that determine whether the packet is to be forwarded or dropped.

1.3.2 Software Firewall

For individual home users, the most popular firewall choice is a software firewall. Software
firewalls are installed on our computer (like any software) and we can customize it; allowing
you some control over its function and protection features. A software firewall will protect our
computer from outside attempts to control or gain access your computer, and, depending on your
choice of software firewall, it could also provide protection against the most
common Trojan programs or e-mail worms. Many software firewalls have user defined controls
for setting up safe file and printer sharing and to block unsafe applications from running on your
system.

1.3.3 Intrusion Detection System (IDS)

A device or application that analyzes whole packets for intrusions and symptoms within traffic.
IPS systems would monitor for unusual behavior, abnormal traffic, malicious coding and
anything that would look like an intrusion by a hacker being attempted.

1.3.4 Intrusion Prevention System (IPS)-

7
A device or application that analyzes whole packets, both header and payload, looking for
known events. When a known event is detected the packet is [Link] (Intrusion Prevention
System) systems are deployed inline and actually take action by blocking the attack, as well as
logging the attack and adding the source IP address to the block list for a limited amount of
time; or even permanently blocking the address depending on the defined settings.

1.3.5 Dynamic Host Configuration Protocol (DHCP):

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to
automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope)
configured for a given network.

1.3.6 Authentication, authorization, and accounting (AAA):

Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently
controlling access to computer resources, enforcing policies, auditing usage, and providing the
information necessary to bill for services. These combined processes are considered important
for effective network management and security.

1.3.7 Proxy:

In computer networks, a proxy server is a server (a computer system or an application) that acts
as an intermediary for requests from clients seeking resources from other servers. A client
connects to the proxy server, requesting some service, such as a file, connection, web page, or
other resource available from a different server and the proxy server evaluates the request as a
way to simplify and control its complexity. Proxies .Today, most proxies are web proxies,
facilitating access to content on the World Wide Web and providing anonymity.

CHAPTER III

PASSIVE COMPONENTS:

1. NETWORK CABLE
Cable is the medium through which information usually moves from one network device to
another. There are the types of cable, which are commonly used with LANs.

 Unshielded Twisted Pair (UTP) Cable

 Fiber Optic Cable

1.1 Unshielded Twisted Pair (UTP)

8
Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair
(UTP) is the most popular and is generally the best option for school networks.

1.1.1 Categories Of UTP Cable

In the context of the 100-ohm UTP (Unshielded Twisted Pair) type of cable used for Ethernet
wiring the only categories of interest are Cat3, Cat4, Cat5, Cat5e and Cat6.

Specifications for Cat3, Cat4, Cat5, Cat5e, Cat6, and Cat7 Cables:

Category Type Length LAN Applications Notes

Cat3 UTP 100m 10Base-T, 4Mbps Now mainly for telephone

cables

Cat4 UTP 100m 16Mbps Rarely seen

Cat5 UTP 100m 100Base-Tx Common for current LANs

Cat5e UTP 100m 1000Base-T Common for current LANs

Cat6 UTP 100m Common for current LANs

1.2 Fibre Optic Cable:

Fiber optic cabling consists of a center glass core surrounded by several layers of protective
materials. It transmits light rather than electronic signals eliminating the problem of
electrical interference. This makes it ideal environments that contain a large amount of
electrical interference. Fiber optic cable has the ability to transmit signals over much longer
distances than coaxial and twisted pair. It also has the capability to carry information at
vastly greater speeds. This capacity broadens communication possibilities to include services
such as video conferencing and interactive services.

9
There are two common types of fiber cables -- single mode and multimode. Multimode cable
has a larger diameter; however, both cables provide high bandwidth at high speeds. Single mode
can provide more distance, but it is more expensive.

1.2.1 Modules:

The small form-factor pluggable (SFP) module is a compact, hot-pluggable transceiver used
for both telecommunication and data [Link] transceivers are designed
to support gigabit Ethernet, Fibre Channel, and other communications standards.
SFP transceivers are available with a variety of transmitter and receiver types, allowing users to
select the appropriate transceiver for each link to provide the required optical reach over the
available optical fiber type (e.g. multi-mode fiber or single-mode fiber). Optical SFP modules
are commonly available in several different categories:

 for multi-mode fiberr

 SX - 850 nm, for a maximum of 550 m at 1.25 Gbit/s (gigabit Ethernet) or 150m at
4.25 Gbit/s (Fibre Channel)[
 for single-mode fiber
 LX - 1310 nm, for distances up to 10 km
 EX - 1310 nm, for distances up to 40 km
 ZX - 1550 nm, for distances up to 80 km

1000BASE-T - these modules incorporate significant interface circuitry[9] and can only be used
for gigabit Ethernet, as that is the interface they implement.

The enhanced small form-factor pluggable (SFP+) is an enhanced version of the SFP that
supports data rates up to 16 Gbit/s.

1.2.2 Pach Panel, pigtail ,Pachcord, LIU and Connectors:

A patch panel, patch bay, patch field or jack field is a device or unit featuring a number of jacks,
usually of the same or similar type, for the use of connecting and routing circuits for monitoring,
interconnecting, and testing circuits in a convenient, flexible manner. .

Fiber cable termination is the addition of connectors to each optical fiber in a cable. The fibers
need to have connectors fitted before they can attach to other equipment. Two common solutions
for fiber cable termination are pigtails .

10
 A fiber pigtail is a single, short, usually tight-buffered, optical fiber that has an optical connector pre-
installed on one end and a length of exposed fiber at the other end.

The end of the pigtail is stripped and fusion spliced to a single fiber of a multi-fiber trunk. Pigtails can
have female or male connectors. Female connectors could be mounted in a patch panel, often in
pairs although single-fiber solutions exist, to allow them to be connected to endpoints or other fiber
runs with patch fibers. Alternatively they can have male connectors and plug directly into an
optical transceiver.
Light interface units (LIU) are extensively used for wired communication networks. The LIUs
are used for routing, terminating and managing optical cable terminations. These light interface
units can be wall mounted or rack mounted for ease of use.

A patch cord (sometimes called a patch cable) is a length of cable with connectors on the ends
that is used to connect an end device to something else, such as a power source. One of the most
common uses is connecting a laptop, desktop or other end device to a wall outlet.

RJ45 is a standard type of connector for network cables. RJ45 connectors are most commonly
seen with Ethernet cables and networks.
RJ45 connectors feature eight pins to which the wire strands of a cable interface electrically.
Standard RJ-45 pin outs define the arrangement of the individual wires needed when attaching
connectors to a cable.

RJ-11 connectors used with telephone cables, for example, are only slightly smaller (narrower)
than RJ-45 connectors

1.2.3 Backup and Restoration of Network Device :

In information technology, a backup, or the process of backing up, refers to the copying and
archiving of computer data so it may be used to restore the original after a data loss event. The
verb form is to back up in two words, whereas the noun is [Link] restoration is the process
to recover the data and restore from backup data.

Backups have two distinct purposes. The primary purpose is to recover data after its loss, be it
by data deletion or corruption.

[Link] Make a Backup and Restoration of the Network Devices:

There are several methods to choose from in order to back up and restore a configuration:
 Use a TFTP server
 Use a Terminal Emulation Program

Trivial File Transfer Protocol (TFTP) is a simple, lock-step, file transfer protocol which
allows a client to get from or put a file onto a remote host. One of its primary uses is in the early
stages of nodes booting from a Local Area Network. TFTP has been used for this application
because it is very simple to implement.
11
A terminal emualation program can be used to back up and restore a configuration. This is a
description of the procedure using Microsoft Hyperterminal Terminal Emulation software:

CHAPTER IV

SECURITY

Computer security is anything that has to do with protecting computer systems such as
smartphones, desktop computers, company servers, IP phones, set-top boxes, etc. from spam,
viruses, worms, trojan horses, malware and intrusion. It is defined as methods and technologies
for deterrence, protection, detection, response, recovery and extended functionality in
information systems.

Malware, short for malicious software, is any software used to disrupt computer operation,
gather sensitive information, or gain access to private computer systems.
Spyware is software that aids in gathering information about a person or organization without
their knowledge and that may send such information to another entity without the consumer's
consent, or that asserts control over a computer without the consumer's knowledge.

Spam is flooding the Internet with many copies of the same message, in an attempt to force the
message on people who would not otherwise choose to receive it. Most spam is commercial
advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam
costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers
rather than by the [Link] spam targets individual users with direct mail messages.

In network security, endpoint security refers to a methodology of protecting the

corporate network when accessed via remote devices such as laptops or other wireless and
mobile devices. Each device with a remote connecting to the network creates a potential entry
point for security threats. Endpoint security is designed to secure each endpoint on the network
created by these devices.
Usually, endpoint security is a security system that consists of security software, located on a
centrally managed and accessibleserver or gateway or node within the network, in addition
to client software being installed on each of the endpoints (or devices). The server authenticates
logins from the endpoints and also updates the device software when needed. While endpoint
security software differs by vendor, we can expect most software offerings to provide antivirus,
antispyware, firewall and also a host intrusion prevention system (HIPS).

Antivirus or anti-virus software is software used to prevent, detect and remove malware (of all
descriptions), such as: computer viruses, malicious rootkits, spyware, trojan horses and worms.
Computer security, including protection from social engineering techniques, is commonly
offered in products and services of antivirus software companies.

12