SQA Higher Computing Unit 3b Computer Networking

SCHOLAR Study Guide SQA Higher Computing Unit 3b Computer Networking David Bethune Heriot-Watt University Andy Cochrane Heriot-Watt University Tom Kelly Heriot-Watt University Ian King Heriot-Watt University Richard Scott Heriot-Watt University Heriot-Watt University Edinburgh EH14 4AS, United Kingdom.

First published 2004 by Interactive University This edition published in 2007 by Heriot-Watt University Copyright c 2007 Heriot-Watt University Members of the SCHOLAR Forum may reproduce this publication in whole or in part for educational purposes within their establishment providing that no profit accrues at any stage, Any other use of the materials is governed by the general copyright statement that follows. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, without written permission from the publisher. Heriot-Watt University accepts no responsibility or liability whatsoever with regard to the information contained in this study guide. SCHOLAR Study Guide Unit 3b: Computing 1. Computing Printed and bound in Great Britain by Graphic and Printing Services, Heriot-Watt University, Edinburgh.

Acknowledgements Thanks are due to the members of Heriot-Watt University s SCHOLAR team who planned and created these materials, and to the many colleagues who reviewed the content. We would like to acknowledge the assistance of the education authorities, colleges, teachers and students who contributed to the SCHOLAR programme and who evaluated these materials. Grateful acknowledgement is made for permission to use the following material in the SCHOLAR programme: The Scottish Qualifications Authority for permission to use Past Papers assessments. The Scottish Executive for financial support. All brand names, product names, logos and related devices are used for identification purposes only and are trademarks, registered trademarks or service marks of their respective holders.

i Contents 1 Common Network Protocols 1 1.1 What is a network protocol?......................... 3 1.2 Telnet..................................... 4 1.3 HTTP..................................... 5 1.4 FTP...................................... 6 1.5 SMTP and POP3............................... 8 1.6 Lower Layer Network Protocols....................... 10 1.7 Summary................................... 12 1.8 End of Topic Test............................... 12 2 The OSI Network Model 13 2.1 Introduction to Network Architecture.................... 15 2.2 The Application Layer............................ 15 2.3 The Presentation Layer........................... 16 2.4 The Session Layer.............................. 16 2.5 The Transport Layer............................. 16 2.6 The Network Layer.............................. 16 2.7 The Data Link Layer............................. 17 2.8 The Physical Layer.............................. 17 2.9 Summary................................... 17 2.10 End of Topic Test............................... 18 3 IP addresses and the Domain Name Service 19 3.1 Introduction to IP Addresses and the Domain Name Service....... 20 3.2 The structure of an IP address....................... 21 3.3 Classes of IP address............................ 21 3.4 Domain Names................................ 25 3.5 Limitations of the IP address system.................... 29 3.6 Summary................................... 29 3.7 End of Topic Test............................... 30 4 The World Wide Web (WWW) 31 4.1 Introduction to the World Wide Web.................... 33 4.2 The Structure of a Web Page........................ 34 4.3 Types of Browser............................... 36 4.4 Search Engines................................ 39 4.5 Summary................................... 41 4.6 End of Topic Test............................... 41 5 The Implications of the WWW 43

ii CONTENTS 5.1 Introduction to the Implications of the WWW................ 45 5.2 E-commerce................................. 45 5.3 Social Implications of the WWW...................... 49 5.4 Ethical Implications of the WWW...................... 51 5.5 Internet Regulation.............................. 54 5.6 Summary................................... 57 5.7 End of Topic Test............................... 57 6 Network Security 59 6.1 Introduction to Network Security...................... 61 6.2 Threats to Network Security......................... 62 6.3 Protecting the Network Software and resources.............. 66 6.4 Internet Filtering............................... 69 6.5 Summary................................... 69 6.6 End of Topic Test............................... 70 7 Denial of Service Attacks and Disaster Recovery 71 7.1 Introduction.................................. 72 7.2 Denial of Service (DoS)Attacks....................... 73 7.3 Avoiding Disaster............................... 75 7.4 Summary................................... 77 7.5 End of Topic Test............................... 77 8 Data Transmission 79 8.1 Introduction.................................. 81 8.2 Asynchronous and Synchronous Data Transmission........... 82 8.3 Circuit and Packet Switching........................ 82 8.4 Unicast, Broadcast and Multicast transmission.............. 83 8.5 Ethernet.................................... 84 8.6 Error Detection and Correction....................... 87 8.7 Types of Internet Connection........................ 89 8.8 Summary................................... 91 8.9 End of Topic Test............................... 92 9 Wireless Data Applications 93 9.1 Introduction.................................. 94 9.2 Wireless Personal Area Network (WPAN)................. 94 9.3 Wireless Local Area Network (WLAN)................... 96 9.4 Wireless Wide Area Network (WWAN)................... 97 9.5 Summary................................... 98 9.6 End of Topic Test............................... 98 Glossary 99 Answers to questions and activities 110 1 Common Network Protocols........................ 110 2 The OSI Network Model........................... 111 3 IP addresses and the Domain Name Service............... 112 4 The World Wide Web (WWW)....................... 113 5 The Implications of the WWW....................... 114 6 Network Security............................... 115

CONTENTS iii 7 Denial of Service Attacks and Disaster Recovery............. 116 8 Data Transmission.............................. 117 9 Wireless Data Applications......................... 118

1 Topic 1 Common Network Protocols Contents 1.1 What is a network protocol?............................. 3 1.2 Telnet......................................... 4 1.3 HTTP......................................... 5 1.4 FTP.......................................... 6 1.5 SMTP and POP3................................... 8 1.5.1 Email protocols................................ 8 1.5.2 Setting up email servers and clients.................... 8 1.5.3 The structure of an email address:..................... 9 1.6 Lower Layer Network Protocols........................... 10 1.6.1 Introduction to TCP/IP............................ 10 1.6.2 TCP...................................... 11 1.6.3 IP....................................... 11 1.6.4 Ports...................................... 12 1.7 Summary....................................... 12 1.8 End of Topic Test................................... 12 Prerequisite knowledge Before studying this topic you should know that many programs which are designed to work across a network come in two parts: - a client and a server. The server provides resources to the client and the client uses the resources provided by the server. You should know that on a network, every computer needs a unique address - this is necessary so that information can be correctly routed from one machine to another. On the Internet this unique address is known as the Internet Protocol (IP) address. IP addresses are translated into user-friendly domain names by the Domain Name Service (DNS). You should know that computers use agreed standards in order to make communication easy, and that a common data standard used to transfer information between computers is the American Standard Code for Information Interchange (ASCII). Learning Objectives After studying this topic you should be able to: Understand the need for protocols when connecting computers together in networks

2 TOPIC 1. COMMON NETWORK PROTOCOLS Describe the purpose of a number of common network protocols Understand how these protocols are linked to network applications Describe the functions of the networking protocols underlying the Internet

1.1. WHAT IS A NETWORK PROTOCOL? 3 Revision Q1: What is an IP address? a) The physical location of a computer b) The code which identifies the user on a network c) A unique number which identifies a computer on a network d) An internet web site Q2: What kind of data is ASCII code used to transmit? a) Text b) Graphics c) Audio d) Binary code Q3: Why do we need a Domain Name Service? a) Because people cannot always remember names of web sites b) To translate user-friendly domain names into IP addresses c) Because not all computers on the Internet have an IP address d) To give every computer on the Internet a unique IP address 1.1 What is a network protocol? A protocol is an agreed set of rules that two parties agree upon in order to communicate successfully. Protocols are the international agreements that make communication possible. In the context of a computer network, a protocol is a set of rules governing things like data format, handshaking (who speaks first) and control commands, which allow computers to communicate. As soon as it was possible to connect two computers together, it became necessary to develop software to enable computers and their users to communicate. The four main application areas where computer communications were developed are: accessing computers remotely accessing information on remote computers

4 TOPIC 1. COMMON NETWORK PROTOCOLS transferring files between computers sending and receiving email. The protocols associated with these applications are: Telnet File Transfer protocol (FTP) Hypertext Transfer protocol (HTTP) Simple Mail Transfer Protocol (SMTP) and Post Office Protocol (POP3) As we will see later, networks are best understood as a series of software layers with network applications functioning on the top layer. On this top layer, all of these protocols use ASCII code to initiate communication and transfer commands. The applications programs which make use of these protocols have changed over the years to reflect the increased use of Graphical User Interfaces (GUI)s. It is important to remember however that underneath the GUI is a network communications protocol consisting of simple ASCII text commands. All of these protocols rely on the concept of addressability between computers on a network This means that every computer on the network must have a unique identity known as an Internet Protocol (IP) address. 1.2 Telnet One of the first network applications programs developed was one which would allow a user to log into a remote machine. This program allowed them to log on using the machine they were sitting at as if it were a terminal connected directly to the remote machine. The software developed was named Telnet. and had no security built into it whatsoever other than the initial request for a login name and password on the remote system. Telnet has a command driven interface and all communication between the two machines is transferred as ASCII code. A typical Telnet session is started from a Telnet client by issuing a command to access the machine you wish to control. This is normally done by identifying it by its IP address or its domain name plus a port number (A port is a way of identifying a communication channel, allowing several channels to be open simultaneously) The remote machine must be running a Telnet server.

1.3. HTTP 5 Telnet is still used as a means of monitoring and controlling network devices such as a hub a switch or a Print Server etc. It can also be used as a primitive diagnostic tool to test web servers, mail servers, news servers and other remote network services. When a telnet connection is made between client and server, the connection is retained until the client disconnects. 1.3 HTTP The Hypertext Transfer Protocol (HTTP) is the protocol which provides many of the functions of the World Wide Web (WWW) today. Tim Berners-Lee is credited with the invention of the WWW He was working at the CERN research facility in Switzerland and had become very frustrated by the problems incurred when trying to access different files on a network of computers which were often running different operating systems and had complex storage systems. He came up with the idea of documents linked to other documents by means of a hyperlink. You can find out more about Tim Berners-Lee from: http://www.ideafinder.com/history/inventors/berners-lee.htm For the WWW to function, a web server needs to be running on a host machine and a web browser needs to be running on the client machine. (Although of course, server and client can be running on the same physical machine) When you enter a web address, the client machine issues a command to the web server requesting that the server sends the page to the client machine. The protocol used to access pages on the WWW is

6 TOPIC 1. COMMON NETWORK PROTOCOLS the Hypertext Transfer Protocol (HTTP) Although essentially this is just a file transfer system, the WWW makes accessing information much easier as the files are transferred transparently without each one being requested separately by the user and in fact the user need not even know where the files are being transferred from, or even if they are all coming from the same computer. Pages stored on the Web server are written in Hypertext Markup Language (HTML) HTML describes a document using embedded formatting controls ( tags) An HTML document is written in ASCII text, so it can be read by any machine which accesses it. When it receives the page, the browser interprets the HTML in order to lay out the text on the screen, requesting additional files such as graphics, multimedia content etc. from the web server as it needs them. HTTP transfers one file at a time and only maintains the connection between client and server while the file is being transferred. You can find out more about the commands available in the HTTP protocol from: http://www.opensta.org/docs/sclref10/imp3ln40.htm Pages on the WWW are identified by a Uniform Resource Locator (URL) A URL contains the protocol used, the server domain name or IP address, and the path-name of the file. e.g. http://servername.com/directory/filename.html Receiving a web page using Telnet In order to complete this exercise you will need to know the address of your network web server Start up Telnet and connect to your web server on port 80 Enter the following command: GET /index.htm HTTP/1.0 The server will return the contents of the page and close the connection 1.4 FTP File transfer is the moving of a file from one computer to another over a network. The protocol designed to achieve this is the File Transfer protocol (FTP) and it is one of the oldest protocols on the Internet. An FTP server program must be running on a host machine before a client FTP program can access it in order to transfer files to or from that machine. FTP requires an ID and password before the user can transfer files. Although the protocol is an old one, FTP programs have developed from the original command line versions to modern ones which offer an easy to use Graphical User

1.4. FTP 7 Interface (GUI) to users, with features such as multiple file selection, batch file transfer, automatic updates of web-sites, and synchronisation options. FTP is still the preferred option for transferring files from a local host to a remote computer when for example a web-site is being created or updated. In a situation like this, the user will have an ID and password which is required to access the remote FTP server, although FTP is not regarded as a particularly secure protocol since the user ID and password are transmitted without encryption. FTP is also the preferred option for downloading files from a remote site for such tasks as software installation or driver upgrades. In a situation like this the user will normally be able to use anonymous FTP where the user ID is "anonymous" and the password is their email address. Like Telnet, When an FTP connection is made between client and server, the connection is retained until the client disconnects. Using FTP to receive a file To complete this exercise your tutor will need to have set up an FTP server with anonymous access on your school or college network. Your tutor will tell you the name of the server, the path and the name of the file you should receive. You can see a summary of the FTP command set if you look at the following link: http://www.simotime.com/ftp4cmd1.htm Start up a command window and enter the command: FTP Once the FTP program has started, type in the following instructions: (The response you should get is shown in bold: Open server Connected to server 220 server Microsoft FTP Service (Version 4.0) user (server:( none)):anonymous 331 Annonymous access allowed, send identity (e-mail name) as password Password: username@domain name 230 Anonymous user logged in. cd path 250 CWD command successful. Get filename 200 PORT command successful. 150 Opening ASCII mode data connection for filename (20480 bytes). 226 transfer complete 20480 bytes received in 0.17 seconds (120.47 Kbytes/sec) quit

8 TOPIC 1. COMMON NETWORK PROTOCOLS 1.5 SMTP and POP3 1.5.1 Email protocols Electronic mail allows a message to be composed and sent to another person on a remote system. The protocols associated with electronic mail are the Post Office Protocol (POP3) and the Simple Mail Transfer Protocol (SMTP). SMTP specifies how mail is delivered from one computer to another. This protocol was originally designed for systems which were permanently connected together and allowed email to be relayed between machines so that it could be transferred from the sender s mail server across the world to the recipient s mail server. Although SMTP originally did not require any authentication (a mail server would accept mail forwarded from any other client or mail server) the problem of "Spam" (unsolicited commercial email), has meant that most mail servers are set up so that they require authentication before they will accept mail from another machine. The POP3 protocol was designed to allow users to collect mail stored on a remote mailbox. This is useful for users who connect over a dial-up connection and are not permanently connected to their mail server. The POP3 protocol requires the user to provide a username and password, but like Telnet and FTP, these are transmitted in plain unencrypted ASCII code. 1.5.2 Setting up email servers and clients When a you are setting up a mail client such as Eudora or Outlook Express, both the SMTP server and the POP3 server need to be specified. The SMTP server is used for sending mail, the POP3 server for receiving it. POP3 mail servers can also be set up on LANs for delivering email within an organisation, and this can be integrated with a POP3 mailbox provided by an Internet Service Provider (ISP) so that internal mail is circulated within the organisation but external email is dealt with by the ISP mail server. Ideally this integration is transparent to the user, so that there should be no obvious difference between sending an email to a colleague in the next room or one on the other side of the world other than the time it takes for it to arrive at its destination.

1.5. SMTP AND POP3 9 1.5.3 The structure of an email address: An email address has the following structure: username@domain name username is the recipient of the email, the domain name will usually consist of several words separated by full stops. You will learn more about domain names in the section on IP addressing and domain names. Theoretically the domain name identifies the computer that the email account is stored on. The last item in the domain name is called the top level domain and will consist of 2 or 3 letters. The top level domain often gives some indication of your affiliation or country of residence. For example: emile renoir@bigcompany.fr jimslate@smallcompany.co.uk Two letter top level domains are allocated to countries other than the United States. Examples are: Top level Domain.uk.fr.di.au.jp Country United Kingdom France Germany Australia Japan If you get email from someone, and there is no "at" sign (@), then that probably means they have the exact same domain as you. For example, if andy@companyname.com sends email to barry@companyname.com, Barry might see only Andy in the return address field. Receiving email from a POP3 server using Telnet To complete this exercise you will need to know the address of your POP3 mail server, your account name and password. Warning: When using TELNET, your password will be sent in plain ASCII code and if you have set the local echo on, it will be displayed on screen. Start up Telnet on your computer. You want to connect to your POP3 mail server on port 110. The machine you connect to should respond with an appropriate message. Once connected you can retrieve an email message in your mailbox using the following commands: user username The mail server should respond with something like: +OK username recipient ok pass password The mail server should respond with something like: +OK username s mailbox has 1

10 TOPIC 1. COMMON NETWORK PROTOCOLS total messages (813 octets) Here are some other POP3 commands to try list This command lists the messages in the mailbox retr 1 This command will retrieve the message you have requested - in this case message 1. topn5this command prints the header plus 5 lines of message n dele 1 This command deletes message 1 You can get more information on the POP3 commands by clicking on this link: http://www.freesoft.org/cie/rfc/1725/8.htm Extension: As an extension exercise you could try sending an email message using the SMTP protocol on port 25 You will need to have a close look at email headers and SMTP commands. This is an interesting exercise as it becomes clear how easy it is to send an email without having to identify yourself as the sender. You can find out more about the SMTP commands from the following link: http://www.the-welters.com/professional/smtp.html You could try posting a message to a news group on your local intranet news server if there is one set up on your network The newsgroup protocol is the Network News Transfer Protocol (NNTP) and the port is 119 You can find out more about the NNTP commands from the following link: http://netwinsite.com/dnews/guide.htm 1.6 Lower Layer Network Protocols 1.6.1 Introduction to TCP/IP As you will learn when you study the OSI Network model, computer network functions are divided into different layers to make them easier to implement. Protocols like HTTP and FTP operate at the top layer, but there are other protocols such as TCP and IP which operate on layers lower down. TCP/IP is the acronym for Transmission Control Protocol / Internet Protocol. These are the two protocols which have made connecting networks together and connecting to the Internet easy to achieve. TCP/IP was developed by the US Defence Advanced Research Project Agency (DARPA). DARPA implemented a Wide Area Network called ARPANET in the late 1960s which connected mainframe computers together over long distance telephone lines. ARPANET has since expanded beyond any of the expectations of its inventors and has grown into the Internet that we know today. TCP/IP has been adopted internationally as the standard for connecting computers to the Internet.

1.6. LOWER LAYER NETWORK PROTOCOLS 11 TCP/IP is actually made up of two protocols. The Transmission Control Protocol (TCP) which provides a reliable end-to-end link between hosts, and the Internet Protocol (IP) which defines a common method for exchanging packets among a wide collection of networks. 1.6.2 TCP When a file is to be transmitted between two computers on a network running TCP/IP then the file is broken down into chunks of data called packets. TCP is responsible for splitting the data into these packets and adding a header to each one. This header includes a sequence number which allows the file to be recreated at the receiving end by re-assembling the packets in the correct order. TCP is also responsible for retransmitting packets if it does not receive an acknowledgment that a packet has been received. On the same layer as TCP, the User Datagram Protocol (UDP) provides an unreliable Datagram delivery channel - UDP does not request re-transmission of lost packets and is used for services such as audio or video streaming where it is not so important that every packet is received. 1.6.3 IP The IP protocol is responsible for taking each datagram packet and adding its own header to allow the packet to be routed around between networks. As it is perfectly possible for packets to follow different routes to their destination, they might easily take different amounts of time to arrive and therefore be out of sequence when they do. As long as the packets can be re-assembled in the correct order by TCP using the sequence numbers which were added when the packets were created, then the transmission will have been successful and TCP will issue an acknowledgment.

12 TOPIC 1. COMMON NETWORK PROTOCOLS 1.6.4 Ports TCP and UDP introduce the concept of a port, since we often need several network connections to be functioning at the same time. Some common ports and the services that run on them are: Service Port File Transfer Protocol (FTP) 21 and 20 Telnet 23 Simple Mail Transfer Protocol (SMTP) 25 Hyper Text Transfer Protocol (HTTP) 80 Post Office Protocol (POP3) 110 By specifying ports and including port numbers with TCP/UDP data, multiple network connections can take place simultaneously. This is known as multiplexing, and is why you can collect your email and browse the Internet at the same time. The port number, along with the source and destination addresses for the data, together make a socket. 1.7 Summary Telnet is a protocol used to connect to a remote computer FTP is a protocol used to transfer files to and from a remote computer HTTP is a protocol used to retrieve web pages and other files from a web server SMTP is a protocol used to transfer email to a mail server POP3 is a protocol used to retrieve email from a mailbox on a mail server An email address consists of a username and a domain name separated by the @ symbol Telnet. FTP, HTTP, SMTP and POP3 all use plain text ASCII commands, although nowadays GUI front ends exist to make them easier to use TCP is a lower level protocol responsible for splitting a file to be transmitted into packets, each with a sequence number IP is a lower layer protocol responsible for routing packets around between networks A combination of a port and a TCP/IP connection is called a socket and allows several virtual connections to run on one machine at the same time. 1.8 End of Topic Test An online assessment is provided to help you review this topic.

13 Topic 2 The OSI Network Model Contents 2.1 Introduction to Network Architecture........................ 15 2.2 The Application Layer................................ 15 2.3 The Presentation Layer............................... 16 2.4 The Session Layer.................................. 16 2.5 The Transport Layer................................. 16 2.6 The Network Layer.................................. 16 2.7 The Data Link Layer................................. 17 2.8 The Physical Layer.................................. 17 2.9 Summary....................................... 17 2.10 End of Topic Test................................... 18 Prerequisite knowledge Before studying this topic you should know the difference between a node and a channel on a network. You should be familiar with the functions of a hub (multiport repeater), a switch and a routeron a network. You should be familiar with the idea of a network protocol, and the fact that different protocols operate at different levels - for instance the SMTP protocol operates at the level of an application such as an email client, whereas the TCP/IP protocol operates at the level of a node on the network. A host on a network usually means a node which provides a service - in effect a machine which can act as a server.

14 TOPIC 2. THE OSI NETWORK MODEL Learning Objectives After studying this topic you should be able to: Name and describe the functions of the 7 layers in the OSI Network model Understand the reasons for dividing network functions into a hierarchy of different layers Understand the reasons for Independence and transparency in network layers Revision Q1: What is a node in a network? a) A device on a network with a unique IP address b) A connection between two computers c) An Internet link d) A type of communications software Q2: What is a channel on a network? a) A device on a network with a unique IP address b) A connection between two nodes c) An Internet link d) A type of communications software Q3: What is these statements is false? a) A hub just retransmits packets to every node on the network b) A switch selectively retransmits packets according to the IP address of the destination machine c) A hub cannot reduce the number of collisions on a local area network d) A switch cannot reduce the number of collisions on a local area network

2.1. INTRODUCTION TO NETWORK ARCHITECTURE 15 2.1 Introduction to Network Architecture The Open Systems Interconnection (OSI) model was developed to ensure that communications equipment and networking software would be compatible. The OSI model divides the business of data transfer across a network into a number of different layers. The layers are hierarchical with each layer having a specific task to perform. The top layer is the applications layer which is the layer you are using when you send an email using an email client or view a web page using a web browser. The lowest layer is the physical layer which is concerned with the cabling and physical characteristics of the network. Each layer has been designed with a particular task in mind and communicates with the layers above and below it in the hierarchy. Each layer is independent. The OSI model is often referred to as the OSI network architecture There are several good reasons for using this hierarchical layered model: Transparency: From the point of view of each layer on a network, it behaves as if it is communicating directly with the equivalent layer on the receiving network. This means that from the user s point of view, the application layer on one network appears to pass information to the application layer on the other. In effect each layer actually passes data to the layer below when sending information and to the layer above when receiving information. In reality of course it is the physical layer (the cabling) which actually transmits the data. Hierarchy: From the point of view of the Application layer, the network application is transferring files such as email messages, images or web pages to the equivalent application on the computer it is connected to. As the data is passed by one layer to the layers below, these files are split into smaller segments, each with that layer s headers, error correction and sequence information added to them, until the data becomes a stream of bits transmitted via the physical layer. The reverse process takes place at the receiving end with the headers getting stripped out, segments reassembled until the application layer presents the user with the transmitted file. Each layer is responsible to the layer above and below it for ensuring that the data it receives and transmits remains intact. Independence: Because the layers are independent, it is possible to replace or upgrade one layer with another software version without having to change how the other layers communicate with it. This modularity means that parts of the system can be upgraded independently without changing the entire system. If you want to read an analogy which describes the functions of the 7 OSI layers look at this link. http://www.pe.net/~rlewis/resources/james.html 2.2 The Application Layer The Application Layer is the top layer of the OSI model. It provides a set of interfaces for applications to obtain access to networked services as well as access to the kinds of network services that support applications directly such as an email client, or an Internet browser.

16 TOPIC 2. THE OSI NETWORK MODEL Application Layer protocols include HTTP, FTP, SMTP and POP3. 2.3 The Presentation Layer The Presentation Layer handles data format information for networked communications. This is done by converting data into a standardised format that can be understood by both sides. The presentation layer might also be responsible for character code conversion, compression or encryption. It also controls file locking and security at the user level - this is why if a file is already open for writing on a network drive, another user cannot also open it for writing. Standards such as MIDI, HTML, GIF, ASCII might be used at this layer. 2.4 The Session Layer The Session layer manages log on procedures and password recognition. It permits two parties to hold ongoing communications called a session across a network. 2.5 The Transport Layer The Transport layer breaks up the file into segments for transport to the network, and combines incoming segments into a contiguous file. The Transport layer is responsible for creating and maintaining the basic end-to-end connection between communicating systems, ensuring that the bits delivered to the receiver are the same as the bits transmitted by the sender; in the same order and without modification, loss or duplication. The transport layer guarantees an error free connection between two hosts. The TCP and UDP protocols operate at this level. Typically the transport layer and those above it run on hosts in a network and not on intermediate equipment in between whereas the lower three layers are implemented on all network nodes such as routers switches or hubs. 2.6 The Network Layer The Network layer is concerned with the path through the network. It is responsible for routing, and controlling the flow of information between hosts. The Network layer converts the segments into smaller datagrams that the network can handle: network hardware source and destination addresses are also added. The Network layer does not guarantee that the datagram will reach its destination. The Network layer works in units of packets. The IP protocol is used at this layer.

2.7. THE DATA LINK LAYER 17 Network Routers operate at this level as they are responsible for routing packets between networks. 2.7 The Data Link Layer The data link layer is responsible for putting data into frames or packets along with error checking data. In an Ethernet network the Data Link layer works in units of frames. In the opposite direction the Data Link Layer transforms a stream of raw bits (0s and 1s) from the physical into a data frame and provides an error-free transfer from one node to another, allowing the layers above it to assume virtually error-free transmission. The Data Link layer is a firmware layer of the Network Interface Card. (NIC) where the Ethernet network standard is implemented. Network switches also operate at this layer. 2.8 The Physical Layer The function of the Physical Layer is to transform bits in a computer system into electromagnetic (or equivalent) signals for a particular transmission medium (wire, fibre, ether, etc.) The Physical Layer defines items like the type of cabling (coax, twisted pair, etc.), the frequency of operation (10 Mbps, 100Mbps, etc.), voltage levels, and network topology (star, bus, ring, etc) The Physical layer functions in units of bits. Network hubs and repeaters operate at this layer. Try these links to find out more about the OSI/ISO architecture model http://split.org/storage/osireference.pdf http://www.corrent.com/pdfs/osi ppin.pdf http://download.wg.com/techlibrary/decodes.pdf Although for obvious reasons, electronic communication is used in computer networks, the protocols themselves do not actually stipulate this. There exists an implementation of TP/IP using pigeons as carriers, which although suffering from low bandwidth, illustrates the fact that the protocols are not specific to any one communications medium. You can read more about this idea here: http://www.blug.linux.no/rfc1149/ 2.9 Summary The OSI model divides networks into seven layers Layers are hierarchical, transparent, and independent

18 TOPIC 2. THE OSI NETWORK MODEL The Application layer provides interfaces for network applications The Presentation layer handles data format information The Session layer manages log-on and password authentication The Transport layer breaks up file into segment for transport over a network and guarantees that these segments are not lost The Network layer routes packets The Data Link layer guarantees error free transmission The Physical layer transmits bits over physical medium 2.10 End of Topic Test An online assessment is provided to help you review this topic.

19 Topic 3 IP addresses and the Domain Name Service Contents 3.1 Introduction to IP Addresses and the Domain Name Service........... 20 3.2 The structure of an IP address........................... 21 3.3 Classes of IP address................................ 21 3.3.1 Private IP addresses............................. 23 3.3.2 Subnetmask................................. 24 3.3.3 Localhost................................... 25 3.3.4 Static and Dynamic IP addressing..................... 25 3.4 Domain Names.................................... 25 3.4.1 Domain Name Service (DNS)........................ 27 3.5 Limitations of the IP address system........................ 29 3.6 Summary....................................... 29 3.7 End of Topic Test................................... 30 Prerequisite knowledge Before studying this topic you should know that computers on the Internet are uniquely identified by their IP address and that the World Wide Web (WWW) uses a Name Resolution system so that user friendly domain names can be mapped to a machine s IP address. You should know that computers on a network which provide a service to other users are often referred to as hosts. Learning Objectives After studying this topic you should be able to: Describe the structure of an IP address Explain the three different classes of IP address Understand the difference between static and dynamic IP addressing Understand some of the limitations of IP addressing Describe the Domain Name Service (DNS)

20 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE Revision Q1: Which of these is a host? a) A network link b) A networked printer c) A networked machine running a mail server d) A multi-port repeater (hub) Q2: Which of the these is not a host? a) A networked machine running a web server b) A print server c) A router d) A multi-port repeater (hub) Q3: What is an IP address? a) The physical location of a computer b) The code which identifies the user on a network c) A unique number which identifies a computer on a network d) An internet web site Q4: Why do we need a Domain Name Service? a) Because people cannot always remember names of web sites b) To translate user-friendly domain names into IP addresses c) Because not all computers on the Internet have an IP address d) To give every computer on the Internet a unique IP address 3.1 Introduction to IP Addresses and the Domain Name Service An Internet Protocol (IP) address is the way the Internet Protocol distinguishes computers (or more specifically Network Interfaces) that exist on the same network. On any one network, you cannot have two computers sharing an IP address, as this would make it impossible to distinguish between them when trying to send data from one computer to another. You can however have a single computer with two network Interface Cards (NIC)s fitted, each one with its own IP address. In this case the computer would be connected to two different networks. Routers are computers like this. All computers that are connected together on the Internet (or on a private LAN) need unique IP addresses. Because IP addresses are difficult to remember, we use Domain names to identify them instead. When we connect to a remote computer using a domain name such as google.co.uk, a system known as the Domain Name Service (DNS) translates the domain name into an IP address (216.239.41.100 in this case) so that the correct computer can be found.

3.2. THE STRUCTURE OF AN IP ADDRESS 21 3.2 The structure of an IP address An IP address is a 32-bit number separated in to four 8-bit parts called octets. The four parts like a postal address, with the difference that the detail is ordered from right to left instead of left to right. The first number of the IP address is the most general and the last is the most specific. An IP address can be divided into 2 sections, - the network identifier and the host identifier. There are three ways to split the IP address. Class A Class B Class C nnn.hhh.hhh.hhh nnn.nnn.hhh.hhh nnn.nnn.nnn.hhh where n = network identifier, h = host identifier The network identifier is used to route packets to the correct destination network. Once a packet reaches the network which requested it, the network part of the address is ignored and the packet is routed to the correct host using the host identifier. 3.3 Classes of IP address Since each computer on the Internet needs a different IP address, there has to be some way of sharing out the IP addresses so that large companies and organizations have one for each of their computers, while letting smaller organizations have some as well. Since there are a small number of large organizations and a large number of small organizations, ranges of IP addresses can be allocated by giving large organisations blocks of Class A addresses and small organisations blocks of Class B or Class C addresses. Class A addresses have their first octet in the range 1 to 126. Class B addresses have their first octet in the range 128 to 191 and Class C addresses have their first octet in the range 192 to 223. A very large company with very complex internal networks may be allocated a Class A address block such as 115.*.*.*. This would give a total of about 16 million possible IP addresses. There are only 127 Class A address blocks, and no more are to be allocated. Class B addresses are common for large companies, allowing a block of around 65000 IP addresses. When a Class B IP address is allocated, (say 135.113.*.*), the first two numbers identify that company network. The company can give any IP address in that block to any computer on their network. Class C addresses are the third type, giving 254 possible IP addresses for any one block (0 and 255 are reserved for particular functions). Here, the first three octets are specified, and the remaining field is allocated by the owner of the address. Networks that are directly connected to the Internet are usually connected to an Internet Service Provider (ISP) via a full time connection (such as a cable or leased line) The ISP informs the network administrator which IP addresses can be used on the network, and a router controls the delivery of packets to the appropriate IP address on

22 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE the network. Small ISPs typically have 1 or 2 Class C licenses, providing 250 to 500 IP addresses. When you dial up an ISP with a modem, your computer is temporarily allocated an IP address. This will be in the range of the Class C licences that they own. If you want to know more about classes of IP address have a look at the following links: http://www.networkclue.com/routing/tcpip/index.php http://compnetworking.about.com/library/weekly/aa042400b.htm There are two other special classes of IP addresses: Class D addresses have their first octet in the range 224 to 239 and are used for multicast. Multicast is a way of defining a group of nodes and only sending packets to these nodes instead of every node on the network (Broadcast) Class E addresses have their first octet in the range 240 to 255 and these are reserved for experimental purposes.

3.3. CLASSES OF IP ADDRESS 23 3.3.1 Private IP addresses Private IP addresses are ranges of IP addresses that are "known not to exist " on the Internet. This means that no computer on the Internet will ever be assigned these addresses. These can safely be used in internal Local Area Networks (LAN)s, as they have no direct connection to the Internet. One example of a Private IP range is from 192.168.0.1 to 192.168.0.254. The private IP ranges that are not allocated on the Internet are: 10.0.0.0 to 10.255.255.255 Class A 172.16.0.0 to 172.31.255.255 Class B 192.168.0.0 to 192.168.255.255 Class C Note that 0 and 255 are reserved in any class. 255.255.255.255 is the global broadcast address. The advantages to using private IP addresses on a network is that you can use a proxy server with single public IP address to access the network. The proxy server forwards requests for web pages or other Internet services as if they were its own. This means that only one IP address is presented to the outside world, protecting machines on the network from external attack, and avoiding the purchase of more than one IP address. This arrangement is known as Network Address Translation (NAT)

24 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE 3.3.2 Subnetmask A local Area Network (LAN) might uses the private IP range 192.168.0.1 to 192.168.0.254. When assigning an IP address to a machine a subnetmask must be specified. In the case of a small network, the subnetmask 255.255.255.0 could be used. A subnetmask is a way of saying which bits to ignore in the address when checking for a match. So if the subnetmask is 255.255.255.0 then it ignores the last 8 bits of the address (last octet) when checking to see if an IP address applies to the destination network or not.

3.4. DOMAIN NAMES 25 When matching an IP address, a network machine will try the following options in this sequence: 1 Look for an exact match (equivalent to a subnetmask of 255.255.255.255) Look for a match with the existing subnetmask (255.255.255.0) i.e. an address in 2 the range 192.168.0.1 to 192.168.0.254 in this case. 3 Use the default route (usually the IP address of the router) This means that a local network address will always be matched to the correct machine before checking for that address on the Internet. 3.3.3 Localhost Localhost is a special term in TCP/IP. 127.0.0.1 is the localhost (loopback interface) this is a software only interface, which is internal to the machine, and is not accessible over any external connection. It does not matter what the IP address of your machine is, 127.0.0.1 will always refer to the local computer. This means that this interface can only be accessed from the computer itself. If a computer wants to talk to itself on a different port, it can use localhost or 127.0.0.1 If you have a web server running on a machine, then you can test out internet pages on that server without a network connection by connecting to the address: http://localhost The command ping localhost will return the IP address 127.0.0.1 as well as the name of your computer. 3.3.4 Static and Dynamic IP addressing Static IP addressing is where every host on a network has a fixed IP address. Dynamic IP addressing is where hosts are allocated IP addresses when they are connected to the network, but that IP address can be used by another machine when the host is disconnected. Dynamic IP addressing is often implemented where there are more potential hosts than there are IP addresses available, for instance where an ISP has a range of IP addresses and these are dynamically allocated to customers when they connect to the Internet via a modem. On a LAN, dynamic IP addressing is often used in order to avoid the possibility of two machines being allocated the same IP address. The server runs a DHCP (Dynamic Host Configuration Protocol) service which allocates IP addresses from a range specified by the network manager to machines whenever they connect) 3.4 Domain Names A Domain Name is the unique name that identifies an Internet site. Domain Names always have 2 or more parts, separated by dots. The part on the left is the most specific, and the part on the right is the most general. For example in the domain name: my comany.com

26 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE my company refers to a specific company and.com refers to the commercial domain. Examples of three letter top level domains are: Top level Domain Meaning.com Commercial business, a company.net Network provider, Internet Service Provider.gov Governmental agency.edu Educational institution.org Non-profit institution.mil US. military.int International organisation Two letter top level domains are allocated to countries other than the United States. Examples are: Top level Domain.uk.fr.di.au.jp Country United Kingdom France Germany Australia Japan Note that my company.com and my company.co.uk are treated as different domains, but may point to the same Internet site. Two or more domain names may point to the same machine, but a domain name can only ever refer to one machine. Many companies will register their names in a number of top level domains so that people can find them easily, and so that they do not get their company name hijacked by competitors. If you want to know more about top level domains have a look at he Internet Assigned Numbers Authority (IANA) web site http://www.iana.org/domain-names.htm It is possible for a Domain Name to exist but not be connected to an actual machine. This is often done so that a group or business can have an Internet e-mail address without having to establish a real Internet site. In these cases, some real Internet machine must handle the mail on behalf of the listed Domain Name. Name resolution is the system of mapping a domain name to its IP address. This is done on the Internet by the Domain Name Service. The domain name system on the WWW is regulated by an organisation called InterNIC. If an company wishes to have a presence on the WWW then the first step is usually to pay an accredited registrar a to register one or more domain names for them. In the UK the organisation responsible for overseeing the registration is Nominet. Once that has been done, the next step is to pay to host a web site. The company hosting the web site will provide details of the name servers which will resolve the domain name to an IP address and this information needs to be given to the registrar. Once this information has propagated around the WWW, typing the domain name into a browser will result

3.4. DOMAIN NAMES 27 in the name being resolved to an IP address and the appropriate web page should be accessible. Many companies offer an all-in one service of registration and hosting, and many will build company web sites as part of this service as well. You can find out more about Nominet from this link. http://www.nic.uk/ You can find out more about registering domain names and InterNIC from this link http://www.internic.net/faqs/authoritative-dns.html 3.4.1 Domain Name Service (DNS) The Domain Name Service (DNS) sometimes called the Domain Name System translates the names which we use to identify hosts into an IP address. The DNS database is stored on a hierarchy of dedicated servers. (The DNS database is the foundation of all communication on the Internet, so it is very important that this service is available at all times) When you request a web page on the Internet, a piece of software called the DNS resolver (usually built into the network operating system) first contacts a DNS server by sending it a UDP packet in order to determine the server s IP address.(obviously the resolver needs to know the IP address of the DNS server in order to do this) If the DNS server does not contain the information needed, it will in turn forward the request to a DNS server at the next higher level in the hierarchy. This continues until the correct IP address is returned to the machine requesting the file. Name servers are arranged in a hierarchy, with a top level domain for each country together with the six domains: edu, com, gov, mil, org and net. Each of these domains is sub-divided, with each sub division maintaining a name server (usually at least two, so that if one fails there is still another available to supply the relevant information) On a very small scale within a LAN, each computer may have a hosts file which is a text file which maps IP addresses on the LAN to host names. A hosts file may read something like this: 127.0.0.1 localhost 192.168.0.1 gateway 192.168.0.2 intranet 192.168.0.3 mailserver Early in the history of the Internet a central authority called the Network Information Centre maintained a table like this, with a list of all address to name bindings. This table was emailed out to all hosts on the Internet every time it was modified. The system became far too cumbersome once the number of hosts on the Internet grew, and certainly would not be practical nowadays. Hosts files like this can still be useful on a small network if they use a slow connection to the Internet. If you place commonly used hosts such as Google or Yahoo in your hosts file, then this will speed up access times as your machine will not need to contact a Domain Name Server in order to get the IP address of these commonly used sites.

28 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE Using the Domain Name Service Use the following address to look up the IP address of some popular web sites. http://www.bankes.com/nslookup.htm If your LAN has A DNS server running, try the using the PING command to find out the address of stations on your network. The following is the result of issuing a "ping gateway" command on a network where the DNS server is able to map the machine name "Gateway" to the IP address 192.168.0.1 ping gateway Pinging gateway [192.168.0.1] with 32 bytes of data: Reply from 192.168.0.1: bytes=32 time=1ms TTL=128 Reply from 192.168.0.1: bytes=32 time=1ms TTL=128 Reply from 192.168.0.1: bytes=32 time=1ms TTL=128 Reply from 192.168.0.1: bytes=32 time=1ms TTL=128 Ping statistics for 192.168.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms Using Ipconfig The ipconfig command will give you the IP address and other settings for your machine. The following is the result of using the ipconfig command on a machine using NAT connected to an ISP using a dial-up modem. Windows 2000 IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : IP Address............ : 192.168.0.1 Subnet Mask........... : 255.255.255.0 Default Gateway......... : PPP adapter Freeserve: Connection-specific DNS Suffix. : IP Address............ : 81.78.26.86 Subnet Mask........... : 255.255.255.255 Default Gateway......... : 81.78.26.86 Note that there are two IP addresses given - the Ethernet adapter which is connected to the local area network using private IP addresses and the PPP (dialup) adapter connected to the service provider with a dynamically allocated IP address.

3.5. LIMITATIONS OF THE IP ADDRESS SYSTEM 29 Using nslookup You can use the nslookup command from a command prompt to get a domain name from an IP address, or an IP address from a domain name. In this example the users commands are in bold with the response following nslookup www.microsoft.com Server: resolver2.svr.pol.co.uk Address: 195.92.195.95 Name: www2.microsoft.akadns.net Addresses: 207.46.134.189, 207.46.249.29, 207.46.245.92, 207.46.249.189 207.46.245.156, 207.46.134.221, 207.46.134.157, 207.46.249.221 Aliases: www.microsoft.com, www.microsoft.akadns.net nslookup 207.46.134.189 Server: resolver2.svr.pol.co.uk Address: 195.92.195.95 Name: origin2.microsoft.com Address: 207.46.134.189 3.5 Limitations of the IP address system The Class A B and C system of allocating IP addresses is very inefficient, particularly where Class A and B addresses are concerned as many allocated IP addresses may remain unused. With more and more devices being connected to the Internet there is concern that the world will run out of IP addresses. There are two possible solutions to this problem. One is to extend the number of IP addresses using a 6 octet system known as IPv6. IPV6 is a system of IP addressing which among other improvements, increases the IP address size from 32 bits to 128 bits, making a possible maximum number of 3.4X10 38 addresses The other solution is to dispense with the IP Class system and use Classless Inter Domain Routing (CIDR) uses IP addressing space more efficiently by making it possible to allocate part of a block to a network instead of the whole block. 3.6 Summary An IP address consists of four 8 bit numbers called octets An IP address can be divided into two sections - a network identifier and a host identifier. IP addresses can be classed as A B or C depending on the number of octets used as the host identifier Private IP addresses and a Proxy Server can be used on Local Area Networks to

30 TOPIC 3. IP ADDRESSES AND THE DOMAIN NAME SERVICE provide Network Address Translation (NAT) Static IP addressing is where every machine on a network has a fixed IP address Dynamic IP addressing is where an IP address is allocated from a pool of addresses The Domain Name Service translates user friendly domain names into IP addresses using Name Resolution 3.7 End of Topic Test An online assessment is provided to help you review this topic.

31 Topic 4 The World Wide Web (WWW) Contents 4.1 Introduction to the World Wide Web........................ 33 4.2 The Structure of a Web Page............................ 34 4.2.1 Structure and Text Tags........................... 34 4.2.2 Element Attributes.............................. 34 4.2.3 Link and Image Tags............................. 34 4.2.4 Why Understanding HTML is Important.................. 35 4.2.5 Extensible Hypertext Markup Language (XHTML)............ 35 4.2.6 Stylesheets.................................. 36 4.3 Types of Browser................................... 36 4.3.1 Introduction.................................. 36 4.3.2 Microbrowsers................................ 37 4.3.3 Wireless Application Protocol (WAP).................... 37 4.3.4 The difference between HTML and WML................. 38 4.3.5 Wireless Markup Language (WML)..................... 38 4.4 Search Engines.................................... 39 4.4.1 Introduction.................................. 39 4.4.2 Types of Search Engine........................... 39 4.4.3 How do Indexed Search Engines Work?.................. 40 4.4.4 Meta Tags................................... 40 4.4.5 Meta-Search Engines............................ 40 4.5 Summary....................................... 41 4.6 End of Topic Test................................... 41 Prerequisite knowledge Before studying this topic you should know about the services provided by the Internet such as the WWW. You should know that every web page has a unique address or Uniform Resource Location (URL) which includes the protocol used, the domain name and the path and file name of the page referred to: http://domain name/directory/sub directory/filename.htm

32 TOPIC 4. THE WORLD WIDE WEB (WWW) The HTTP at the beginning stands for Hypertext Transfer Protocol (most web browsers assume the HTTP protocol if no other one is specified and so do not need this included in the URL). You should also be familiar with using a search engine and navigating web pages using hyperlinks. Learning Objectives After studying this topic you should be able to: Describe the structure of a web page written in HTML Be able to create a simple HTML web document Explain the difference between a browser and a micro-browser Describe the Wireless Markup Language (WML) Describe the various methods used by search engines to build their indexes

4.1. INTRODUCTION TO THE WORLD WIDE WEB 33 Revision Q1: What is a hyperlink? a) A connection between two machines on the Internet b) A downloadable file c) A clickable link on a web page which links to another page on the Internet d) A type of web browser Q2: Which of these is not part of a Uniform Resource Locator? a) A protocol b) A domain c) A host d) A file path Q3: Which is the best search string to use if you want to find out about Scottish football? a) Football b) Soccer c) Scotland d) "Scottish football" 4.1 Introduction to the World Wide Web We learned in the section describing the HTTP protocol, that when a web browser requests a file from a web server, it interprets the Hypertext Markup Language (HTML) script in the file in order to format the web page on the screen for the user. We are going to look more closely at the HTML script on a web page and how it influences how a web page looks. A markup language is one which annotates text with additional information about how it should be displayed. HTML uses tags to annotate the text of a web page. Tags in a web page are used to identify elements. Elements and should always have a start and an end tag around them (Although some browsers are more forgiving than others on this requirement, it is always best to start and finish tags properly so that your web pages conform to the new XHTML standard) Tags can be nested inside each other. Here is an example of a simple web page ØÑÐ Ø ØÐ ÅÝ Ö Ø Û Ô»Ø Øл Ó Ý ½ Ï ÐÓÑ ØÓ ÑÝ Ö Ø Û Ô» ½ Ô Ì Ø ÓÒ Ò ÒÓÖÑ Ð Ø ÜØ»Ô Ô Ì Ø ÓÒ Ò Óл»Ô Ô Ù Ì Ø ÓÒ ÙÒ ÖÐ Ò»Ù»Ô» Ó Ý

34 TOPIC 4. THE WORLD WIDE WEB (WWW)» ØÑÐ This file (test.txt), can be downloaded from the course web site. If you type this text into a text editor and save it as "test.htm" then you can see the results when you open it in a web browser. 4.2 The Structure of a Web Page 4.2.1 Structure and Text Tags In the example above, the ØÑÐ and Ó Ý tags were structure tags. Structure tags are used to define the structural elements of a web page. The ØÑÐ tags surround the whole file and determine what type of file it is. The tags define the head element containing some information about the html file (such as its title which is contained in the Ø ØÐ tag). The Ó Ý tags surround the main content of the file. Also in the example above, there are text tags. The ½ (headline size 1), Ô (new paragraph), (bold) and Ù (underline) tags all define different text elements. 4.2.2 Element Attributes An element defined by a tag can also have an attribute. An attribute gives additional information about an element. This additional information often relates to the appearance or layout of an element such as colour or size. For example: Ó Ý ÓÐÓÖ Ð Ø ÐÙ In this case the body element of the page will be shown with a light blue background Ô Ð Ò ÒØ Ö In this case the paragraph element will be centred 4.2.3 Link and Image Tags The link and image tags on a web page are what provide the interactivity which we are so familiar with on web pages. Add this line to your test.htm file and refresh it in the browser to see the effect. Ö ØØÔ»»ÛÛÛº ÓÓ Ð ºÓºÙ» Ð Ö ÓÖ ÓÓ Ð» In this example the tags surround the link element. Its attributes in this case are the URL for the Google web page and the text which will show as the link. Add this line to your test.htm file and refresh it in the browser to see the effect. Ñ Ö ØØÔ»»ÛÛÛº ÓÓ Ð ºÓºÙ» ÒØл Ò Ù» Ñ»ÐÓ Óº Ð Ò Ð Ø ÐØ ÓÓ Ð ÐÓ Ó» Ñ In this example the Ñ tags surround the image element. Its attributes in this case are the URL of the Google logo, its alignment, and an alternative text which appears

4.2. THE STRUCTURE OF A WEB PAGE 35 when you move the mouse over the picture. You can learn more about HTML tags from the following link http://archive.devx.com/projectcool/developer/reference/tag-table.html 4.2.4 Why Understanding HTML is Important Web authoring software enables developers to create web pages using a WYSIWYG (What You See Is What You Get) approach, but it is still very important to understand how the underlying HTML code works so that you can sort out the inevitable problems which occur. Not all browsers display HTML in the same way. Not all versions of a browser will interpret HTML code in the same way. Even the same version of a browser on a different platform may interpret the same HTML code in different ways. HTML authoring should primarily be about the structure of a document. It allows you to declare that something is a heading or a quoted section, or an itemised list, but the details of the presentation (how to list items in an itemised list or how to display a heading) are not specified. Ideally you should keep the Structure, Content and Presentation of a web page separate. Writing your own web page in HTML Use a text editor to edit the page outlined in this section. You should try out a number of different tags from the link above. You should create at least three pages, linked to each other, with a graphic on at least one page and at least one external link. If you are feeling adventurous, see if you can create a table to lay out the content of your page. 4.2.5 Extensible Hypertext Markup Language (XHTML) The Extensible Hypertext Markup Language (XHTML) has slightly stricter rules for its tags than HTML, but it is worth making your HTML documents conform to XHTML as it allows pages to be used with XML tools. XML is a standard which describes a method of encoding data in a form which makes it non application specific. XHTML rules include: All documents must have a type declaration All elements must be closed (they must have start and stop tags) Tag names must be in lower case Tags must be properly nested - tags cannot overlap лл is not allowed.

36 TOPIC 4. THE WORLD WIDE WEB (WWW) To make the original example above a valid XHTML file we need to add the document type declaration at the beginning of the file. Ç Ì È ØÑÐ ÈÍ ÄÁ ¹¹»»Ï» Ì ÀÌÅÄ ½º¼ ËØÖ Ø»» Æ ØØÔ»»ÛÛÛºÛ ºÓÖ»ÌÊ»Ü ØÑл Ì»Ü ØÑн¹ ØÖ Øº Ø ØÑÐ Ø ØÐ ÅÝ Ö Ø Û Ô»Ø Øл Ó Ý ½ Ï ÐÓÑ ØÓ ÑÝ Ö Ø Û Ô» ½ Ô Ì Ø ÓÒ Ò ÒÓÖÑ Ð Ø ÜØ»Ô Ô Ì Ø ÓÒ Ò Óл»Ô Ô Ù Ì Ø ÓÒ ÙÒ ÖÐ Ò»Ù»Ô» Ó Ý» ØÑÐ This file (validxhtml.txt), can be downloaded from the course web site. 4.2.6 Stylesheets Early HTML specifications included style tags to allow the web designer to specify font types and font sizes. It was realised that it is better to separate structure from presentation as far as possible The way to achieve this is to keep the instructions on how to display certain types of element in a separate document known as a stylesheet. For example a stylesheet may specify a colour for all level one headers. They can also specify spacing alignment, margins and font sizes. Stylesheets are useful because they can be used to maintain a consistent style across an entire web site. Changing an attribute of an element in the stylesheet will change the attributes of that element wherever they appear in the site. 4.3 Types of Browser 4.3.1 Introduction Modern browsers commonly incorporate email, news and HTML editing facilities. They provide facilities for users to save commonly used addresses, keep a history of pages visited, and have built in links to useful web sites. Many browsers will save images on a local hard disk to speed up the retrieval of web pages which have already been visited (this is referred to as caching). They may also incorporate plugins for multimedia content such as audio, animation, video and interactive 3D. A plugin is a piece of software which allows a browser to display content normally associated with other applications such as a word processor or video player. A browser interprets the HTML code on a downloaded web page in order to present the content of the page and the files linked to it for the user. A microbrowser is a browser designed for use with a mobile device.

4.3. TYPES OF BROWSER 37 4.3.2 Microbrowsers A microbrowser is one designed for use with a wireless handheld device such as a mobile phone or Personal Digital Organiser (PDA) Microbrowsers are written to be as small as possible to make best use of the low memory available on handheld devices and the low-bandwidth constraints of the wireless-handheld networks. 4.3.3 Wireless Application Protocol (WAP) HTTP is not ideal as a transport protocol for wireless communication via hand-held devices as it is not optimised for low bandwidth. For this reason a new protocol was developed called the Wireless Application protocol (WAP) Just as HTTP is used to retrieve pages written using HTML, WAP is used to retrieve pages written using Wireless Markup Language (WML) The typical characteristics of WAP enabled devices are: They have small low resolution screens so cannot display a lot of information at once They do not have powerful processing capabilities so cannot deal easily with multimedia content They do not usually have a keyboard, so typing in a URL is likely to be much more difficult than on a normal computer The wireless networks they use operate at a much lower bandwidth than desktop computers so content has to be primarily text based rather than graphical. Although all these may be seen as disadvantages, the main advantage of WAP enabled devices is the fact that they can access the Internet without a physical connection - anywhere you can use a mobile phone.

38 TOPIC 4. THE WORLD WIDE WEB (WWW) 4.3.4 The difference between HTML and WML Whereas HTML was designed for creating documents, WML was designed for creating applications. HTML documents are designed to be read on browsers running on powerful desktop machines with cheap reliable connections, and a user may spend several minutes reading an HTML document. WML applications are designed to run on mobile WAP enabled devices with small screens, low power processors and an expensive connection. Users of WAP enabled devices need short menus and easily read questions in order to find what they need. Users want to be connected for as little time as possible. WML files are sent to microbrowsers in a compact form known as WAP Binary XML (WBXML). This compact form is compiled by WAP gateway on the Internet. The compilation is mostly a process of converting tags and elements in a WML document into pre-defined single character codes. This represents a considerable saving in file size. 4.3.5 Wireless Markup Language (WML) A WML application consists of one or more decks containing collections of cards. Each card typically contains some content displayed to the user and some other content used by the microbrowser to control how the user moves from one card to another. The idea of bundling a deck of related cards together means that several of them can be sent together without the browser requesting a new card from the server every time a user moves from one card to another. The compiled size of a deck is limited to 1.4Kb. Here is the text of a simple WML file: ÜÑÐ Ú Ö ÓÒ ½º¼ Ç Ì È ÛÑÐ ÈÍ ÄÁ ¹»»Ï È ÇÊÍÅ» Ì ÏÅÄ ½º¾»» Æ ØØÔ»»ÛÛÛºÛ Ô ÓÖÙѺÓÖ» Ì»ÛÑн¾º Ø ÛÑÐ Ö Û ÐÓÑ Ô Ï ÐÓÑ ØÓ ÑÝ Ï È Ø»Ô Ô Ö Ö ÒØ Ö ÓÖ À Ö ÓÙÖ Ø Ð»»Ô» Ö Ö Ö Ô ÓÙÖ Ø Ð»Ô Ô À Ö ÓÑÔÙØ Ò»Ô Ô ÓÑÔÙØ Ö ËÝ Ø Ñ»Ô Ô ËÓ ØÛ Ö Ú ÐÓÔÑ ÒØ»Ô Ô ÇÔØ ÓÒ Ð ÌÓÔ»Ô Ô Ö Û ÐÓÑ ØÓ Û ÐÓÑ Ö»»Ô» Ö»ÛÑÐ As you can see it is very similar to XHTML. The file starts with a Document Type Declaration (DTD) Elements are defined by start and end tags. In this case the card elements have their id attributes specified so that a user can move between the two cards in the deck. You do not need to use a WAP enabled phone to view a WML page like this - it is possible

4.4. SEARCH ENGINES 39 to download a phone emulator so that you can view WML files on-line without having to use a mobile phone. This is a much cheaper way of testing out a WML application. Testing a WAP application Your tutor will need to have installed a WAP emulator on your network before you will be able to complete this exercise. Create the application in the previous section and then modify it to add two more cards with links between them. 4.4 Search Engines 4.4.1 Introduction Searching for information on a WAN like the Internet can be a difficult but rewarding process. Many web sites offer a search facility which will search for a specific word or phrase on pages within the site itself. This can be useful on technical web sites or information sites such as those belonging to news organisations or government agencies. Searching for information where the entire Internet is the area you are looking in is bound to be a more complicated and inexact process because the Internet is so large and is changing so rapidly. URLs are often difficult to remember and it is easy to make mistakes when typing them into the address field in an Internet browser. For this reason most Internet browsers provide a means of saving frequently visited pages in a favourites or bookmarks folder, and many organisations provide search facilities on the web to make finding pages easier. 4.4.2 Types of Search Engine There are two main types of search facility available: crawler based search engines have databases which are selected and built by computer robot programs called spiders. These programs "crawl" the web in their hunt for pages to include, They find the pages for potential inclusion by following the links in the pages they already have in their database, but also rely on contributors submitting their web pages to be indexed. The software "crawls" through the web indexing pages as it goes, using the content of pages, their titles, and content HTML tags as a means of building the index. Look at this link to see an example of an indexed search engine: http://www.google.com Directories are human powered indexing facilities which are built up by users and editors working for the directory company. Users submit a short description to the directory for their entire site, or editors write one for sites they review. When a query is entered, the search engine only looks for matches in the descriptions submitted. Look at this link to see an example of a directory search engine:

40 TOPIC 4. THE WORLD WIDE WEB (WWW) http://www.yahoo.com Many search facilities on the Web now provide access to both sorts of search results. 4.4.3 How do Indexed Search Engines Work? Search Engines do not really search the World Wide Web directly. Each one searches an index built from the text of web pages the search engine has looked at. When you click on a link provided by a search engine s results, you retrieve the current version of the page. If a web page is never linked to in any other page, search engine spiders cannot find it. The only way a brand new page - one that no other page has ever linked to - can get into a search engine is for its URL to be submitted by a human to the search engine companies as a request that the new page be included. All search engine companies offer ways to do this. Once a spider finds a page, it passes it on to another program for "indexing." This program identifies the text, links, and other content in the page and stores it in the search engine database files so that it can be searched by keyword and whatever more advanced approaches are offered. 4.4.4 Meta Tags A meta tag is an HTML tag which is placed in the HTML header element of a web page. It provides information which is not visible to browsers, but which can be used by search engines to index web pages. The most common meta tags are keywords and description. The keywords tag allows the author to list the words which describe the content of the page The description tag allows the author to give the text of the summary displayed when the page appears in the results of a search. For instance: Ñ Ø Ò Ñ ÝÛÓÖ ÓÒØ ÒØ ÀÌÅÄ ØÑÐ ØÑÐ Ö Ö Ò ÀÌÅÄ Ñ Ø Ò Ñ Ö ÔØ ÓÒ ÓÒØ ÒØ ÂÓ ³ Ù ØÓ 4.4.5 Meta-Search Engines ÀÌÅÄ Ø º»Ñ Ø Ø»Ñ Ø A meta-search engine is one which passes queries on to several search engines and directories and then summarises all the results, having removed duplicate entries. This means that the results should theoretically be the aggregate of all the best search engines on the web. Some examples of meta-search engines are: http://www.ask.com/ http://www.dogpile.com/ http://www.metacrawler.com/

4.5. SUMMARY 41 Comparing Search Engines Choose a selection of search engines, both crawler based and indexed, and compare them using the following criteria: speed ease of use relevance of results number of duplicate results detail given of results advanced search facilities 4.5 Summary Web pages are written using Hypertext Markup Language (HTML) which is interpreted by a browser to present the page on the screen for the user. HTML uses tags which define elements The structure of an HTML page is indicated by the ØÑÐ and Ó Ý tags Examples of text tags are Ô and ½ Elements have attributes which are additional information relating to the appearance or layout of that element XHTML is a stricter version of HTML which requires that all documents have a type declaration, all tags are properly closed, are in lower case and are properly nested Microbrowsers are designed for mobile devices with small screens and low bandwidth Applications written for microbrowsers use the Wireless Markup Language (WML) Indexed search engines use programs called spiders to hunt around the web for pages which are linked to pages already in their database Directory based search engines rely on human reviewers to create their database of links Meta search engines return results from a number of different search engines 4.6 End of Topic Test An online assessment is provided to help you review this topic.

42 TOPIC 4. THE WORLD WIDE WEB (WWW)

43 Topic 5 The Implications of the WWW Contents 5.1 Introduction to the Implications of the WWW.................... 45 5.2 E-commerce..................................... 45 5.2.1 Purchasing Software over the Internet................... 46 5.2.2 The Internet gives access to Mass markets................ 46 5.2.3 Purchasing Services over the Internet................... 46 5.2.4 The Advantages and Disadvantages of E-commerce........... 47 5.2.5 Dealing with Fraud.............................. 48 5.3 Social Implications of the WWW.......................... 49 5.3.1 The Information-Rich and The Information-Poor.............. 49 5.3.2 Social Isolation................................ 49 5.3.3 Employment and Taxation.......................... 49 5.3.4 Video Conferencing............................. 50 5.4 Ethical Implications of the WWW.......................... 51 5.4.1 Personal privacy............................... 51 5.4.2 Cookies.................................... 51 5.4.3 Encryption.................................. 52 5.4.4 Netiquette................................... 52 5.4.5 Misrepresentation.............................. 52 5.4.6 Chatrooms.................................. 53 5.4.7 Censorship and Pornography........................ 53 5.5 Internet Regulation.................................. 54 5.5.1 Taxation.................................... 54 5.5.2 The Copyright Act.............................. 54 5.5.3 The Computer Misuse Act.......................... 55 5.5.4 The Data Protection Act........................... 55 5.5.5 The Regulation of Investigatory Powers Act (RIPA)............ 55 5.6 Summary....................................... 57 5.7 End of Topic Test................................... 57 Prerequisite knowledge Before studying this topic you should know what kind of services are provided by the Internet. You should know that an Internet Service Provider (ISP) is needed before

44 TOPIC 5. THE IMPLICATIONS OF THE WWW you can connect a computer or a network to the Internet. You should be aware of the existence of E-commerce, and its implications for home and business users. You should be able to describe the main features of the Regulation of Investigatory Powers Act. Learning Objectives After studying this topic you should be able to: Describe the implications of the World Wide Web (WWW) for E-commerce Understand the social ethical and legal implications of the WWW Describe the current legislation which affects users of the WWW

5.1. INTRODUCTION TO THE IMPLICATIONS OF THE WWW 45 Revision Q1: What is E-commerce? a) The ability to use the Internet for communication b) The ability to use the Internet for economic transactions c) Downloading music from the Internet d) Using Electronic Funds Transfer (EFT) Q2: Which of these is not covered by The Regulation of Investigatory powers Act? a) Employer monitoring their employees emails b) Government monitoring a telephone line c) Buying goods over the Internet d) Using encryption to hide details of a crime Q3: Why is an Internet Service Provider (ISP) needed before you can connect a computer to the Internet? a) Every computer connected to the Internet needs a unique IP address and ISPs provide these. b) You need a telephone connection which ISPs can supply. c) ISPs control the Internet. d) Connecting a computer to the Internet is very complicated and only ISPs can do this. 5.1 Introduction to the Implications of the WWW The World Wide Web is a relatively new phenomenon, with implications for the way people communicate with each other, how societies are organised, how information is shared, and how we are governed. Many of the changes which the WWW has been responsible for have not yet been realised by everyone, and many governments are only just waking up to its benefits and dangers. This topic explores some of the commercial, social, ethical and legal issues which the existence of the WWW raises. 5.2 E-commerce E-commerce is the general term used to describe buying and selling products or services over the Internet, and this, together with Electronic Funds Transfer (EFT), has revolutionised the way we buy many goods and services. We now take it for granted that we can use Automatic Teller Machines (ATMs) and pay for goods in shops all over the world using a credit or debit card, but this is only possible because of the networked systems set up by the banking industry. A recent development in E-commerce is the ability to buy goods and services on-line, although there is still some consumer resistance to this method of trading due to fears about security of credit card details and the difficulty of receiving compensation if goods or services do not arrive or are not what they are advertised to be.

46 TOPIC 5. THE IMPLICATIONS OF THE WWW business to consumer, consumer-to- There are 3 different types of e-commerce: consumer, and business-to-business. 1. Business to consumer e-commerce is the sale of goods or services to the general public via the internet. 2. Consumer-to-consumer e-commerce allows consumers to purchase goods from one another. An example of this is an online auction, such as Ebay. 3. Business-to-business e-commerce is when businesses provide goods and services to other businesses. Services may consist of online advertising, job recruiting, credit, sales, market research, technical support, and different types of training. 5.2.1 Purchasing Software over the Internet Software is often distributed via the Internet, with payment being made using a credit card. Software can be locked, or set to expire after a period of time unless it is registered. Payment of a fee results in the code to unlock the software being sent by email. Once enough bandwidth becomes available, it will be possible for software to be rented rather than bought. Software would be installed on a web server, and your machine would download the parts you need whenever you used it. You would however be charged every time you used it. Because everyone would be using the same version of the software, software companies would be able to save on technical support and distribution costs. They would also be able to offer services such as data backup, offering many of the advantages of a Local Area Network. Software distributed over the Internet can often be cheaper because developers can save on distribution costs and reach a very wide market. Shareware is a system which takes advantage of the fact that a lot of people prepared to pay a small amount for software may mean more profit for the vendor than a few people prepared to pay a large amount. 5.2.2 The Internet gives access to Mass markets Selling a specialised product can often be difficult if you do not have access to a large population area or cannot advertise your product easily. The Internet allows any business to access a world-wide market. Although a product may be very specialised or may only appeal to relatively few individuals, because the Internet can give access to special interest groups, this allow vendors to target their product to a particular audience. 5.2.3 Purchasing Services over the Internet A Service provider is a commercial organisation which provides access to an Internet connection, a certain amount of bandwidth and sometimes networked storage facilities for file transfer and web hosting. Many training and on-line courses are available over the Internet, usually accessed by using an ID and password. Access to these courses may be part of a particular University qualification (like Scholar) or may be available for purchase from the provider. Content providers can sell access to information on the Internet by using a subscription system, though there is research being done on a method of charging for access to Internet pages on a per page basis. The kind of information which people would be

5.2. E-COMMERCE 47 prepared to pay for might be up to date stock market prices, detailed satellite data, photographic images, on-line training, news feeds and other services. Entertainment services such as access to networked games and music downloads are services, which are likely to become subscription-based services. Advertising is a major source of revenue for many content providers. Advertisers are keen to place their advertisements on pages which can be shown to have a high "hit rate", and will pay to do so. In this way the content can be provided "free" to users in the same way that advertising is able to fund commercial television services. 5.2.4 The Advantages and Disadvantages of E-commerce The advantages of E-commerce to the customer are: Goods and services can be purchased at any time of day or night Goods and services can be purchased from anywhere in the world E-commerce uses Electronic Funds Transfer (EFT) so no cash needs to be used Consumers are able to research a product and its competitors more thoroughly before purchase and compare prices from different retailers Goods purchased arrive by post or courier so reducing the need to travel The advantages of E-commerce to the merchant are: Dealing directly with the customer means no profit taken by retailers or "middlemen" Your customer base is no longer restricted to those who can travel to your nearest outlet You do not need to pay for expensive high street retail outlets EFT means no security problems handling cash You can automate the packing and delivery of your product Your on-line profile does not depend on the physical size of your organisation Stock control, order tracking and funds transfer can be automated and linked directly to e-transactions The disadvantages to the consumer are: If you purchase goods or services from a company in another country then you may have difficulty recovering funds if goods do not arrive or are not what was advertised. You rely on the security procedures of the firm you are dealing with to keep your credit card details secure.

48 TOPIC 5. THE IMPLICATIONS OF THE WWW You may pay more for delivery or packing than it would cost you otherwise Local businesses may suffer if you purchase on-line from larger firms If you purchase goods from supplier in another country, you may be liable to pay import tax The disadvantages to the merchant are: Since customers may be anywhere in the world you need to have good security in place to avoid credit card fraud You need to employ someone to keep your web-site and catalogue up to date You need to make sure your web site is secure and that your servers are protected from hacker attack 5.2.5 Dealing with Fraud Security on the Internet is of particular concern to anyone purchasing goods or services using e-commerce or being involved in any financial transactions in banking or the stock market. Concerns that credit card details being transmitted over the Internet could be intercepted or stolen from company servers are widespread and this reduces the efficacy of the system. Anyone using an on-line bank account also needs to be reassured that the system they are using to access their financial details is as secure as possible. Most e-commerce sites use the HTTPS (HTTP over a Secure Socket Layer) protocol to ensure that credit card data cannot be intercepted when it is being transmitted over the Internet. The HTTPS protocol uses encryption to protect this information. Most browsers will display a padlock icon or similar when using this protocol, so that users are aware that data is being encrypted. Credit card fraud is not limited to the Internet, and the development of chip and PIN credit cards is an attempt to make fraud more difficult. In the future, PCs may come fitted with card readers so that users can insert their card enter their PIN in order to verify the authenticity of their credit card. From the point of view of the customer it is very difficult to tell the difference between a genuine company and a fraudulent organisation just by looking at their web-site. "Phishing" is a recent scam which involves extracting credit card details, passwords and even pin numbers from people by sending them emails which pretend to come from their bank or credit card company. These emails direct them to a fake web-site where they are asked to enter their details. Many credit card companies are using Artificial Intelligence systems to spot unusual card activity such as very large purchases or sudden increases in transactions to try and spot the use of stolen card details. This is necessary because a customer might only become aware that their card details are being used fraudulently when they receive their statement at the end of the month.

5.3. SOCIAL IMPLICATIONS OF THE WWW 49 E-commerce Investigation Look at the Amazon or the Dabs web sites and see what e-commerce facilities are on offer. Choose a product and compare prices and information available from a number of different e-commerce sites. http://www.amazon.co.uk http://www.dabs.co.uk 5.3 Social Implications of the WWW 5.3.1 The Information-Rich and The Information-Poor Many people feel that the Internet has accentuated the difference between the rich and the poor. People in western countries are described as "Information rich" whereas most people in the Third World are "Information poor", since connecting to the Internet requires expensive equipment and access to a networking infrastructure which does not exist in many poor countries. Many rich countries also have sections of their populations which are Information Poor. This may be for a variety of reasons such as poverty, geographical isolation or poor education. Many governments are concerned that the Information Poor will be unable to access government support and information services, will be unable to participate in the knowledge industry job market, and will increasingly become more dependent on welfare and be less employable as a result. 5.3.2 Social Isolation There is a fear that the increased use of electronic communication will mean that many people will become physically more isolated from each other. The Internet encourages the creation of global communities, but may result in neighbours not seeing each other for weeks on end. E-commerce means that people use high street shops less and meet together less as a result. Tele-commuting means that people work from home instead of in an office with their colleagues. 5.3.3 Employment and Taxation Tele-working has revolutionised the way in which firms utilise their employees. Teleworking can mean working from home instead of travelling to an office every day, using communications technology to keep in touch with your employer. The work you do can also be transferred in this way as it will be stored in electronic form on the machine you work on at home and can be transferred electronically to your employer s network. Tele-working can also mean working in a different country from your employer or even not ever meeting your co-workers or collaborators because they are all living in different parts of the world. Any job where the result of your labour can be transmitted electronically to your employer can become a tele-working job. Tele-working may also mean working independently as a web developer or programmer.

50 TOPIC 5. THE IMPLICATIONS OF THE WWW Advantages for the employee: Because you are working from home you can save on travel time and transport costs; As long as you produce the required results, it does not matter where or when you work. This means that you can save on child-minding or other expenses such as high housing costs; If you are self employed, electronically. you can deliver your work to your customers Disadvantages for the employee: Because you are not in touch with your fellow employees, you can get a feeling of isolation, missing out on office gossip or possible promotion prospects; You may actually work harder and put more hours in than you would if you were working in an office because you worry that your employers may think you are having an easy time of it at home; You will need space in your home to work, and you may have to insure your employer s computer equipment. Advantages for the employer: You can save money on office space because your workers are using their own homes as their work-space; Tele-workers often work harder than they would if they were working in an office; You can save money on wages as you can employ people in parts of the world where wages are low. For instance, many Western software companies are now looking to the Far East to employ programmers and data processing workers. Disadvantages for the employer: You will need to train your tele-workers and pay for communications costs and computer equipment; There may be security issues you will need to consider if you want your employees to be able to log into your company network from home; You may have less control of the quality of service your work-force provide if your workers are in a foreign country. 5.3.4 Video Conferencing Video conferencing allows a number of people to communicate with each other using sound, video and to share data such as text and graphics even though they are thousands of miles apart. Video conferencing requires a high bandwidth connection and is expensive, but can be dramatically cheaper than flying several people from one continent to another.

5.4. ETHICAL IMPLICATIONS OF THE WWW 51 At the moment video conferencing requires specialised equipment and a dedicated communications channel. As the technology becomes cheaper and more bandwidth becomes available, it is likely that more people will start to use it as an alternative to travelling long distances for meetings. 5.4 Ethical Implications of the WWW 5.4.1 Personal privacy The monitoring of individuals Internet and email use is a contentious issue. Many governments would like to have access to this sort of information. Many individuals would not like them to have this kind of access. With modern communications networks it is theoretically possible to trace the movements of any individual around the world - they use cash machines, pay with credit cards, use the Internet, use mobile phones, appear on surveillance cameras, and may use electronic road tolling systems. All of these systems could be combined to track an individual s movements. Even organisations who manage LANs are becoming concerned about the security and employment issues surrounding email, and some are monitoring all email activity on their networks to make sure that their employees are not divulging company secrets or using the network facilities for their own personal use. You can find out more on this topic in the section dealing with the Regulation of Investigatory Powers (RIP) act. 5.4.2 Cookies Cookies are small data files which web servers send to your machine along with web pages. HTTP is a "stateless" protocol, which means that the web server has no way of knowing which machine or user a request for a web page has come from. This can be a problem if you are using e-commerce, as the server needs to be able to track a transaction between different web pages. One solution is to store a session number in a cookie which is sent to your machine - when you go to the checkout the server requests

52 TOPIC 5. THE IMPLICATIONS OF THE WWW the cookie so that it knows which transaction belongs to you. Cookies are also used to store details of personalisation which people have applied to web pages. Unfortunately cookies can also be used to track your activity on web pages, which adverts you have responded to etc, and to customise on-line advertising accordingly. Many people regard this as an invasion of their privacy. There are several companies which offer software to check for cookies or other data collection systems on your computer and to remove them if you wish. If you want to find out more about this kind of software have a look at the following link: http://www.lavasoftusa.com/ 5.4.3 Encryption Encrypting data is a method of coding it, in order to make it difficult or even impossible for someone to read it unless they have authorisation from you. Some governments make encrypting data illegal, others regard it as an individual right. As with all security systems, there is a trade-off between security and convenience. The more secure you make a communication system, the more inconvenient it is to use. At the moment email on most networks is un-encrypted and insecure, as messages are sent as plain ASCII text. One popular and free encryption system currently available is Pretty Good Privacy (PGP), although until recently PGP was regarded as "munitions" by the USA government and its inventor was prosecuted for allowing details of how his system worked to be posted on the Internet. To find out more about PGP go to: http://www.gildea.com/pgp 5.4.4 Netiquette There are several conventions and a whole new vocabulary which has developed with regard to how you should behave on Internet newsgroups, using email, etc. Simple rules such as not sending "Spam" (unsolicited commercial email), not shouting (writing in capital letters) and respecting people s privacy may seem obvious, but it is easy to make mistakes without realising it. The best policy when subscribing to a newsgroup or joining a list server is to "listen" quietly for a while (called "Lurking") to see how others behave before you submit any contributions yourself. 5.4.5 Misrepresentation The ability to post messages on newsgroups or discussion lists anonymously means that offensive statements can be made without the person making them being held to account.

5.4. ETHICAL IMPLICATIONS OF THE WWW 53 5.4.6 Chatrooms Chatrooms are popular with young people who use the Internet as they enable users to communicate in real time with others from all over the world. A chatroom on the Internet is an area where users can type messages which can be read immediately by anyone else connected to the same server. Communication is slow because of the need to type the messages, but this disadvantage is outweighed by the immediacy of the system. One problem with chatrooms is that there is no way of verifying that the person you are communicating with is who they say they are. They may have lied about their age, their sex, or why they are interested in chatting with you. 5.4.7 Censorship and Pornography What is legal in one country may not be legal in another. Not all governments encourage the free debate of political subjects and many governments try to block access to opinions or political debate which is critical of them. Many people believe that children should be protected from violent, pornographic or extreme political material, though of course what is considered to be extreme in one society is not always considered to be extreme in every society. From the point of view of those wishing to impose censorship, the world-wide nature of the Internet makes it very difficult if not impossible to control. An international standard of "rating" web pages for violent or sexual content has been developed by the Internet Content Rating Association (ICRA) which makes controlling access easier.

54 TOPIC 5. THE IMPLICATIONS OF THE WWW If you want to find out more about the ICRA try this link http://www.icra.org/ en/ 5.5 Internet Regulation 5.5.1 Taxation Buying and selling on the Internet makes it very difficult indeed to impose taxes, import duties or other fees, particularly if the item purchased such as software, music, or access to information can be transmitted electronically and does not have to be physically delivered to the purchaser. If you work in one country but are employed in another, where should you pay tax? Who should pay for your National Insurance? Which country s employment laws should apply? 5.5.2 The Copyright Act Copyright in the UK is governed by the Copyright, Designs and Patents Act 1988 The Internet has made the distribution of software cheap and easy, but of course this also means that the distribution of illegal copies of software is just as easy. Software piracy is a major problem in many parts of the world. Many people argue that software piracy increases the cost of software because software distributors need to charge more to recover the cost of research and development if only a percentage of those using the software are actually paying for it. In addition to conventional software licensing, there are a number of alternative software distribution models in existence, including shareware, ad ware and even freeware. The

5.5. INTERNET REGULATION 55 Internet has made many of these distribution models viable because it provides a large enough market and removes the cost of distribution from the developer. There is also concern over copyright concerning images and other data available on the Internet. The fact that this data is on a web page and anyone can access it does not make it freely available for anyone to take for themselves and publish it under their own name. You can find out more about the Copyright Act from the following link: http://www.hmso.gov.uk/acts/acts1988/ukpga 19880048 en 1.htm Peer to Peer file sharing software enables users to share music or other files which may be subject to copyright legislation. In the US, the Recording Industry Association of America (RIAA) is conducting a legal campaign to stop users from sharing music files in this way. 5.5.3 The Computer Misuse Act In the United Kingdom, the Computer Misuse act (1990) covers using computers to damage or steal data. The Computer Misuse Act covers crimes such as breaking into computer systems or networks to destroy or steal data and propagating viruses which destroy or damage information or computer systems. Before this act was passed, people breaking into computer systems were often only able to be prosecuted for mundane offences such as "stealing electricity". You can find out more about the Computer Misuse Act from the following link: http://www.hmso.gov.uk/acts/acts1990/ukpga 19900018 en 1.htm 5.5.4 The Data Protection Act In the United Kingdom, the Data Protection Act (1998) describes the duties and responsibilities of those holding data on individuals (Data Users). It also describes the rights of these individuals (Data Subjects). In general, it is the duty of those holding data on individuals to register with the Data Protection Registrar, to keep the information secure, make sure it is accurate, and to divulge it only to those persons who are authorised to view it. It is the right of an individual who has data stored concerning them to view that information and to have it changed if it is inaccurate. There are a number of organisations which may be given exemption from this act - namely the Police, Customs, National Security and Health Authorities. You can find out more about the Data Protection Act from the following link: http://www.hmso.gov.uk/acts/acts1998/19980029.htm 5.5.5 The Regulation of Investigatory Powers Act (RIPA) The Regulation of Investigatory Powers Act (2000) gives government and employers wide rights to monitor employees e-mails and telephone calls to ensure that they relate to work. It has been condemned as an invasion of privacy but the government argues it is necessary to crack down on internet crime and paedophilia. There are two main areas of controversy in the RIP act. They concern collection of data and the use of encryption.

56 TOPIC 5. THE IMPLICATIONS OF THE WWW The first concern is the fact that Security services, such as MI5, will be able to monitor people s internet habits by recording the websites and chatrooms they visit and the addresses of emails they send and receive. The Home Office says that the interception procedures are in line with the right to privacy enshrined in article eight of the European Convention on Human Rights and simply brings the monitoring of the internet in line with that of telephone calls. Currently all telephone numbers are logged and some telephone companies are required to enable security services to intercept calls. Internet activity is different however as web addresses show exactly what people have been looking at and enable the security services to build up detailed profiles of where people go online and who they communicate with. The act also allows employers to intercept emails and internet use by their staff, on grounds such as monitoring for computer viruses, checking inappropriate use of company email, or counteracting industrial espionage. Many people think that this law is disproportionate to the problem it is trying to tackle, and that it allows an invasion of the right to privacy of communication assured by Article eight of the convention on human rights. Under RIP, some UK internet service providers (ISPs) will be asked "to maintain a reasonable intercept capability". This would mean that they would be required to install a device enabling the security services to monitor the flow of data. Critics say that these devices will be hugely expensive and will have difficulty keeping pace with fast-changing internet technology as well as the ever-growing volume of internet traffic. The Home Office claims that the power of interception is rarely used. All security service warrants for the interception of data would require the personal approval of the Home Secretary and should only happen if national security was threatened or serious crime was suspected. Critics prefer an independent judicial panel, which would provide external checks on the system and ensure spies and governments maintain the rule of law. The second concern is over the legislation s reverse burden of proof. If intercepted communications are encrypted, the act will force people to surrender the decryption keys on pain of jail sentences of up to two years. The government says keys will only be required in special circumstances and promises that the security services will destroy the keys as soon as they are finished with. Human rights campaigners argue that the act reverses the burden of proof in UK law as the person sending or receiving the communication must prove their innocence rather than the authorities proving their guilt. There is also the threat of stiff prison sentences if an individual who has been required to hand over keys tells a third party. However, the Home Office says the burden remains on the prosecution to prove "beyond reasonable doubt that an accused person is, or has been, in possession of a key to unlock particular protected data." The act also contains a defence for individuals who have lost or forgotten a key, and a person is no longer liable if they are judged to have done all they can to help the authorities to recover a key. Critics argue that innocent people could still be jailed for innocently forgetting keys, while drug smugglers and paedophiles would happily settle for a two-year prison sentence rather than face far harsher penalties for being found guilty of the crime they are suspected of.

5.6. SUMMARY 57 You can find out more about this act by looking at these links http://www.spiked-online.com/articles/00000006d99e.htm http://www.hmso.gov.uk/acts/acts2000/20000023.htm 5.6 Summary E-commerce is the buying or selling of goods or services over the Internet The advantages to the customer are convenience and increased choice The advantages to the retailer are economy of scale, increased markets and automation Disadvantages for both parities are the possibility of fraud, and the increased need for up-to date technology The internet can result in social problems such as the increasing gulf between the Information Rich and the Information Poor and increased social isolation Tele-working has the potential to improve peoples lives by reducing the need to travel and allowing them to work in their own home in their own time. Video conferencing also has the potential to reduce the need for travel, but currently needs special equipment and a high bandwidth connection Ethical implications of the WWW include the problem of personal privacy, the ability of others to track your use of the internet and the increased use of encryption to disguise illegal activities The use of chatrooms by young people and their exploitation by paedophiles is also an ethical concern. Computers and the Internet are regulated by a number of acts of parliament in the UK. These include the Copyright Act, the Data Protection Act, the Misuse Of Computers Act and the Regulation of Investigatory Powers Act 5.7 End of Topic Test An online assessment is provided to help you review this topic.

58 TOPIC 5. THE IMPLICATIONS OF THE WWW

59 Topic 6 Network Security Contents 6.1 Introduction to Network Security.......................... 61 6.2 Threats to Network Security............................. 62 6.2.1 Protecting Data on the network....................... 63 6.2.2 User access rights.............................. 63 6.2.3 Software Solutions.............................. 64 6.2.4 Encryption.................................. 65 6.2.5 Hardware Solutions............................. 66 6.2.6 Human Engineering............................. 66 6.3 Protecting the Network Software and resources.................. 66 6.3.1 Anti-virus software.............................. 67 6.3.2 Proxy Servers................................ 68 6.3.3 Firewalls and Routers............................ 68 6.3.4 Protecting Resources against External Attack............... 68 6.3.5 Monitoring and logging network activity.................. 68 6.4 Internet Filtering................................... 69 6.4.1 Filtering Software............................... 69 6.4.2 Walled Garden................................ 69 6.5 Summary....................................... 69 6.6 End of Topic Test................................... 70 Prerequisite knowledge Before studying this topic you should know about the basic software security measures on a network such as the requirement for ID and password. You should know about physical measures which can be employed such as restricting access to certain workstations. You should know what encryption is and what are the advantages of using it. You should know why Internet filtering is needed in schools and other organisations. Learning Objectives After studying this topic you should be able to: Describe types of threat to network security and how they can be counteracted Describe a number of hardware and software solutions to protecting networks

60 TOPIC 6. NETWORK SECURITY Explain the benefits of encryption Explain the benefits of monitoring and logging activity on a network Describe different approaches to Internet filtering Describe the functions of a network firewall

6.1. INTRODUCTION TO NETWORK SECURITY 61 Revision Q1: Why should network users have an ID and password to log on? a) Because you need to charge people for using a network b) Because it is against the law to use network resources without one c) Because the network software needs to know who you are in order to give you access to networked resources d) Because all software needs an ID and password before you can use it Q2: What does it mean when we say a file has been encrypted? a) Compressing the file so that it takes up less space on the hard disk b) Encoding the file so that it can only be decoded if you have the correct password c) Making the file unreadable by any other operating system. Q3: Why is Internet access filtered in schools? a) Because pupils could find answers to exam questions on it b) Because the Internet can only be used at certain times c) Because it costs money to use the Internet d) Because there may be material unsuitable for young people on the Internet 6.1 Introduction to Network Security Security on a network is always a compromise between security and convenience. The security regime imposed must always be appropriate to the importance of the data being protected. If you impose too draconian a security policy, such as one which forces users to change their passwords daily or to use mixtures of alphanumeric and numerical characters, then the danger is that they will write their passwords down somewhere. If you let users choose their own passwords and make no restrictions on what kind of passwords they use, then the danger is that they will use passwords which are easy to guess, and will not change them regularly enough.

62 TOPIC 6. NETWORK SECURITY As well as internal security on a network, security measures are needed to protect the network from outside. Security from outside hacker attack is best achieved by making sure that there is only one connection between the network and the outside world, and then applying security measures to that connection. Security from virus infection is best dealt with by installing virus protection software at the point where the network connects to the outside world, but also on individual machines in case users bring in infected disks or CDs. For this reason many organisations have strict policies on their users connecting equipment like modems to network stations or installing their own software. 6.2 Threats to Network Security The purpose of security on a network can be categorised into three areas. Protecting data on the network Protecting the network software and resources Protecting the users of the network Protecting these three areas can be done by: Imposing network security on users and on network hardware Additionally installing virus protection and a firewall Filtering Internet content

6.2. THREATS TO NETWORK SECURITY 63 On any network, all three of these security precautions are normally in place 6.2.1 Protecting Data on the network Problem source Pupils/students Hackers Employees Disgruntled ex employees Accountants Fraudsters Hackers/Spies Activity Non-malicious breaching of network security features as a challenge. Prying into other people s work. Malicious breaching of network security features via virus or worm infestation. Stealing network resources such as bandwidth, hard disk space, mail servers etc. Gaining access to confidential files and manipulating the data for personal benefit. Sabotaging the network system by gaining administrative access and deleting or changing system files. Embezzling money from the company. Using stolen credit card details to purchase goods and services over the internet. Tapping into wireless networks using radio-listening devices to gain information or steal data. 6.2.2 User access rights Security within a Local Area Network is important for a variety of reasons. There may be confidential information on the network which not all users should have access to. The functionality and consistency of the network might be damaged if users were able to install their own software or configure machines to their own preferences. There may be a number of different types of user on the network and these different groups may need access restricted in different ways. For instance in a school or college, students should not have access to assessment materials or private tutor areas. The network manager will not want to give access to the operating system files or other crucial parts of the network.

64 TOPIC 6. NETWORK SECURITY 6.2.3 Software Solutions Any user of a network will be familiar with the method of identifying a legitimate user and protecting access to their files. When they log on they are asked for a network ID and password. Once these have been supplied, the network operating system checks the combination of ID and password against an encrypted database and if they match, the user is given access to the files and resources which they have the permissions to use. Network operating systems can enforce password security at a number of levels. At its lowest, the user is given a free choice of password and is never prompted to change it, however more strict setting include: The password must be more than a set number of characters (The number of characters is determined by the level of security required); The password must contain at least one number or other character such as? : } / ; The password must not be one which that person has used before. (The operating system keeps a history of the last passwords used - the length of this history depends on the level of security required); The password must not be a word which appears in the dictionary (There are several password cracking programs available which can match dictionary words to passwords very quickly); The password must be changed every set number of days. (The number of days is determined by the level of security required); In addition to the normal ID and password check, the network operating system can restrict particular users to particular network stations. This can be restricted by time of day or by location or both. Restriction can be achieved using station IP addresses or network station names, but if IP addresses are being used, then the stations need to be allocated static IP addresses rather than dynamic ones. The resources which a user has access to on a network are determined by their security level. Some network operating systems allow the network manager to give each user on the network a restriction policy graded from 1 to 6 in terms of what resources they get when they logon. Users with restriction policy 1 would see a screen with very few icons, inferring that their network provision is absolutely minimal. This is a safe environment. Restriction policy 6 would give full system access for the administrator only. Every file and directory on the network will have permissions set by the network operating system. It is these permissions which are checked when a user attempts to access a file or resource. Normally a user would have full read-write access to their own files on the network, other shared files may be read-only, and other files such as those which are part of the network operating system will be inaccessible altogether. When a user accesses a file, the network operating system checks their ID against the Access Control List (ACL) for that file or for the folder which contains it. Rather than creating separate access rights for every single file and every single user, it is easier to create groups of users who share a particular set of access restrictions, then any member of the group inherits the access restrictions from the group.

6.2. THREATS TO NETWORK SECURITY 65 Applications like company databases, spreadsheets and payroll suites can also be password protected, offering different levels of access to the application software. This creates a hierarchy of clients whose level of access would be on a "need to know basis". Password access of this sort is usually part of the application and is a second level of defence after the security imposed by the network ID and password. 6.2.4 Encryption The network traffic created by a logon ID and password is normally encrypted in case it is intercepted by a machine which an unauthorised individual has placed on the network. Encryption can be also used to protect data from prying eyes within a network as well as from outside. As with network security, there is a trade off between convenience and security The value of the data should determine the level of encryption which is used to protect it. As well as the inconvenience of having to remember a separate password for encrypted data, there is also the increased processor time required to encrypt and decrypt it. Encryption should never be considered to be impossible for someone else to decipher, only that it needs to be strong enough so that the time it would take someone to decipher it would render the information worthless. Encryption is classified according to the number of bits needed for the key used to encode the data. The more bits that are used, the longer it takes for the code to be cracked. As computers increase in power, the time and resources needed to crack such codes decreases, so the minimum encryption key size needs to increase as computer technology improves.

66 TOPIC 6. NETWORK SECURITY 6.2.5 Hardware Solutions Network servers are normally locked away in secure rooms. Physical access to the server can often allow a skilled hacker to get hold of the encrypted password file (which can then be compared with dictionary words encrypted using the same algorithm in order to extract passwords) Backup tapes and emergency repair disks are also a security risk unless they are protected by lock and key. It is possible to exclude access to other parts of the network by physically locking workstation locations. Entry can be via a magnetic swipe card, smart key or by punching in a 4-digit numeric code. Other hardware solutions may involve biometric security systems such as fingerprint, face or iris pattern recognition systems. These techniques can also be used as part of the ID and password system for gaining access to files. Hardware resources on the network such as printers can also be restricted to certain users by time, workstation location or security level. Using switches instead of hubs for the network cabling infrastructure increases security because switches direct network packets to the specific machine they are destined for rather than to every machine on their segment. Since a Network Interface Card (NIC) receives every packet on its segment and can be can be set display their contents on the machine they are fitted in, a hacker could use a laptop equipped with a "packet sniffer" plugged into the network to extract ID and password information from network traffic. Wireless networks are particularly prone to this sort of attack as there is no physical connection needed, and many wireless networks can be accessed from outside the building they are installed in. For this reason wireless networks need to be configured so that the packets transmitted over them are encrypted. 6.2.6 Human Engineering Since the ID and password on a network is effectively the key to much of its security, it is this area which inevitably attracts most of the efforts of those trying to break in. A number of tricks can be employed including fake logon screens which then save ID and password details to a file which the hacker accesses later, or keystroke loggers which can be inserted in between a keyboard and a computer case. These devices log every key press, and this data can be trawled though at leisure once the hacker removes the device. Simply phoning an organisation at lunchtime when inexperienced staff are on duty may enable a hacker to pretend that they have the authority to demand an ID and password for access to the network. Even examining the contents of dustbins and company waste paper may reveal enough information such as user names which would enable a hacker to start trying to guess passwords. 6.3 Protecting the Network Software and resources The network itself needs to be protected as well as the data which it contains. Restricting user rights achieves this to a certain extent, but the network may also be prone to attack from outside as well as inside. These attacks can come in the form of software agents such as viruses and worms or human agents in the form of hackers.

6.3. PROTECTING THE NETWORK SOFTWARE AND RESOURCES 67 6.3.1 Anti-virus software Viruses and worms are pieces of software which can both damage data on a network and also damage the network software itself. They can also make the network unusable by their attempts to propagate themselves to other machines or other networks. They are usually small sections of code which hide themselves inside legitimate applications. When the user runs the application the extra code may delete files, infect other applications or attempt to propagate itself to other machines. Viruses may lie dormant until a particular date or set of circumstances. They may attempt to disguise themselves from anti-virus software and may change themselves as they propagate. Viruses were originally developed as part of experiments into artificial life, but in the hands of the wrong people they can be very destructive. Although not all viruses are designed to cause damage, their presence on a machine is usually not desirable as their activity will consume resources such as disk space, memory or network bandwidth. A worm is similar to a virus although its prime concern is to propagate itself as efficiently as possible, often consuming machine resources in the process. Many viruses and worms use the internet and email to propagate themselves, utilising user s address books and masquerading as genuine messages. Recently worms have been designed to install trojan software on user s machines so that the perpetrator can access that machine without the owner s knowledge at a later date, either to extract information such as bank account data for the purposes of fraud, or to use the machine as a host to send spam email which would otherwise be blocked by spam filters. Protecting a network against viruses, trojans and worms is usually achieved by installing anti-virus software on to the network file servers and stations. The software installed on the servers is responsible for checking every file which is either run or created on the server. Although there is a performance overhead to this activity it is infinitely preferable to a virus attack. When a suspect file is detected, the anti- virus software will attempt to repair it and if that is impossible, it will quarantine the file, usually notifying the user responsible and the network manager. The anti-virus server is also responsible for downloading the latest virus signatures from the anti-virus software vendor and for updating itself and all the stations with this information. Most vendors supply updates to virus signatures once a week, although with the international nature of the Internet, new viruses often spread around the world in a matter of hours. Testing your anti-virus software Warning: Check with your network manager before you try this exercise! You can check to see if the anti-virus software is installed on your machine by using a test string which the software should recognize as a test virus, but which is harmless. Copy the following text string into a text editor and then save the file with an extension which indicates that it is an executable file (.com,.exe ) As soon as the file is saved, you should get a message from the anti-virus software to tell you that it has dealt with the file. Your network manager will probably receive an automatic email to this effect as well.

68 TOPIC 6. NETWORK SECURITY Here is the string: X5O!P%@AP[4ÒPZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST- FILE!$H+H* 6.3.2 Proxy Servers As well as enabling private IP addresses to be used on a Local Area Network, a proxy server is also a convenient way of helping to secure a network because the private internal IP addresses are hidden from the outside world, using a system known as Network Address Translation (NAT). This protects these internal machines from external attack because without knowing the IP address of a machine, a hacker cannot access it in order to control it. 6.3.3 Firewalls and Routers A firewall is a piece of software installed on the machine which controls network access to the outside world. A firewall may be installed on a dedicated machine, or may be part of a proxy server. A firewall will normally block network traffic by examining each packet as it passes through. Each packet can be identified by its source address, its destination address and the port number it is using. A firewall can block traffic on all incoming and outgoing ports except the ones which the network manager knows are for legitimate use of protocols such as HTTP, FTP, SMTP and POP3. A router can perform many of the blocking functions of a firewall, but are often more difficult to configure. Routers can be set up to block traffic from particular IP addresses, although they are primarily designed to route packets between networks. The best combination is to have both a router and a firewall in place. This means that any individual trying to break in will have two separate hurdles to jump instead of just one 6.3.4 Protecting Resources against External Attack There are a number of reasons why a hacker might wish to gain access to a network: They might wish to make illegal use of the network resources such as hard disk space and bandwidth - storing and distributing pirated software or pornography form example, or using the mail server to distribute spam or to propagate a virus, They might wish to deface the company web site or compromise the web server so that it can be used as a secure platform for an attack on another system. A hacker will also want to hide their tracks as far as possible by removing any trace of their activities. 6.3.5 Monitoring and logging network activity Although all network managers hope that there will never be a breach of their network security, either by a virus or by a hacker, it is always wise to monitor and keep logs of network activity. Monitoring software can be set to inform the network manager of unusual activity which might signify a problem. Logs of network activity such as logins, file activity, network traffic etc can help a network manager to track down the source of

6.4. INTERNET FILTERING 69 an intrusion or the route by which network security was breached. 6.4 Internet Filtering Internet filtering can restrict the web sites which users of a network can access. Filtering may be imposed by a company to prevent employees from using the company bandwidth and employee time to surf the web for their own entertainment, or it may be imposed by a school or college to protect their students from accessing unsuitable material. Internet filtering may also be installed in private homes, where parents wish to protect their children from unsuitable Internet material. Filtering is always going to be a compromise, as it is impossible to filter every page for unsuitable content, and over-zealous filtering can often restrict legitimate research. 6.4.1 Filtering Software Filtering software takes the approach of letting the user access anything on the web other than those sites which have been identified as being unsuitable. A very low-tech approach is to simply use a list of banned words which are used to block any site whose address contains these words. Systems like this usually allow the network manager to add IP addresses or other filtering criteria. More sophisticated systems use a regularly updated list of banned sites or a proxy server maintained by the company providing the filtering software. Network managers can submit additional sites which they wish to ban. The danger with this approach is that the decision on what sites to ban and what sites to permit is taken out of the hands of the organisation who own the network and is under the control of the filtering software company. Filtering software can often be combined with a logging system which automatically logs attempts to access banned material. 6.4.2 Walled Garden The "Walled Garden" approach only allows users to access certain parts of the WWW. The software will only allow users to access a web site if its IP address matches one of those on the list of permitted ones. This list may be supplied by the software vendor, or may be complied by the organisation themselves. Normally sites can be added or removed from the list. While this approach is very effective at filtering content, it is very restrictive and considerably reduces the functionality of the WWW. 6.5 Summary Network security is always a compromise between security and convenience The purpose of network security is to protect data on the network, the network itself, and users of the network Threats to network security can be from both inside and outside an organisation Security inside a network is primarily enforced by user ID and password

70 TOPIC 6. NETWORK SECURITY Security from outside is primarily enforced by ensuring that there is only one point of contact with the outside world The hardware and software resources which a user has access to are determined by the restriction policy linked to their ID Encrypting data files on a network can add a further level of security Hardware solutions to security concerns include physically locking up workstations, servers and backup tapes. User IDs can also be linked to biometric security systems Using a switched network, and making sure that wireless networks are secure reduces the chances of Ethernet packets being intercepted by someone who has managed to connect a rogue machine into the network. Wireless networks need to be configured to make them secure. Network servers and stations need to be protected from virus attack using antivirus software. The anti-virus software should be kept up to date with virus signatures A firewall is software which blocks attack from outside, and restricts the transfer of packets from inside a network by examining the source and destination IP address and port number of every packet which passes through it 6.6 End of Topic Test An online assessment is provided to help you review this topic.

71 Topic 7 Denial of Service Attacks and Disaster Recovery Contents 7.1 Introduction...................................... 72 7.2 Denial of Service (DoS)Attacks........................... 73 7.2.1 Types of DoS Attack............................. 73 7.2.2 The Effects of DoS attacks......................... 74 7.2.3 Why do DoS attacks occur?......................... 75 7.3 Avoiding Disaster................................... 75 7.3.1 Software Solutions.............................. 75 7.3.2 Hardware Solutions............................. 76 7.4 Summary....................................... 77 7.5 End of Topic Test................................... 77 Prerequisite knowledge You should know why backups are necessary and why there needs to be a strategy in place to make sure that backups are effective. You should know that a network topology can be described in terms of nodes and channels, and the effect of failure of a node or a channel on different topologies. Learning Objectives After studying this topic you should be able to: Understand what a Denial of Service attack is Describe different types of Denial of Service Attack and why they occur Describe the effects of a Denial of Service attack Describe the hardware and software approaches to disaster avoidance

72 TOPIC 7. DENIAL OF SERVICE ATTACKS AND DISASTER RECOVERY Revision Q1: Which of the following are true of a sensible backup strategy? A) Make regular backups B) Re-use backup tapes daily C) Test the backup frequently D) Keep all backups in a safe place a) A, B and C b) A and B c) A C and D d) A,B and D Q2: What is the effect of a channel failure on a single-segment network with a bus topology? a) All the nodes on the segment fail b) The node nearest to that channel fails c) The nodes on that segment slow down d) No effect Q3: What is the effect of a channel failure on a network with a star topology? a) All the nodes on the network fail b) The nodes connected to that channel fail c) The nodes on that segment slow down d) No effect Q4: What is the effect of a channel failure on a network with a mesh topology? a) All the nodes on the network fail b) The nodes connected to that channel fail c) The nodes on that segment slow down d) No effect 7.1 Introduction Avoiding disaster is only possible if you have some idea of what kind of disaster might occur. In this topic we are going to look at how to avoid two types of disasters: the type of disaster which comes as the result of a deliberate attack, such as Denial of Service (DoS) attack or virus infection, and the type of disaster which is more likely to be caused by natural forces such as equipment failure, fire, flood etc, Both sorts of disaster require similar strategies in order to protect the network in the first place and recover afterwards should the worst happen.

7.2. DENIAL OF SERVICE (DOS)ATTACKS 73 7.2 Denial of Service (DoS)Attacks A denial of Service attack is an attack on a network server which significantly reduces the capacity of that server to provide resources to legitimate users. Denial of Service attacks are not normally launched from within a network, as such an attack would be easy to trace and to counteract. Denial of Service Attacks are almost always launched from outside an organisation, and are directed towards the services which the network is providing to the external users of that network. Denial of Service attacks may be designed to put a competitor out of business, to bring down a high profile organisation or just to cause trouble. 7.2.1 Types of DoS Attack Physical Attack: The simplest form of physical DoS attack is to cut the cables between the company providing the service and their customers. This kind of attack is rare, and is relatively easy to protect against. Exploitation of Software flaws: The complexity of modern operating systems and server software, as well as the commercial pressures on companies to bring out software before their competitors inevitably means that there will be bugs and loopholes which have not been spotted before the software is on general release. Although nolonger a threat, exploits which have been used in the past are: Sending e-mails that have attachments with 256-character file names to Netscape and Microsoft mail programs, or the Ping of Death, where a ping message larger than the permitted size was sent to a server. In both these cases the software suffered a buffer overflow Usually when a buffer overflow attack is successful the application that has been attacked crashes in a way which allows the hacker to gain control of a system or execute code as the system crashes. When a flaw in server or operating system software is discovered, the business of issuing a fix or "patch" varies according to the distribution model. Open source software such as Linux relies on the programmer community to spot flaws and to issue the fix, but the act of publishing the fix often alerts the hacker to the flaw, leaving those who do not immediately apply the patch vulnerable. Where commercial software like Windows in concerned, patches are produced by the vendor, but their resources are inevitably less numerous than the programming community as a whole. The market dominance of Microsoft also seems to mean that they receive more attention from hackers or others attempting to exploit flaws in the software. If you want to know more about the Ping of Death, have a look at this link: http://www.insecure.org/sploits/ping-o-death.html Exploitation of Network Management flaws: The simple expedient of researching the default network management usernames and passwords on popular server software has been exploited in the past as a means of bringing a server down. This kind of attack would be extremely embarrassing for any network manager as the first thing they should do when commissioning a server should be to change the default passwords. Failing to apply security patches once a software flaw has been publicised also leaves a server open to attack, but this is a more difficult task as often patches require server reboots which are difficult if a company is running a 24 hour service.

74 TOPIC 7. DENIAL OF SERVICE ATTACKS AND DISASTER RECOVERY Resource starvation: The services provided by a network server depend on the bandwidth available to that server. Any attack which monopolises that bandwidth by consuming it unnecessarily can effectively deny users access to those services. One type of attack known as the Smurf attack sends out a specially constructed ping message to a large number of intermediary machines. These intermediary machines simultaneously send this ping message to the broadcast address on their network. The machines on their network reply to the ping message, but the reply address is actually the address of the target server which gets flooded with simultaneous ping replies. Viruses or worms can also be regarded as DoS attacks as they consume bandwidth in an attempt to propagate themselves. Some DoS attacks have been propagated by viruses which install server software on unsuspecting users machines. Port scanning software is then used to identify the infected machines and use them as a platform to mount a resource starvation attack on a server. DNS attacks: In a DNS attack, a large number of small DNS queries are sent from the attacker to DNS servers. These queries contain a spoofed IP address of the target server. The DNS servers respond to the small query with a large response which is routed to the target, causing congestion and consumption of bandwidth. This kind of attack can also cripple the DNS server. 7.2.2 The Effects of DoS attacks The effects of a DoS attack can be devastating for a company, particularly if they are high profile or rely on 24 hour connectivity. Apart from the loss of business, there is the loss of confidence by users, the cost of repair and response, and the disruption to the organisation. Denial of Service attacks became world news in August 2000 when Yahoo, Amazon.com and other web sites were hit by attacks lasting for several hours. As with most DoS attacks, these attacks just simply overran the target web sites with streams of poorly formed IP packets.

7.3. AVOIDING DISASTER 75 7.2.3 Why do DoS attacks occur? There are a variety of reasons why DoS attacks occur. In September 2003 a number of anti spam web sites which supply spam blocking lists were hit by DoS attacks perpetrated by hackers who had been hired by spammers. Business competition may well become a more common reason for DoS attacks in the future. Some DoS attacks are merely malicious, though this does not make them any less annoying or inconvenient. DoS attacks may also be politically motivated, one example being the attacks on the US White House web site after the Chinese embassy in Belgrade was accidentally bombed. If you want to read more about the two DoS attacked mentioned here, try these links. http://www.boston.com/news/nation/articles/2003/08/28/saboteurs hit spams blockers/ http://hongkong.usconsulate.gov/uscn/others/2001/102901.htm 7.3 Avoiding Disaster The effort put into avoiding disaster should be proportional to the amount of work which has gone into building the system which needs to be protected. Disaster can come in a number of guises, such as virus or hacker attack, or physical disasters such as fire flood, theft or even just deleing crucial files by accident. The most important thing to remember as far as disaster avoidance and recovery is concerned is that the data held on a computer system is many times more valuable than the physical equipment itself. Obviously avoiding hardware failure is a sensible strategy, but it always makes sense to build redundancy into a system by having replacement parts, backup servers etc available even though they may never be used. 7.3.1 Software Solutions The best possible software solution to recovering from a disaster is to make sure that you make regular backups, that your backup is kept in a safe and secure place, and you are sure that you can recover files from the backup when you need them. A backup schedule is an automatic system which runs at a specific time every day (usually in the middle of the night when network activity is at its minimum). A backup strategy is a system which is put in place to ensure that data loss is minimised in the event of a disaster. A simple backup strategy would be one where servers are backed up to tape every night, and the tapes are taken off site to a secure location the next day. Tapes are used because they are cheap and portable, although tape drives are expensive. A simple strategy would be that tapes are rotated every 5 days, with an additional weekly tape being rotated every 4 weeks, so as to enable recovery of data up to a month before. (This is necessary in case files have been deleted by mistake or damaged by a virus, but the problem is not discovered until several days or weeks later).

76 TOPIC 7. DENIAL OF SERVICE ATTACKS AND DISASTER RECOVERY Monday Tuesday Wednesday Thursday Friday 1 Friday 2 Friday 3 Friday 4 With a system like this, there would be backup versions available for every weekday up to a week before plus every Friday up to a month before. It is important that backup tapes are tested regularly by attempting to restore files, and that there is also a strategy in place to deal with a situation where the servers have been destroyed, such as an identical system in another location. Backup strategies will vary according to the size of the organisation and the importance of the data to its survival. Some large multinational companies are even rumoured to ensure that data backups are kept on more than one continent! Backups can be made over a network connection if there is sufficient bandwidth available, and this removes the need for tapes to be changed or physical media to be moved from place to place. If a backup is being made over a low bandwidth network connection then it makes sense to only backup data which has changed since the last backup. This is called an incremental backup. 7.3.2 Hardware Solutions The simplest hardware solution to disaster avoidance is regular maintenance and high quality components, but there are a number of other hardware strategies. Fault Tolerant Components: This is simply making sure to install components which have duplication built in so that if one part fails, the other can take over. Many servers are fitted with dual power supplies for this reason. Hardware Redundancy: This takes the idea of fault tolerance a stage further by making sure that there are quickly available duplicates of crucial equipment like servers, switches and routers, so that if one of these fails, it can be quickly replaced without waiting for a supplier to deliver. A failsafe strategy would ensure that the spare equipment was always configured with the latest version of the current network software and data. This is likely to be the most expensive but most effective precaution against disaster. Uninterruptible Power Supplies (UPS): An Uninterruptible power supply is a device which contains a battery with enough capacity to supply a server with an electricity supply sufficient to keep it running in the event of a short power cut, and to shut down the server gracefully in the event of a longer problem. Usually a UPS will communicate with the server via a serial cable and will be able to instruct it to shut down when the remaining capacity is nearing its end. A UPS can also act as a "filter" for erratic or dirty power supplies, avoiding large changes in voltage or frequency which might damage a server. Large institutions often have their own generators which can take over in the event of a poser cut, but will also need a UPS to cover the gap between a power cut and the company generators starting up. Disk Mirroring and RAID: An alternative and/or a complementary strategy to tape backup is to use a disk mirroring system or a server which runs a

7.4. SUMMARY 77 Random Array of Inexpensive Disks (RAID) The best versions of RAID enable the recreation of the data on a failed hard disk from the information on the other disks in the array, and will also often allow the "hot-swapping" of failed hard disks so that the server does not need to be shut down or re-booted when a disk fails. Another option is simply to write to two hard disks simultaneously, so that in the even t of a failure of one, the data will always be duplicated on the other. This is called disk mirroring. Network Topology: Different network topologies can have different tolerances to failures. Channel failures will normally only affect the node which they are connected to unless that channel is one from server to switch or router. In general, bus topologies are the least tolerant to channel failure. Star and tree topologies are better as a channel failure only affects the node which it serves unless the channel which fails is the one which serves the node at the centre. Node failure can be much more serious if the node concerned is a server, a switch or a router. 7.4 Summary Denial of Service attacks are attempts to reduce the resources available to legitimate users of a server. DoS attacks can be physical attacks, management. or exploitation of careless network An example of the exploitation of software flaws is where the hacker crashes the server and then gains access via a debug mode. Resource starvation is where the server is flooded with ping messages or attacked with a virus or a worm DNS attacks are where DNS servers are used to launch a resource starvation attack. The effects of a DoS attack are loss of business, loss of trust, inconvenience and expense. The reasons for a DoS attack may be political, economic or malicious. Disaster can be avoided by keeping regular and reliable backups and making sure that a robust backup strategy is in place. Backup tapes should normally be taken off site and kept in a secure location. Hardware solutions include duplicate equipment, uninterruptible power supplies, and disk mirroring or RAID servers. 7.5 End of Topic Test An online assessment is provided to help you review this topic.

78 TOPIC 7. DENIAL OF SERVICE ATTACKS AND DISASTER RECOVERY

79 Topic 8 Data Transmission Contents 8.1 Introduction...................................... 81 8.1.1 Units of measurement............................ 81 8.2 Asynchronous and Synchronous Data Transmission............... 82 8.3 Circuit and Packet Switching............................ 82 8.4 Unicast, Broadcast and Multicast transmission.................. 83 8.4.1 Unicast transmission............................. 83 8.4.2 Broadcast transmission........................... 83 8.4.3 Multicast transmission............................ 83 8.5 Ethernet........................................ 84 8.5.1 Ethernet frames and transmission rates.................. 84 8.5.2 Carrier Sense Multiple Access / Collision Detection (CSMA/CD).... 84 8.5.3 Network Interface Card (NIC) and Media Access Control (MAC) Address 85 8.5.4 Machine Identification............................ 85 8.6 Error Detection and Correction........................... 87 8.6.1 Parity..................................... 87 8.6.2 Checksums.................................. 87 8.6.3 Cyclic Redundancy Check (CRC)...................... 87 8.6.4 Error Correction............................... 88 8.7 Types of Internet Connection............................ 89 8.7.1 Dialup Connection.............................. 89 8.7.2 Integrated Services Digital Network (ISDN)................ 89 8.7.3 Asymmetric Digital Subscriber line (ADSL)................ 90 8.7.4 Cable..................................... 90 8.7.5 Leased Line................................. 91 8.7.6 Benefits of High Bandwidth......................... 91 8.8 Summary....................................... 91 8.9 End of Topic Test................................... 92 Prerequisite knowledge You should know that telecommunications networks are used for voice and data transmission. You should know about the infrastructure required for an Ethernet network including cabling, hubs, switches and Network Interface Cards. You

80 TOPIC 8. DATA TRANSMISSION should know that there are a number of different types of Internet connection available including dialup modem, Asymmetric Digital Subscriber Line (ADSL), Integrated Subscriber Digital Network (ISDN), Cable modem, and leased line. You should know about the different types of transmission modes: unicast, broadcast and multicast. Learning Objectives After studying this topic you should be able to: Understand the units of measurement used in data transmission Describe the difference between synchronous and asynchronous data transmission Describe the difference between circuit and packet switching Understand the Ethernet standard and its use of CSMA/CD Describe a Network Interface Card and why it needs a MAC address Describe error checking methods including parity and CRC Understand the different types of Internet connection and where they might be used

8.1. INTRODUCTION 81 Revision Q1: Which of the following technologies would not be suitable for a company needing a high bandwidth network connection? a) ADSL b) ISDN c) Dialup modem d) Cable modem Q2: Which one of the following transmission modes describes streaming video? a) Unicast b) Simplex c) Broadcast d) Duplex Q3: What is the major benefit of VOIP (Voice over IP) a) Phone calls don t cost anything because they are transmitted over the Internet b) Phone calls are connected more quickly c) Phone call quality is better d) Phone calls are faster 8.1 Introduction Data transmission is the technology at the heart of networking, and essentially concerns the second layer of the OSI model - the Data Link Layer which is responsible for putting data into frames or packets and providing an error-free transfer from one node to another. This topic looks at Ethernet, which implements the Data Link Layer in many Local Area Networks. We also look at a number of other types of network connection available to the home and business user such as dialup or ADSL where the Data Link Layer performs a similar function and compare them in terms of speed and bandwidth. 8.1.1 Units of measurement It is important to be aware of the units used in computer networking, particularly where transmission speed is concerned, as there are a number of confusions which can arise. Firstly we need to distinguish carefully between a bit and a byte. A bit is a single unit of information which can be either on or off, often represented as a one or a zero. A byte is 8 bits, and was originally used to represent a single character in ASCII code. (However a single character will take up more than 8 bits if it is represented in Unicode, or if it is transmitted with a large number of accompanying error detection or start and stop bits). Since transmitting data over networks often involves sending extra bits in order to cope with error detection, error correction and the information needed to identify where a message starts and where it stops, the unit for measuring the quantity of data transmitted is the bit and transmission speed is measured in Megabits per second (Mbps) or Kilobits per second (Kbps). It is important to distinguish these units from MB (Megabytes) and KB (Kilobytes) which are normally used to measure file size and storage capacity.

82 TOPIC 8. DATA TRANSMISSION There is an additional confusion over the meaning of the prefixes Kilo and Mega. When describing file or memory sizes, Kilo means 2^10 (1024) and Mega means 2^20 (1048576) whereas when describing network transmission speeds, Kilo usually means 10^3 (1000) and Mega usually means 10^6 (1000000) This is because the transmission speed is governed by the speed of the clock that paces the transmission of the bits. A clock that is running at 10 Megahertz (MHz) is used to transmit bits at 10 Mbps. In this case the Mega in MHz means 10^6 whereas the Mega in Mbps means 2^20. 8.2 Asynchronous and Synchronous Data Transmission Asynchronous data transmission (where the sending and receiving machine are not synchronised) uses a transmission system where each byte is sent individually with its accompanying stop and start bits. Asynchronous transmission is a fairly primitive method of data transmission as the proportion of data to incidental information such as start and stop bits is relatively low compared to synchronous data transmission. Asynchronous data transmission is normally used for low speed transmission and the protocols used do not normally include any error checking (since the transmitter receives no information about the success or failure of the transfer). Synchronous data transmission (where the sending and receiving machine are synchronised) uses a start frame to tell the receiving station that a packet is on its way and is used to synchronise the receiving station with the transmitting one. Synchronous transmission is much more efficient because a start and stop frame is only needed at the beginning and end of a block of characters which can be up to 8KB in length, whereas with asynchronous data transmission, start and stop bits need to be transmitted with every byte. Error checking information can be included in the block. Synchronous transmission is more difficult and expensive to implement than asynchronous transmission, since it requires the transmitter and receiver clocks to be synchronised. It is used with higher transfer rates of communication: such as 100Mbps Ethernet. 8.3 Circuit and Packet Switching Connections between nodes on different networks can be achieved either by circuit switching or packet switching. Circuit switching is where there is a direct connection established between the two networks. All data follows the same physical path during the communication. Circuit switching is expensive because it means dedicating a particular connection for the time that the communication is occurring. Asynchronous Transfer Mode (ATM) is a popular circuit switching technology based on transferring data in blocks of a fixed size. The data block size used with ATM is relatively small which allows ATM equipment to transmit video, audio, and computer data over the same network, and makes sure that no single type of data monopolises the line. ATM is often used to connect networks over a leased telephone line. This is expensive, particularly if large distances are involved, but provides a high bandwidth connection. A circuit switching network is often referred to as a connection oriented network because information about the state of the connection needs to be retained. A

8.4. UNICAST, BROADCAST AND MULTICAST TRANSMISSION 83 connectionless network is one where no information about the state of the connection is retained. Packet switching is a system where the data to be exchanged is broken up into blocks of data called packets. These packets are given a destination address and a sequence number, and this information is used to re-assemble the communication when it reaches its destination. Breaking the data down into packets means that packets may follow different routes between the transmitter and the receiver, but is extremely efficient because packets from different users can be mixed, and the network hardware can decide on the most efficient transmission route. Packet switching is usually much cheaper than circuit switching because it does not need a dedicated connection. Most Internet traffic uses packet switching. The Internet is essentially a connectionless network, where IP provides a connectionless packet delivery service and TCP provides a "virtual" circuit connection. In practice, since many routers retain information about the state of a connection between two nodes in order to make congestion control decisions, there may be parts of the Internet which could be described as connection oriented. 8.4 Unicast, Broadcast and Multicast transmission 8.4.1 Unicast transmission Unicast is the term used to describe communication where a packet is sent from a single source to a specified host. Unicast transmission, is still the main form of transmission on LANs and on the Internet. And uses the TCP and UDP protocols which are implemented on the Transport Layer 8.4.2 Broadcast transmission Broadcast transmission is a method of delivering a packet to every host on a particular network or group of hosts on the Internet. Broadcast transmission does not retransmit dropped packets or wait for acknowledgement of their delivery, so the protocol used is UDP. Examples of broadcast technology in action are streaming audio or video or applications where the continuity of the transmission is more important than the reliable delivery of every single packet. 8.4.3 Multicast transmission Multicast is where packets are sent from one or more points to a set of other points. In this case there is may be one or more senders, and the information is distributed to a set of receivers. Multicast transmission effectively shifts the multiple distribution to a later point in the network to save bandwidth As with broadcast transmission, the UDP protocol is used. One example of an application which may use multicast is a video server sending out a number of different TV channels.

84 TOPIC 8. DATA TRANSMISSION 8.5 Ethernet The Ethernet standard was developed by the Xerox Corporation, DEC and Intel. Ethernet is a networking system where all nodes are connected together on a common bus but where only one node can transmit at any one time. The system used for making sure that only one machine is transmitting at a time is called Carrier Sense Multiple Access / Collision Detection (CSMA/CD). The Ethernet standard operates on the Data Link Layer of the OSI model. Ethernet is currently the most commonly used technology for Local Area Networks. 8.5.1 Ethernet frames and transmission rates When data is being passed between two computers on the same Ethernet segment, the computers are identified by their MAC addresses. The actual data to be transmitted is packaged up into a frame. The frame contains the destination address, the source address, the data itself, error detection information and some additional information necessary for successful transmission. This table shows the structure of an Ethernet frame. 8 bytes 6 bytes 6 bytes 2 bytes Preamble Destination Address Source Address 46 to 1500 bytes 4 bytes Frame Type Data Checksum The original Ethernet transmission rate was 10Mbps, but the common standard is now 100Mbps with 1Gbps and 10Gbps available for applications which require a particularly high bandwidth such as the connections between servers. A collision is when two devices transmit simultaneously on an Ethernet segment. The propagation delay of a network I the time it takes for a signal to travel from one end of a segment to another. Collisions can only be detected if you can guarantee that the frame will be transmitted for a length of time which is at least twice the propagation delay of the network. This means that the maximum physical length of a segment, the minimum frame size and the transmission rate are related. If the transmission rate doubles, either the maximum length has to be halved or the minimum frame length has to be doubled. 8.5.2 Carrier Sense Multiple Access / Collision Detection (CSMA/CD) In order to transmit a frame on an Ethernet network, any node can transmit, but must first check that no other machine is transmitting at the same time (This is the Carrier Sense Multiple Access part). If there is no other transmitting node, then the transmission is started. Once the transmission has started, if a collision is detected, (the Collision Detection part) then transmission stops, and the machine waits for a short random time before attempting to re-transmit. If a collision is detected again during this retransmission, then the machine will wait for a longer random time before re-trying. On a busy network with lots of collisions, this delay can reduce network performance considerably.

8.5. ETHERNET 85 8.5.3 Network Interface Card (NIC) and Media Access Control (MAC) Address Every Ethernet network interface card (NIC) has its own unique Media Access Control (MAC) address which identifies it on the network. It is this address which is used by the Ethernet protocol to direct data around the network from one host to another. The data to be transmitted is packaged into a frame. The frame contains the destination MAC address, the source MAC address, error detection and transmission information along with the actual data. On an Ethernet network, a (NIC) receives all frames. It accepts: Frames with the destination as its own MAC address Frames with the destination as the broadcast address (address is all 1s) Frames with the destination as a multicast address if programmed to do so All frames if it has been put into promiscuous mode. It passes to its host machine only the frames which it accepts The last item in this list is why a switched network is more secure than one which uses multiport repeaters (hubs) and why unsecured wireless networks are a particular security risk. Someone wishing to break into an Ethernet network could connect a laptop with the NIC set to promiscuous mode, and use software to read all the packets on that particular segment. Any traffic where passwords and IDs were sent in unencrypted form would be a security risk. To find out more about Ethernet click on this link: http://www.ethermanage.com/ethernet/ethernet.html To find out more about Ethernet visit this link: http://www.ethermanage.com/ethernet/ethernet.html 8.5.4 Machine Identification All nodes on a network, whether they are servers or network stations, will have a unique identity which identifies that particular machine. The type of identity a node has will be determined by the protocols running on the network. The Ethernet standard requires that every network interface card has a MAC address in the form of a 6 byte number. The TCP/IP protocol used for access to Internet services requires that every node has its own IP address of the form of a 4 byte number. In addition to these identifiers, nodes on a network may also have a user friendly name which identifies them to users on the network. The network operating system is responsible for making sure that all of these different ways of identifying a machine are mapped to the same unique entity. Computer Name Room11PC MAC Address 00-A0-C9-AB-12-59 IP Address 192.168.0.45

86 TOPIC 8. DATA TRANSMISSION Practical Exercise: Setting up a Simple Local Area Network For this exercise you will need to have access to at least two machines which do not have the kind of restrictions applied to them which machines connected to a school or college LAN would normally have. Initially you should set the machines up as a peer to peer network.. Allocating an IP address: Before two machines can communicate with each other on your network, you need to allocate a unique IP address to each one. To begin with, having checked that TCP/IP is installed, allocate fixed IP addresses to each one, using addresses in the Cass C private IP address range. (192.168.0.1 etc.) You can test your allocation of IP addresses, and check that the machines can communicate with each other by using the ping command: The command: Ping localhost will test that TCP/IP is installed. If you have two machines, 192.168.0.1 and 192.168.0.2 and you can ping one machine from the other, then this will check that they can see each other on the network. Sharing a resource on a peer to peer network: If you create a folder on one machine and share it, then if the network is working, then that share should be visible from any other machine on the network. The permissions you allocate to the share will determine whether it is read only or read/write Creating User accounts: If you can, set up one machine on the network as a server. You will need to give your group of computers a domain name and create some users. If you log the other machines on to the new domain using the usernames you have set up, you will have created a small client-server network. Sharing a resource on a client-server network: Share a folder on your server and then allocate permissions to that share for some of the

8.6. ERROR DETECTION AND CORRECTION 87 users you have created. Make some of the permissions read only and some read/write. Log on to one of the client machines with a username, and see if you can access the share you created on the server. Test to see how the permissions you have set affect your access to the share. If you can get access to a spare printer, install it on the server and then share it. You should be able to print to this shared resource from one of the other machines. Extension Exercise: Setting up Server Software Try installing a web server and creating a mini intranet. Try installing an FTP server or a news server and test them out from one of the stations on your network. 8.6 Error Detection and Correction Error detection is the business of determining whether an error has occurred during the transmission of data from one machine to another. If an error is detected, then the only solution is to ask the transmitting machine to retransmit the data. If error correction is in place, then depending on the amount of extra data sent with the original, the errors may be able to be corrected without asking for it to be re-transmitted. 8.6.1 Parity Parity is a error detection technique used to detect errors in the transmission of single characters. An extra bit called a parity bit is added to each unit of information (usually a single character) transmitted. If odd parity is used then the parity bit will be set so that the number of 1s in the transmitted data is always an odd number. The receiver counts the number of bits whose value is 1. If this comes to an odd number then it assumes that the data has been transmitted correctly. If it comes to an even number then it will request that the data be retransmitted. 8.6.2 Checksums A checksum is used when blocks of data are being transmitted. A checksum is generated by performing a calculation on the data - usually by performing a calculation involving the numerical value of all the bits in the block. The checksum is transmitted along with the data and an identical calculation is done by the machine at the receiving end. If the results match, then it is assumed that the data has been transmitted correctly. If the results do not match then a re-transmission of the data is requested. 8.6.3 Cyclic Redundancy Check (CRC) A Cyclic Redundancy Check uses more complicated mathematics than a checksum, although the principle is similar. A calculation is done on the data to be transmitted resulting in additional (but redundant) data which is added to the packet. The receiving machine performs the same calculation and if it gets the same answer, then the data is presumed to be error free. A simplified illustration of the idea behind CRC is to treat the data to be transmitted as a single binary number which is divided by a number known to both sender and receiver. The remainder is transmitted along with the data and if the

88 TOPIC 8. DATA TRANSMISSION receiving machine gets the same remainder when it divides the data by its number, then it assumes that the data is correct It is possible for errors to remain undetected with this method, but they are sufficiently unlikely to make it an extremely popular error detection method. You can find our more about CRC from this link http://www2.rad.com/networks/1994/err con/crc.htm http://www.mathpages.com/home/kmath458.htm 8.6.4 Error Correction Error correction is possible if the data being transmitted is encoded in a way which allows for potentially redundant information to be transmitted along with it. If the difference between two character codes is sufficiently great, then the corruption of one or even two bits may still leave the character recognizable. A parallel with written communication would be the fact that you can often still read text which has faded or has had some part of the letter erased, because they can be recognized without all of the letter needing to be visible. Inevitably the extra data required to be transmitted for error correction to work must be traded off against the time taken to re-transmit the data if error detection alone is implemented. A good example of where error correction as opposed to error detection is worthwhile would be where there is a large time delay between transmission and receipt of data such as in communications with robotic spacecraft on planetary exploration missions.

8.7. TYPES OF INTERNET CONNECTION 89 8.7 Types of Internet Connection 8.7.1 Dialup Connection A Modem is still the commonest piece of communications equipment used to connect home computers to the Internet. A modem converts the digital signal from a computer into a modulated analogue signal that can be transmitted down a telephone line. It also converts the analogue signal back to a digital one in the opposite direction. Modem is a short name for "modulator / demodulator". The connection rate achieved by a modem depends on the quality of the telephone line, but the current maximum bandwidth available is 56Kbps. Modems use a channel probe to test the phone lines before establishing a connection rate, and then select the highest possible one. There has been a steady improvement in the performance of modems over the years, with a variety of protocols being developed and then superseded, but 56Kbps seems likely to be the maximum transmission rate unless line quality is increased dramatically. Typically a dialup modem will take 15 to 20 seconds to connect. The original protocol used for dialup connections was Serial Line Internet Protocol (SLIP) which was designed to allow IP packets to be transmitted using a modem. A more secure protocol called Point to Point Protocol (PPP) is now used, which includes features like Address Notification which allows a server to inform a dial-up client of its IP address, password authentication and better compression. 8.7.2 Integrated Services Digital Network (ISDN) The Integrated Services Digital Network (ISDN) is used for digital transmission over ordinary telephone copper wire. A single ISDN line consists of two 64 Kbps B-channels which can carry data or voice, and one 16 Kbps D-channel used for transmitting control information. The two channels can be used independently (one for analogue or digital telephone, one for internet access) or can be combined together to provide a single digital connection. This means that if both channels are used for an internet connection a user can have a guaranteed 128 Kbps connection. ISDN lines can be combined together to provide bandwidth in units of 128Kbps per line (64Kbps per channel). Installing an ISDN line requires the user to purchase an ISDN Terminal Adapter. In addition, the customer must normally be within 5.5 km of the telephone exchange. Because they are digital, ISDN lines can provide a higher bandwidth and more reliable connection than an analogue dialup modem. and because the connection is digital, connection to the service provider is almost instantaneous. Being able to combine channels into one virtual connection is also very useful if you can afford the additional lines and telephone charges. ISDN lines are often used for one to one video conferencing if a high bandwidth IP connection is not available - combining channels improves the quality of the connection, but dramatically increases the cost of the call as each channel is equivalent to a single telephone call. Three ISDN lines will provide a high quality video conference link but costs the equivalent of six simultaneous telephone calls.

90 TOPIC 8. DATA TRANSMISSION 8.7.3 Asymmetric Digital Subscriber line (ADSL) An ADSL connection requires a special ADSL modem but uses a normal copper telephone line. The data-rate of ADSL strongly depends on the length and quality of the line connecting the user to the telecom provider with an upper limit currently around 5 Km. An ADSL circuit must be configured to connect two specific locations, similar to a leased line. In theory ADSL allows download speeds of up to 9 Mbps and upload speeds of up to 640 Kbps although the commonest configuration is more like 2Mbps download and 128Kbps upload. (This is why the service is describes as asymmetric) ADSL is well suited for web browsing, video on demand and some client-server applications. It is ideal for the home user who usually does not need particularly high upload speeds. Although ADSL can provide a very high bandwidth connection, since the connection from the telephone exchange to the Internet will have limited bandwidth, this connection has to be shared between a number of users on a system known as "contention" In effect, up to 20 commercial users or 50 home users may well be sharing the same bandwidth. This can cause a considerable reduction in response speed if a lot of users are trying to download large files simultaneously. ADSL is an "always on" connection which means that users will have a static IP address which makes them much more vulnerable to hacker attack (and more attractive as they have access to higher bandwidth). Users of ADSL connections need to make sure that they have a reliable firewall installed 8.7.4 Cable Transmitting TV over a cable connection is popular in metropolitan areas in the USA and has become commonplace in cities in the UK due to the spread of optical cable network infrastructure. If you want to use the cable TV distribution system to provide internet access you need a cable modem. Because the coaxial cable used by cable TV provides much greater bandwidth than a telephone line it enables users to receive data at about 1.5 Mbps. A cable modem can be added to or integrated with a set-top box that provides a TV set with channels for Internet access. In most cases, cable modems are supplied as part of the cable access service and are not purchased by the user. Although a cable modem does modulation between analogue and digital signals, it is a much more complex device than a telephone modem. Typically, the cable modem attaches to a standard NIC in the computer. The cable modem communicates with the Cable Modem Termination System (CMTS) at the local cable TV company. All cable modems can receive from and send signals only to the CMTS, but not to other cable modems on the line. Although the possible bandwidth for Internet services over a cable TV line can be up to 27Mbps, since this bandwidth will be shared by a substantial number of other users on the line (and the total bandwidth available will also be limited by the bandwidth which the cable company has leased from the telecommunications provider) the actual bandwidth available to the home user is usually only slightly higher than that available using ADSL. Like ADSL, cable is also an "always on" connection so users need to make sure that they have a reliable firewall installed.

8.8. SUMMARY 91 8.7.5 Leased Line A leased line is an agreement with a communications company to provide a permanent dedicated circuit between two points. The cost of the line is usually based on the distance between the locations. The traditional telephone system utilises the same lines for many different conversations by using packet switching whereas leased lines maintain a single open circuit at all times. Leased lines most commonly are rented by businesses to connect branch offices, because these lines guarantee bandwidth for network traffic. Leased lines are expensive to set up and expensive to maintain. A leased line provides a 1.544 Mbps connection and is often called a T1 connection. A T1 connection is sometimes referred to as a Symmetric Digital Subscriber Line (SDSL) (to distinguish it from ADSL) Because they provide a permanent switched circuit between two points, leased lines often use Asynchronous Transfer Mode (ATM) to transmit video and audio as well as computer data. 8.7.6 Benefits of High Bandwidth A high bandwidth connection provides a number of benefits to an organisation Using Voice Over IP (VOIP) the saving in telephone charges for an organisation which has a number of branches distributed around the world is very large indeed, if they are able to use a system where their Internet connection provides a telephone service, as the connection is already being paid for through the ISP. Video Conferencing is another service which a high bandwidth connection can provide, again saving telephone charges or travelling costs. Both of these applications need a guaranteed bandwidth to work successfully, so any system which uses contention to share a connection is likely to be unsuitable. 8.8 Summary Bandwidth is normally described in terms of Kbps (Kilobits per second) or Mbps (Megabits per second) Asynchronous data transmission transmits one byte at a time along with start and stop bits Synchronous data transmission is more efficient because blocks of data are larger and less control information needs to be included Circuit switching maintains a fixed connection between two points while data is being transferred Packet switching is "Connectionless" because data is routed in packets which may take different routes The Ethernet standard uses Carrier Sense Multiple Access / Collision Detection (CSMA/CD) to ensure that packets of data do not interfere with each other on a network segment A switched Ethernet network has less collisions and is more secure because the

92 TOPIC 8. DATA TRANSMISSION switch effectively divides the network up into a number of separate segments Every Network Interface Card (NIC) has a unique MAC address to identify it. This is separate from the IP address which is controlled by software. Parity, Checksums and Cyclic Redundancy Checks are all methods of error detection in data transmission - all involve additional data being transmitted A Dialup Internet connection uses a modem and can achieve a maximum of 56Kbps An ISDN line and terminal adapter provides two 64Kbps digital channels and one 16Kbps control line An ADSL line is programmed to operate between two specific locations and can provide 2Mbps download and 128Kbps upload bandwidth. ADSL bandwidth may be shared between a number of users. A Cable modem provides similar bandwidth to an ADSL line but uses Television distribution cable to provide the connection A leased line provides a guaranteed 1.54 Mbps digital connection between two specific locations but is by far the most expensive option 8.9 End of Topic Test An online assessment is provided to help you review this topic.

93 Topic 9 Wireless Data Applications Contents 9.1 Introduction...................................... 94 9.2 Wireless Personal Area Network (WPAN)..................... 94 9.2.1 Bluetooth................................... 94 9.2.2 Piconet and Scatternet........................... 95 9.3 Wireless Local Area Network (WLAN)....................... 96 9.3.1 Introduction.................................. 96 9.3.2 Security on a WLAN............................. 96 9.4 Wireless Wide Area Network (WWAN)....................... 97 9.4.1 Introduction.................................. 97 9.4.2 Wireless Broadband............................. 97 9.5 Summary....................................... 98 9.6 End of Topic Test................................... 98 Prerequisite knowledge You should know the difference between the following wireless communications methods: Wireless Personal Area Networks (WPAN) Wireless Local Area Networks (WWAN) and Wireless Wide Area networks (WWAN) Learning Objectives After studying this topic you should be able to: Describe modern wireless communication methods Describe a Wireless Personal Area Network (WPAN) and its applications Describe a Wireless Local Area Network (WLAN) and its applications Describe a Wireless Wide Area Network (WWAN) and its applications

94 TOPIC 9. WIRELESS DATA APPLICATIONS Revision Q1: What is the range of a typical Bluetooth WPAN? a) 100 Metres b) 50 Metres c) 10 Metres d) 1 Metre Q2: Which one of these is not a wireless technology? a) Ethernet b) Bluetooth c) Microwave d) IEEE 802.11b Q3: What is the main difference between a WPAN and a WLAN? a) A WLAN has multiple users a WPAN normally does not b) A WLAN does not need any cables whereas a WPAN does c) A WPAN has more potential connections than a WLAN d) A WLAN cannot share as many resources as a WPAN 9.1 Introduction Although the technology is still relatively immature, wireless networking is becoming increasingly popular, particularly with the proliferation of portable computing devices and the increasing dependence of many of them on retaining a link to the World Wide Web (WWW). There are a number of different wireless technologies available for the different applications we are going to look at: Bluetooth is a low power and low bandwidth technology for personal area networks, 802.11b, is a wireless networking standard for Local Area Networks (along with its companions, 802.11g and 802.11a) and there is a selection of wireless technologies available for Wireless Wide Area Networking including satellite, mobile phone networks and wireless broadband. 9.2 Wireless Personal Area Network (WPAN) A wireless personal area network (WPAN) is a personal area network - a network for interconnecting devices centred around an individual person - in which the connections are wireless. Typically, a wireless personal area network uses technology that permits communication within about 10 meters such as Bluetooth. A WPAN could interconnect all the ordinary computing and communicating devices that many people carry with them today such as mobile phone, mp3-player, laptop and Personal Digital Assistant (PDA). 9.2.1 Bluetooth Each bluetooth device has a unique 48-bit address. When any two WPAN-equipped devices come within several meters of each other they will be able to communicate. For

9.2. WIRELESS PERSONAL AREA NETWORK (WPAN) 95 example when someone with a bluetooth enabled laptop comes close to a bluetooth enabled printer or other device, they should be able to connect to it. Using a system like this it should be possible to have all mobile and fixed computer devices totally coordinated. Bluetooth also has the ability to lock out other devices selectively, preventing interference and providing security, and a frequency hop scheme which allows devices to communicate even in areas with a great deal of electromagnetic interference. Bluetooth uses the radio waves in the frequency band of 2.4 GHz with a speed of up to 2Mbps. Bluetooth devices can function in two modes: circuit switched (the most common mode for voice communications, on land and wireless digital networks), This connection is asynchronous at a speed of 57.6 Kbps to 721 Kbps packet switched (the mode for Internet data, as well as for higher bandwidth mobile communication systems like the General Packet Radio Service (GPRS)). This connection is synchronous with at a speed of 64 Kbps 9.2.2 Piconet and Scatternet A Bluetooth network (known as Piconet) can allow the interconnection of eight devices in a radius of 10 meters. This network can be fixed or temporary. In a Piconet, one device is the network controller or master device, and it finds other slave devices by broadcasting requests. The slave answers with its identification number. As many as 10 Piconets can overlap to form a Scatternet, linking up to 80 Bluetooth appliances.

96 TOPIC 9. WIRELESS DATA APPLICATIONS 9.3 Wireless Local Area Network (WLAN) 9.3.1 Introduction A Wireless Local Area Network (WLAN) effectively replaces cables and conventional NICs with wireless signals and wireless network cards. Wireless networks are useful where the portability of network stations is important, if the network is in a temporary building, or where it is difficult or expensive to fit a cable infrastructure. A network station on a WLAN will be fitted with a wireless Ethernet card which communicates with a wireless base station (sometimes called a wireless hub) The base station must be connected to the server in some way (often by cable, as the bandwidth available on cable is much greater than the bandwidth currently available over a wireless connection). In a small network for the home user, the wireless hub may be replaced by a wireless router combined with an ASDL or cable modem/.there may be a number of base stations throughout a building, since the range of wireless networks can be as little as 100 metres or less if the walls of the building are very thick or use reflective metal foil in their construction. The base stations are normally set up so that users can "roam" from one to another transparently without losing a connection. There are a number of different wireless networking standards created by the (Institute of Electrical and Electronic Engineers (IEEE), all referred to using the reference number 802.11 followed by different letters denoting different bandwidths and frequencies, with correspondingly different ranges and penetration through walls. The current common standard is IEEE802.11b with a theoretical bandwidth available of 11Mbps although in practice it will be often around 4 or 5 Mbps. 9.3.2 Security on a WLAN Securing a network which uses wireless workstations is more difficult than a cabled network because it is much more difficult to physically check which stations are connected to the network. The area within which a wireless laptop can connect is difficult to control and often will extend beyond the walls of the building it is installed in. Wireless technologies come equipped with encryption and other security features to restrict which machines can connect to the network, and to ensure that anyone intercepting the wireless signals will be unable to extract many useful information from them. Wireless networks are often referred to as Wi-fi networks and these are becoming increasingly popular in hotels, airports, coffee shops and even fast food outlets, where customers are attracted by the ability to surf the WWW from their wireless laptops. Some of these organisations will charge for the Wi-fi service and a popular culture has developed where individuals use scanners to identify unsecured Wireless networks and post the details on web pages. Some even mark the details of these networks on pavements outside so that passers by can make use of the bandwidth without having to pay.

9.4. WIRELESS WIDE AREA NETWORK (WWAN) 97 Wireless networks can be made secure by a number of strategies Using the MAC address of the wireless network card to authenticate legitimate users Use an encryption technology such as Virtual Private Networking (VPN) to ensure that signals which are intercepted cannot be used to extract information about the network which a hacker could use Use the IEEE802.11b built in Wired Equivalent Privacy (WEP).to encrypt wireless traffic, although this should never be relied upon on its own as it is a relatively weak from of security. 9.4 Wireless Wide Area Network (WWAN) 9.4.1 Introduction There are a number of Wireless Wide Area Network (WWAN) solutions available. A simple but expensive and low speed solution is to use your mobile phone to connect your laptop to the telephone system. This may be the only solution if you want mobile connectivity, but at the moment is not practical for transferring large amounts of data. A satellite modem is another very expensive but more effective solution if you want mobile connectivity, and has the added advantage of working anywhere in the world where the satellite can be accessed. Wireless Broadband is likely to be the most likely solution for rural and metropolitan areas if mobile connectivity is not required. 9.4.2 Wireless Broadband Wireless broadband is currently under development, but it will only succeed economically if it can deliver the same bandwidth to users as is available over cable or ADSL at a similar or lower price. Wireless broadband uses a hub which transmits to a number of transceivers mounted on every building which needs access to the network. These transceivers in turn amplify and relay the signal to additional buildings, acting

98 TOPIC 9. WIRELESS DATA APPLICATIONS as repeaters would in an Ethernet network. Wireless Broadband requires a line of site connection between each repeater. The fact that each building which uses the service also acts as a repeater for the signal means that the network is dependent on a reliable power supply being available for the equipment. For this reason most wireless broadband networks will build a substantial amount of redundancy into the system so that the failure of any one node does not take any large part of the network down. There are a number of competing wireless technologies for wireless broadband with speeds varying from 10Mbps over 30 miles to 45Mbps over 5 miles. If you would like to know more about wireless broadband try this link: http://www.mobileinfo.com/broadband/wrls bdbd work.htm 9.5 Summary Wireless networking is still a relatively new technology and there are a wide variety of standards available to implement Personal, Local or Wide area networks. Personal wireless area networks tend to be low bandwidth and short range and are used for linking portable communications equipment Wireless local area networks tend to be high bandwidth and medium range and are used for connecting portable machines to conventional cabled networks or replacing cabled networks Wireless wide area networks tend to be mid bandwidth and high range and are used to provide broadband services to users who do not have access to wired systems. 9.6 End of Topic Test An online assessment is provided to help you review this topic.

GLOSSARY 99 Glossary (WLAN) A Wireless Local Area Network (WLAN) is a network of personal devices networked using the Bluetooth wireless technology. (WPAN) A Wireless Personal Area Network (WPAN) is an ad-hoc network made up of bluetooth enabled devices such as mobile phones, PDAs or laptop computers. (WWAN) A Wireless Wide Area Network(WWAN) is a network using wireless broadband technology Access Control List (ACL) An Access Control List is a file used by the network security module of an operating system. Whenever a file is accessed the Operating System consults the Access Control list to check what permissions the user has for that file. Asymmetric Digital Subscriber Line (ADSL) ADSL is a modem technology which converts existing twisted-pair telephone lines into access paths for multimedia and high-speed data communications. ADSL can transmit up to 9 Mbps download speed and 640 Kbps upload speed. Asynchronous Transfer Mode (ATM) ADSL is a modem technology which converts existing twisted-pair telephone lines into access paths for multimedia and high-speed data communications. ADSL can transmit up to 9 Mbps download speed and 640 Kbps upload speed. Bandwidth Bandwidth describes the amount of data which can be transmitted via a network connection, usually measured in bits per second. Bit A bit is the smallest possible unit of binary information. A bit can be either on or off which can be represented as a1ora0. Bluetooth Bluetooth is a wireless networking protocol which allows devices to connect together to provide services like Internet access, printing and data transfer without the intervention of the user. Broadcasting Broadcasting over a network uses the User Datagram Protocol which does not require an acknowledgment. This is a more efficient use of bandwidth than individual downloads. Byte A byte is a unit of information consisting of 8 bits. A byte is sufficient to store a single character in ASCII code.

100 GLOSSARY Caching A cache is a local copy of data available over a network. When for example a web page is requested, the network software retrieves the page, but also saves it locally. When the page is requested again, it will make it available from the cache, thus speeding up the process of viewing the page. This only works for web pages which do not have dynamic data on them or which have not altered recently. The system works better for graphics and other elements of a web page which do not change very often. Carrier Sense Multiple Access / Collision Detection (CSMA/CD) Carrier Sense Multiple Access / Collision Detection (CSMA/CD) is the protocol used by the Ethernet standard to ensure that machines on a network can transmit data between them without data loss due to two machines transmitting simultaneously. Chatrooms Chatrooms are areas on the Internet where users can communicate using text messages in real time. Chat servers can be accessed using an IRC client which allows you to select different discussion areas which you can join or leave. Checksum A checksum is the result of adding the number of bits in as block of data to be transmitted. The result of this addition is transmitted along with the data. The same calculation is performed by the computer at the receiving end and if the results agree, it is assumed that the data has been transmitted without error. Client-server A Client-Server network is one where there is at least one server which controls access to resources on the network. Client machines need to access these resources through the server. Collision A collision occurs when two devices transmit simultaneously on an Ethernet network. Connectionless A connectionless network is one where no information about the state of the connection is retained. A packet switched network is a connectionless network is connectionless because the packets may take a variety of different routes to their destination. TCP provides a "virtual" connection oriented network on top of the connectionless network provided by IP. Connection oriented A connection oriented network is one where information about the state of the connection is retained for the duration of the communication session. Content providers Content Providers are organisations which provide information which is available over the Internet. This information may be available free of charge, may be available on subscription or may be subsidised by advertising.

GLOSSARY 101 Cyclic Redundancy Check A Cyclic Redundancy Check is a calculation which is performed on a block of data by treating that block of data as a binary number, and transmitted along with that data. The same calculation is performed by the computer at the receiving end and if the results agree, it is assumed that the data has been transmitted without error. A CRC is a more sophisticated error detection method than a checksum. Datagram A datagram is an Internet Protocol (IP) packet. It contains the source address, the destination address plus the data to be transmitted. Directories A human-powered directory, such as Yahoo, depends on humans for its listings - They categorise web pages by their content and by descriptions submitted by their owners. Domain name Domain Name Service (DNS) is the Internet s on-line mapping system which translates domain names into IP addresses. Domain Name Service (DNS) Domain Name Service (DNS) is the Internet s on-line mapping system which translates domain names into IP addresses. E-commerce E-Commerce refers to the buying and selling products or services over the Internet. Electronic Funds Transfer (EFT) The transfer of funds from one account to another electronically. EFT removes the need to physically transfer cash, and is used for credit card and debit card purchases. Email Email is system of communication which allows users on a network to send text messages and attached files to another user. Email addresses are usually of the form: username@domainname. Email client An email client is a piece of software which can be used to connect to an email server and retrieve electronic mail. Ethernet Ethernet is a Local Area Network technology developed by the Xerox corporation and now recognised as the industry standard. Data is broken into packets which are transmitted using the CSMA/CD algorithm until they arrive at the destination without colliding with any other. The transmitting machine then waits for an acknowledge. Ethernet cables are classified as "XbaseY", e.g. 10base5, where X is the data rate in Mbps, and Y is the category of cabling. The original cable was 10base5 (Thick Ethernet) but most are 10base2 (Thinnet or "Cheapernet") and 10baseT or 100baseT (using UTP cable).

102 GLOSSARY Extensible Hypertext Markup Language (XHTML) Extensible Hypertext Markup Language is a strict version of HTML which conforms to the XML specification. File servers A file server is a dedicated machine on a network which controls access to resources on a network. A file server will usually be running a network operating system and have enough disk space to give every user on the network space to store files. File Transfer protocol (FTP) File transfer is the electronic transfer of a file from one location to another. The original protocol for this was FTP (File Transfer Protocol) but files can also be transferred as attachments to an email or as downloadable links on web pages. Firewall A firewall is software or hardware which protects a local area network from outside access by monitoring and blocking network traffic. Frame A frame is another term for a packet on a network, although frame is normally the term used at the lower levels of the ISO/OSI model. Frames are often used to describe packets on Ethernet networks. Freeware Freeware is software which is distributed free by the programmer, or is a cut down version of a commercial product which is distributed free in the hope that users will purchase the full version. Header A header is the control information which is added to the beginning of a transmitted message or packet. Hosts A host is an intelligent node on a network HTTPS HTTPS is a secure version of the HTTP protocol used for e-commerce. HTTPS uses the Secure Sockets Layer (SSL) to encrypt data being transferred between client and server. Hub A hub is a multi-port repeater in an Ethernet network. Hubs are used to distribute a network connection to a number of machines in a room or an area of a building. Hubs typically have 12 or 24 ports. Hypertext Transfer protocol (HTTP) The HTTP protocol is used by web browsers to request a file from a web browser. HTTP transfers one file at a time and only maintains the connection between client and server while the file is being transferred

GLOSSARY 103 The Integrated Services Digital Network (ISDN) ISDN stands for Integrated Services Digital Network. With ISDN, voice and data are carried by bearer channels (B channels) occupying a bandwidth of 64 Kbps (Kilo-bits per second). Some switches limit B channels to a capacity of 56 Kbps. A data channel (D channel) handles signalling at 16 Kbps or 64 Kbps, depending on the service type. Integrated Subscriber Digital Network (ISDN) ISDN stands for Integrated Services Digital Network. With ISDN, voice and data are carried by bearer channels (B channels) occupying a bandwidth of 64 Kbps (Kilo-bits per second). Some switches limit B channels to a capacity of 56 Kbps. A data channel (D channel) handles signalling at 16 Kbps or 64 Kbps, depending on the service type. Internet The Internet is a global internetwork consisting or millions of computers connected together using a variety of high speed communications systems Home users connect to the Internet using the telephone system. Internet Service Provider (ISP) An Internet Service Provider (ISP) is a commercial organisation which provides access to the Internet usually via telephone line or fibre optic cable. ISPs may charge a monthly rental for this service or may provide it free, recovering their telecommunications costs from the telephone companies. An ISP will usually also provide a POP3 mailbox, access to a news server and some space on their web server for your web pages. Other services such as mail forwarding can also be provided for a fee. Leased line A leased line is a connection which guarantees a permanent connection between two points. Charges vary according to the distance between the two points and the bandwidth required. Local Area Network A Local Area Network (LAN) is a number of computers connected together within a single building or organisation. Local area networks tend to be characterised by high bandwidth, low error rates and short distances between computers. MAC addresses The Media Access Control layer is a sub layer of the Data Link Layer in the ISO/OSI model. A MAC address is the 6 byte number which uniquely identifies an Ethernet Network Interface Card (NIC) Media Access Control (MAC) The Media Access Control layer is a sub layer of the Data Link Layer in the ISO/OSI model. A MAC address is the 6 byte number which uniquely identifies an Ethernet Network Interface Card (NIC) Modems

104 GLOSSARY A modem (modulator-demodulator) is used to transmit binary data over telephone lines. A modem encodes binary data onto an analogue signal at the transmitter side and the analogue signal back into binary data on the receiver side. Multiplexing Multiplexing is the combining of more than one channel into a single communications signal Name resolution The process of mapping a name into its corresponding address. This function is normally performed by the Domain Name Service (DNS) Network A network is one or more computers connected together in a way which allows them to communicate or share data and resources. Network Address Translation (NAT) A LAN can be set up using a set of private IP addresses such as the range 192.168.0.1 to 192.168.1.254 and a proxy server which translates requests from these addresses into a request of its own. This means that only one public IP address is presented to the outside world. Network Interface Card. (NIC) A Network Interface Card (NIC) is an interface fitted inside a personal computer or network terminal which allows it to communicate with other machines over a network. The card technology will vary according to the network used, but every card on a network must have some way of uniquely identifying itself and some means of converting the signals form the computer to a form which can be transmitted over the connection. Network Interface Card (NIC) A Network Interface Card (NIC) is an interface fitted inside a personal computer or network terminal which allows it to communicate with other machines over a network. The card technology will vary according to the network used, but every card on a network must have some way of uniquely identifying itself and some means of converting the signals form the computer to a form which can be transmitted over the connection. Network manager The Network Manager is the person who controls access to services and shared resources on a Local Area Network. Newsgroups Newsgroups are electronic bulletin boards for text based discussion on any subject. Un-moderated newsgroups allow any user to post a message. Moderated newsgroups have an administrator who filters messages before they are posted. Octet An Octet is an 8 bit number. IP addresses consist of 4 octets

GLOSSARY 105 Open Systems Interconnection (OSI) The Open Systems Interconnection (OSI) model of networking was a hierarchical networking model developed to ensure that communications equipment and networking software would be compatible. The OSI model divided the functions of a network into 7 independent layers. Packet A packet on a network is a unit of data which is transmitted as a single object. It is normally used when referring to the upper layers of the ISO.OSI model. A packet usually contains a source address, a destination address and some form of error detection as well as the data itself. If the route which the packet takes is not always the same one, then the packets will need sequencing information to re-assemble them in the correct order at the receiving end. Packet is a more general term than Datagram. Phishing Phishing is the name given to fraudulently extracting credit card and other financial details form individuals using emails and fake company web-sites Point to Point Protocol (PPP) The Point to Point Protocol (PPP) is used over a serial connection such as one between two modems. It can configure connections to a remote network automatically, test that the link is usable and also provide authentication and compression. Post Office Protocol (POP3) Post Office Protocol (POP) is a protocol for client /server email operation. An email client connects to a mail server using POP in order to download mail. Propagation delay The propagation delay of a network is the time it takes for a signal to travel from one end of a link to another. Protocol A protocol is an agreed set of rules for communicating. A protocol will typically define the speed and mode of communication together with the data format which is to be used. Proxy server A proxy Server is a machine which receives requests for internet pages and forwards them. A proxy server can provide a LAN with a single point of access to the Internet and can act as a filter to block access to unsuitable material Random Array of Inexpensive Disks (RAID) Random Array of Inexpensive Disks (RAID) comes in a variety of configurations. The purpose is to ensure that data is not lost when a hard disk fails, and this is achieved by saving enough data on the disk array to enable it to be recreated from the other disks in the event of the failure of one of them.

106 GLOSSARY Router A router is a computer with two network cards which is responsible for routing data from one network to another. A router keeps track of the IP addresses of the computers on the networks connected to its network interface cards and directs IP packets appropriately. A router functions at the Network layer of the OSI model. Search engines A search engine is a service provided on the Internet which indexes web pages. When you enter a term in a search engine it will respond with a list of all the web pages it has indexed where that term occurs. Using a search engine takes practice as it is important to choose the term you search for with care so that the search engine returns a usable number of "hits". Serial Line Internet Protocol (SLIP) Serial Line Internet Protocol (SLIP) modifies a standard Internet Datagram by appending a special SLIP END character to it, which allows Datagrams to be distinguished as separate. SLIP does not provide error correction so it is unsuitable for an error prone connection. Service Provider A Service Provider is a commercial supplier of Internet services such as connection, web space and access to a mail server and a news server. Shareware Shareware is software which requires you to pay a fee to the distributor if you want to continue using it after a certain period of time. Sometimes the trial period is enforced by the software ceasing to function after the period has expired, sometimes the decision is left to the user s conscience. Simple Mail Transfer Protocol (SMTP) Simple Mail Transfer Protocol (SMTP) is the TCP/IP standard protocol for transferring electronic mail messages from one machine to another. An email client will normally use SMTP to send outgoing mail. Socket A socket is a port number together with a source and destination IP address which enables communication between two applications on a network. Spam Spam is a term used to describe electronic junk mail. Spiders Spiders are software agents which are able to search for new web pages by following links, and which create indexes of the contents of these pages. Switch A switch is a device to divide an Ethernet network up into separate collision domains. A switch keeps a database of the address of each machine on the network and only transmits a frame of data for a machine on to the segment of cable which that machine is connected to.

GLOSSARY 107 T1 Tag T1 is the term often used to refer to a leased line providing a 1.544 Mbps connection. A tag is used in an HTML document to give information to a browser about how to display the content of the page. For instance if the p and /p tags surround a piece of text, then that text is treated as a paragraph element. The body and /body tags define the body element on a page which contains the main content. Tags A tag is used in an HTML document to give information to a browser about how to display the content of the page. For instance if the p and /p tags surround a piece of text, then that text is treated as a paragraph element. The body and /body tags define the body element on a page which contains the main content. Tele-working Tele-Working is the ability to work from somewhere geographically separate from the firm you work for. Telnet Telnet is a communications protocol which enables the user to remotely log on to a computer across a network using their machine as if it were a terminal connected to the remote computer. Transmission Control Protocol / Internet Protocol TCP/IP stands for Transmission Control Protocol / Internet Protocol and is responsible for verifying the correct delivery of data from client to server. TCP adds support to detect errors or lost data and to trigger retransmission until the data is correctly and completely received. IP - is responsible for moving packets of data from node to node. IP forwards each packet based on a four byte destination address (the IP address). Trojan A trojan (named after the trojan horse from Greek mythology) is a piece of software which when installed on a user s machine allows someone else to access data on that machine or to take control of it. Trojan software is similar to remote control software in that it opens a port on the internet to allow sending and receiving of control data. UDP The User Datagram Protocol (UDP) allows an application program on one machine to send a Datagram to an application program on another. No checks are made by the sending station or acknowledgments by the receiving station, to confirm that a Datagram has arrived. User Datagram Protocol (UDP)

108 GLOSSARY The User Datagram Protocol (UDP) allows an application program on one machine to send a Datagram to an application program on another. No checks are made by the sending station or acknowledgments by the receiving station, to confirm that a Datagram has arrived. Video conferencing Video Conferencing is a system using video cameras, and a high bandwidth network connection such as an ISDN line which allows a number of people to communicate with each other using sound, video and to share data such as text and graphics even though they are thousands of miles apart. Virtual Private Networking (VPN) Some companies require their employees to travel around the country, but still need to give them secure access to the company network. A Virtual Private Network (VPN) provides this facility enabling users to connect to the company network through the Internet, thus avoiding expensive dedicated telephone lines or call charges. VPN software is also used to secure Wireless Local Area Networks. Virus A Virus is a piece of malicious code which as been inserted into a host program in order to cause damage to or gain control over a computer system. Viruses usually have the ability to propagate themselves over a network and some can change their characteristics in order to avoid detection. Voice Over IP Voice over IP (VoIP) is the process of sending digitized speech across an IP network. Although it refers to any speech transmitted in this way, the most common application for VoIP is IP telephony. Wired Equivalent Privacy (WEP) This is an encryption system supplied as part of the IEEE802.11b wireless networking standard, which although providing encryption, has been criticised because of the ease with which it can be cracked. Wireless Application protocol (WAP) Wireless Application Protocol (WAP) is a protocol which runs on mobile phones and provides a universal open standard for bringing Internet content to mobile phones and other wireless devices. Wireless Local Area Network (WLAN) A Wireless Local Area Network (WLAN) is a network of personal devices networked using the Bluetooth wireless technology. Wireless personal area network (WPAN) A Wireless Personal Area Network (WPAN) is an ad-hoc network made up of bluetooth enabled devices such as mobile phones, PDAs or laptop computers. Wireless Wide Area Network (WWAN) A Wireless Wide Area Network(WWAN) is a network using wireless broadband technology

GLOSSARY 109 World Wide Web (WWW) The World Wide Web is the term used to describe that part of the Internet which can be accessed using hyperlinks on Web pages Worm A Worm is a malicious program which propagates itself over a network in order cause damage or to or gain control over computer systems. Unlike a virus, a worm does not require a host program in order to function.

110 ANSWERS: TOPIC 1 Answers to questions and activities 1 Common Network Protocols Revision (page 3) Q1: c) A unique number which identifies a computer on a network Q2: a) Text Q3: b) To translate user-friendly domain names into IP addresses

ANSWERS: TOPIC 2 111 2 The OSI Network Model Revision (page 14) Q1: a) A device on a network with a unique IP address Q2: b) A connection between two nodes Q3: d) A switch cannot reduce the number of collisions on a local area network

112 ANSWERS: TOPIC 3 3 IP addresses and the Domain Name Service Revision (page 20) Q1: c) A networked machine running a mail server Q2: d) A multi-port repeater (hub) Q3: c) A unique number which identifies a computer on a network Q4: b) To translate user-friendly domain names into IP addresses

ANSWERS: TOPIC 4 113 4 The World Wide Web (WWW) Revision (page 33) Q1: c) A clickable link on a web page which links to another page on the Internet Q2: c) A host Q3: d) "Scottish football"

114 ANSWERS: TOPIC 5 5 The Implications of the WWW Revision (page 45) Q1: b) The ability to use the Internet for economic transactions Q2: c) Buying goods over the Internet Q3: a) Every computer connected to the Internet needs a unique IP address and ISPs provide these.

ANSWERS: TOPIC 6 115 6 Network Security Revision (page 61) Q1: c) Because the network software needs to know who you are in order to give you access to networked resources Q2: b) Encoding the file so that it can only be decoded if you have the correct password Q3: d) Because there may be material unsuitable for young people on the Internet

116 ANSWERS: TOPIC 7 7 Denial of Service Attacks and Disaster Recovery Revision (page 72) Q1: c) A C and D Q2: a) All the nodes on the segment fail Q3: b) The nodes connected to that channel fail Q4: d) No effect

ANSWERS: TOPIC 8 117 8 Data Transmission Revision (page 81) Q1: c) Dialup modem Q2: c) Broadcast Q3: a) Phone calls don t cost anything because they are transmitted over the Internet

118 ANSWERS: TOPIC 9 9 Wireless Data Applications Revision (page 94) Q1: c) 10 Metres Q2: a) Ethernet Q3: a) A WLAN has multiple users a WPAN normally does not