Computer Network

Computer Network
A computer network is a set of one or more computers connected to share data and resources, like access to the Internet, file servers, printers, and many other types of information. This connection gives authorized users the ability to access information stored on other computers on the network. Computer networking has made many electronic human-to-human communications, electronic businesses, and even teleworking possible. Computers can be connected via cabling, most commonly the Ethernet cable, or wirelessly through radio waves. [1]

Internet
Although many people use the terms Internet and the World Wide Web interchangeably, they are not the same. According to Wikipedia, “The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks that consists of private, public, academic, business, and government networks of local to global scope, linked by a broad array of electronic, wireless, and optical networking technologies.” The internet has a wide range of resources and services such as the applications of the World Wide Web (WWW), e-mail, and peer-to-peer networks for file sharing. [1]

The Differences Between Internet and Intranet
Internet is a wide network of computers open for everyone; whereas, intranet is a network of computers designed for a specific group of users. Internet in itself contains numerous amounts of intranets. Although intranet may be accessible from the Internet, it restricted and protected by a password. Therefore, only allowing authorized users to access it. This leaves the number of users using the intranet very limited; whereas, the number of users using internet much unlimited. Consequently, the traffic allowed is also very limited in intranet; whereas, compared to intranet, internet has unlimited visitors traffic. Moreover, internet contains various sources of information and is available to everyone. However, Internet contains only specific group information. [2]

Client-Server Architecture
Client-server architectures, also known as two-tier-architecture, is a network architecture consisting of clients and servers. Each computer or process is either a client or a server. Servers are powerful computers or processes. There are different types of servers, according to their function – e.g. managing disk drives (file servers), printers (print servers) or network traffic (network servers). Clients are either PCs or workstations on which users run applications. Clients rely on servers for resources, such as files, devices and even processing power. [3]

Peer-To-Peer Architecture
Another type of network architecture is the peer-to-peer architecture (peer-to-peer/P2P). Each workstation has equivalent capabilities and responsibility. Compared to the client-server architecture, „P2P” is simpler, but it cannot offer the same performance as client-server architecture under heavy load. [4]

PAN, LAN, MAN, WAN
PAN, LAN, MAN, WAN are different network types. The „N” in the end stands for „Network”. [5]

PAN
„Personal Area Network” is a network covering a small (personal) area (e.g. a room). The most popular PANs are Bluetooth (wireless PAN), USB (wired PAN).

LAN
„Local Area Network” is a network covering a local area. The most common method is Wi-Fi (wireless LAN), although the wired LAN is still used. (Modern) wired or wireless LANs are based on Ethernet.

MAN
„Metropolitan Area Network” connects nodes located in the same metropolitan area – e.g. a company has different offices in one metropolitan area (for example Tokyo-Yokohama) and they are connected via a network.

WAN
„Wide Area Network” covers an area wider than LAN. The Range is not clear. It can reach from connecting belonging campus buildings up to satellite links connecting location in different countries. The most popular WAN is the Internet (it is basically a collection of other networks).

IP ADDRESS
IP address is the short form of Internet Protocol Address. It is something that is particular to a certain device logged onto a certain TCP/IP network. IP independently acts almost like postal services in which you send packages to a certain destination, however there is no particular link, as such it is combined with Transmission Control Protocol (TCP) to create a link between two different sources. Static and dynamic are two forms of IP address, in which static as the name suggests never changes as you access the internet. Dynamic, however is temporary and hence changes upon each log in onto the network. [6]

IPv4
An IPv4 address is divided into 4 sets of numbers, in which the separation between each set or octet is by dots. The decimal number in each octet ranges from 0 – 255. The system however processes the information as a binary number. In the binary format below, you can see there are 32 bit numbers in IPv4 IP addresses. [6]

IPv6 Implement
Whilst there are 4,294,967,296 available unique IPv4 addresses to be found from the rearrangement of the 32-bit numbers, eventually they will run out. Therefore, IPv6 addresses were created in order to accommodate more people since it has 128 bit numbers, which is far more than the 32-bit numbers offered by IPv4. [7]

Domain Address
Domain names/addresses essentially represent one or more IP addresses. They are used in URL’s and particularly contain a suffix which belongs to a top-level domain, such as “.com”, which stands for commercial business. [8]

DNS
DNS stands for Domain Name System and it’s a naming system for computers, services or any resource connected to the Internet or private network. For people in daily life we just think of it as a website address (www.facebook.com or www.lf1.cuni.cz). IP address stands for Internet Protocol address. To make it simple an IP address is the actual address to the Internet websites and the DNS are there to make it easier for people to find the websites. An IP address has a numerical label assigned to each device. When people in daily life refers to an IP address its usually IPv4. The DNS supports the lookup of IP addresses because it makes it easier for people to find the webpage their searching for, and they don’t have to remember a long line of numbers. It’s the connection between the domain name and the IP – address. [8]

MAC Address
Every electrical equipment has a unique MAC address. It’s identification and it contains who produced it and the identification of that unit. You can use the MAC address as a security for your network. [8]

COMMON INTERNET ATTACK METHODS
The internet attack methods can be divided into different categories: 1.	Gathering knowledge and personal information 2.	Interfere with system’s intended function 3.	Consume the system resources uselessly These kinds of attacks can be achieved by using the following methods:

Eavesdropping
with this method, an unauthorized person can intercept communication which can cause sensitive information to be exposed. Passive eavesdropping is when the intruder only listens without interrupting to the networked messages. Active eavesdropping is when the intruder not only listens but also inserts something into the communication stream. With this the intruder, can gather important and restrict knowledge and information [9]

Viruses
A Virus is a self-replication program. It uses files to infect and insert itself into the system. If the operator open the infected file, the virus will be activated and start to interfere with the system function. [9]

Worms
Much like Viruses, the worm replicates itself. The difference between them is that a worm doesn’t need a file to allow it the insertion into the system. There are 2 types of worms: 1.	Mass-mailing worm – this type of worm uses e-mail as its way to infect other computers. 2.	Network-aware worm – once this type of worm selects a target and gets an access to the host it can infect it with Trojan or other types of internet attack methods. The Network-aware worms are a great problem to the internet. Once a worm intrudes into the system it’ll start to interfere with the system function. [9]

Trojans
Trojan appear to the user to be as a guileless and harmless program, but in fact it has a very bad effect on the system function. Most of the time Trojans accompanied with other infecting tools like viruses. [9]

Phishing
is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. [10]

IP Spoofing Attacks
The definition of spoofing is to show a familiar or friendly IP address to the victims so they will think that the package is coming from a trust worthy source; The intruder then gets access to other computers while keeping his identity covered. This sort of attack in the current way internet is being used, cannot be prevented. [9]

Denial of Service (DoS)
This sort of attack basically flooding the system with false requests which make it in an overload state. That leaves the system without the ability to deal with anymore requests which causes it to be without service. [10]

DEFENCE AND DETECTION MECHANISM
There are several different methods of defense and detection mechanisms from Internet attacks. Some of the most common methods are Cryptographic systems, Firewall, Intrusion Detection Systems, Anti-Malware Software and scanners, and Secure Socket Layer (SSL). [11] [12]

Cryptography
Cryptography is the science of providing security for information. It involves the use of codes and transforms the information into unintelligible data. The two basic types of cryptosystems are symmetric and public-key systems (or asymmetric systems). In symmetric systems, both parties use the same key in encryption and decryption transformation whereas in public-key systems, the parties use one secret key and one publicly disclosed key in which both keys are related. [12]

Firewall and Anti-Malware scanners
Firewall is a front-line network security system against intruders that controls incoming and outgoing network traffic. It can be hardware, software- based, or a combination of both. A firewall controls access to the resources of a network through a positive control model. Therefore, this only allows the traffics that are defined in the firewall policy on to the network, while all other traffics are denied. Anti-Malware scanners are simply special tools used to detect malicious software such as viruses, worms, and Trojan horses; and cure an infected system. [13]

Differences between Firewall and Anti-Malware
The main differences between firewall and Anti-Malware software are firstly, a firewall is designed to block unauthorized communications. It will not protect the system against malicious software. On the other hand, Anti-Malware software is used specifically for the detection and prevention of these malicious softwares. Secondly, firewall can be implemented in both software and hardware, whereas antivirus program is a software- based application only. [14]