|
Question 2
The Internet has revolutionized
the computer and communications world like nothing before. The invention of the telegraph, telephone, radio, and computer
set the stage for this unprecedented integration of capabilities. The Internet is at once a world-wide broadcasting capability,
a mechanism for information dissemination, and a medium for collaboration and interaction between individuals and their computers
without regard for geographic location.
The Internet represents
one of the most successful examples of the benefits of supported investment and commitment to research and development of
information infrastructure. Beginning with the early research in packet switching, the government, industry and academia have
been partners in evolving and deploying this exciting new technology.
The Internet today
is a widespread information infrastructure, the initial prototype of what is often called the National Information Infrastructure.
Its history is complex and involves many aspects - technological, organizational, and community. And its influence reaches
to the technical fields of computer communications and throughout society increasing use of online tools to accomplish electronic
commerce, information acquisition, and community operations. [1]
1972
The first e-mail program was created by Ray Tomlinson of BBN.
The Advanced Research Projects Agency (ARPA) was renamed The Defense Advanced Research Projects Agency (or DARPA). ARPANET
was currently using the Network Control Protocol or NCP to transfer data. This allowed communications between hosts running
on the same network.
1973
Development began on the protocol later to be called TCP/IP,
it was developed by a group headed by Vinton Cerf from Stanford and Bob Kahn from DARPA. This new protocol was to allow diverse
computer networks to interconnect and communicate with each other.
1974
First Use of term Internet by Vint Cerf and Bob Kahn in paper
on Transmission Control Protocol.
1979
USENET (the decentralized news group network) was created by
Steve Bellovin, a graduate student at University of North Carolina, and programmers Tom Truscott and Jim Ellis. It was based
on UUCP. The Creation of BITNET, by IBM, "Because its Time Network", introduced the "store and forward" network. It was used
for email and listservs.
1981
National Science Foundation created backbone called CSNET 56
Kbps network for institutions without access to ARPANET. Vinton Cerf proposed a plan for an inter-network connection between
CSNET and the ARPANET.
1983
Internet Activities Board (IAB) was created in 1983. On January
1st, every machine connected to ARPANET had to use TCP/IP. TCP/IP became the core Internet protocol and replaced NCP entirely.
The University of Wisconsin created Domain Name System (DNS). This allowed packets to be directed to a domain name, which
would be translated by the server database into the corresponding IP number. This made it much easier for people to access
other servers, because they no longer had to remember numbers.
1984
The ARPANET was divided into two networks: MILNET and ARPANET.
MILNET was to serve the needs of the military and ARPANET to support the advanced research component, Department of Defense
continued to support both networks. Upgrade to CSNET was contracted to MCI. New circuits would be T1 lines,1.5 Mbps which
is twenty-five times faster than the old 56 Kbps lines. IBM would provide advanced routers and Merit would manage the network.
New network was to be called NSFNET (National Science Foundation Network), and old lines were to remain called CSNET.
1985
The National Science Foundation began deploying its new T1 lines,
which would be finished by 1988.
1986
The Internet Engineering Task Force or IETF was created to serve
as a forum for technical coordination by contractors for DARPA working on ARPANET, US Defense Data Network (DDN), and the
Internet core gateway system.
1987
BITNET and CSNET merged to form the Corporation for Research
and Educational Networking (CREN), another work of the National Science Foundation.
1988
Soon after the completion of the T1 NSFNET backbone, traffic
increased so quickly that plans immediately began on upgrading the network again.
1992
Internet Society is chartered. World-Wide Web released by CERN.
NSFNET backbone upgraded to T3 (44.736Mbps).
1993
InterNIC created by NSF to provide specific Internet services:
directory and database services (by AT&T), registration services (by Network Solutions Inc.), and information services
(by General Atomics/CERFnet). Marc Andreessen and NCSA and the University of Illinois develop a graphical user interface to
the WWW, called "Mosaic for X".
1994
No major changes were made to the physical network. The most
significant thing that happened was the growth. Many new networks were added to the NSF backbone. Hundreds of thousands of
new hosts were added to the INTERNET during this time period. Pizza Hut offers pizza ordering on its Web page. First Virtual,
the first cyber bank, opens. ATM (Asynchronous Transmission Mode, 145Mbps) backbone is installed on NSFNET.
1995
The National Science Foundation announced that as of April 30,
1995 it would no longer allow direct access to the NSF backbone. The National Science Foundation contracted with four companies
that would be providers of access to the NSF backbone (Merit). These companies would then sell connections to groups, organizations,
and companies. $50 annual fee is imposed on domains, excluding .edu and .gov domains which are still funded by the National
Science Foundation.
1996 - Present
Most Internet traffic is carried by backbones of independent
ISPs, including MCI, AT&T, Sprint, UUNet, BBN planet, ANS, and more. Currently the Internet Society, the group that controls
the INTERNET, is trying to figure out new TCP/IP to be able to have billions of addresses, rather than the limited system
of today. The problem that has arisen is that it is not known how both the old and the new addressing systems will be able
to work at the same time during a transition period. [2]
Question 3
IPv6 is "Internet Protocol Version 6".
It is the "next generation" protocol designed by the IETF to replace the current version Internet Protocol, IP Version 4 (IPv4).
IPv6 adds many improvements to IPv4 in areas such as security, mobility, quality of service, scalability of the network architecture
and routing. IPv6 is therefore very much suited for scalable and converged networks. A number of transition and coexistence
mechanisms have been developed and are constantly improved in order to make the transition a smooth one. It is expected that
IPv6 will gradually replace IPv4 within the following years, with the two protocols coexisting for many years during a transition
period. Unlike the "old" IPv4 addresses, IPv6 addresses are visualized in hex format and look like this: 2001:08e0:7d83:7d88:4f84:4c74:1d83.
or just 2001:08e0::1 [3]
With the changing character of the Internet
and business networks, the current Internet Protocol (IP), which is the backbone of Transmission Control Protocol (TCP)/IP
networking, is rapidly becoming obsolete. The Internet and most other TCP/IP networks have primarily provided support for
rather simple distributed applications, such as file transfer, electronic mail, and remote access using TELNET. Today, the
Internet is increasingly becoming a multimedia, application-rich environment, led by the huge popularity of the World Wide
Web. In addition, corporate networks have branched out from simple e-mail and file transfer applications to complex client/server
environments and, most recently, intranets that mimic the applications available on the Internet.
Performance
Both LANs and wide area networks (WANs) have advanced to ever-greater
data rates, pushing into hundreds of megabits per second, with plans for gigabit LANs and WANs. In addition, as more services,
especially graphics-based services, become available over the Internet, we can expect that the ratio of external traffic (traffic
that leaves the local network) to internal traffic will rise. With these immense speeds and the increased load, it is critical
that routers perform their functions as rapidly as possible. The router should be able to process and forward IP datagram
fast enough to fully utilize its high-speed links and to keep up with the traffic flow. A major factor is the hardware platform
itself, but the design of the IP also plays a critical role.
Network Service
It should be possible to integrate packets with particular service
classes, perform the routing function on the basis of those classes, and allow the networks along the route to make use of
this class information. In particular, it is important to be able to support real-time services and to specify priority levels
to determine discard strategy in the event of congestion. IPv4 provides minimal assistance in this area. IPv6 enables the
labeling of packets belonging to a particular traffic flow for which the sender requests special handling. This aids
in the support of specialized traffic such as real-time video.
Security Capabilities
IPv6 provides a range of security capabilities; in particular,
IPv6 includes features that support authentication and privacy. As was mentioned, these features can also be incorporated
into IPv4.
IPv6 Addresses
IPv6 addresses are 128 bits in length. Addresses are assigned to individual interfaces on nodes, not to the nodes
themselves. A single interface may have multiple unique unicast addresses. Any of the unicast addresses associated with a
node's interface may be used to uniquely identify that node. The association of long addresses and multiple addresses per
interface enables improved routing efficiency over IPv4. Longer internet addresses allow for aggregating addresses by hierarchies
of network, access provider, geography, corporation, and so on. Such aggregation should make for smaller routing tables and
faster table lookups. The allowance for multiple addresses per interface would allow a subscriber using multiple access providers
across the same interface to have separate addresses aggregated under each provider's address space. [4]
Why IPv6
With the new types of services that we
will have in the future we will not only need IP addresses for personal computers and servers, but for all sorts of devices,
like mobile phones, cars, refrigerators, TV-sets, sensor systems, home games and many more. IPv6 offers a new, clean, well
designed protocol stack which implements all the features of security, Quality of service and configuration. All applications
that are known on IPv4 can be ported to IPv6, with additional features if required. IPv6 is also designed taking into account
the mobile networks, which are expected to be ubiquitous networks of the future providing always on-line, anytime and anywhere.
IPv6 is considered to be the backbone of the future information society.
Here is a list of facts and reasons for IPv6:
-
The number of mobile devices and devices
with embedded Internet stacks will grow by magnitudes over the following years (the ongoing use of IPv4 would create poorly
interconnected islands of IP networks with limited mobility and security between them)
-
IPv6 is MANDATORY for the 3GPP UMTS IMS
(IP Multimedia Subsystem) in release 5
-
IPv6 brings better support for security,
quality of service and mobility
-
IPv6 reduces OPEX of IP networks through
better design and the auto configuration features
-
IPv6 enables ubiquitous networks of the
future providing always on-line, anytime and anywhere
-
IPv6 enables ubiquitous/pervasive computing
and with this a huge amount of new business opportunities and changes in existing business models
-
IPv6 is considered as the backbone of the
future information society. [5]
In addition, reasons for IPv6 also includes:
-
So peer-to-peer functions and VoIP will be easier over IPv6
-
When we look at the traffic on the Internet, 72 percent is peer-to-peer,
so that is what people want. People think 'I want to send a piece of music directly to a friend. I don't want to pay someone
else to do it for me.' At the moment peer-to-peer is facilitated by a server. We need to use that server in order to talk
to each other. With IPv6 we won't need that server anymore. We will each have our own IPv6 address open all the time and can
decide who to publish it to. We will in effect each become little ISPs and we decide who will connect to us and who won't.
-
So where do service providers fit into an IPv6 world, they won’t
become redundant
Question 4
4.1 Domain Name Service (DNS) [7]
Domain Name Service (DNS) is the service used to
convert human readable names of hosts to IP addresses. It can contain alphabetic or numeric letters or the hyphen. It avoids
the underscore. The main function of DNS is the mapping of IP addresses to human readable names. Three main components of
DNS are resolver, name server, and database of resource records (RRs).
The Domain Name System (DNS) is basically a large database
which resides on various computers and it contains the names and IP addresses of various hosts on the internet and various
domains. The Domain Name System is used to provide information to the Domain Name Service to use when queries are made. The
service is the act of querying the database, and the system is the data structure and data itself. The Domain Name System
is similar to a file system in Unix or DOS starting with a root. The domain name system database is divided into sections
called zones. The name servers in their respective zones are responsible for answering queries for their zones. A zone
is a sub-tree of DNS and is administered separately. There are multiple name servers for a zone. There is usually one primary
name server and one or more secondary name servers. A name server may be authoritative for more than one zone.
4.2 Simple Mail Transfer Protocol (SMTP)
[8]
SMTP is an Outgoing Email Server. When someone
speaks of a SMTP server they are referring to an outgoing mail server. The ability to provide E-mail services to clients includes
two critical functions: SMTP and POP3. Together, they provide the means for clients to send outgoing mail and check for new
incoming mail, respectively.
SMTP service
is the side of e-mail that allows clients to send outgoing e-mail messages to any valid e-mail address. The SMTP server performs
two basic but important functions. First, it verifies that anyone attempting to send outgoing e-mail through the SMTP server
has the right to do so. Secondly, it sends the outgoing mail and if undeliverable, sends the message back to the sender. SMTP
is generally used to send messages from a mail client to a mail server. This is why we need to specify both the POP or IMAP
server and the SMTP server when you configure your e-mail application.
4.3 HyperText Transfer Protocol (HTTP) [9,10]
It is the protocol for transferring
hypertext documents that makes the World Wide Web possible. A standard web address (such as http://www.yahoo.com/) is called a URL; the prefix (http in the example) indicates its protocol. HTTP is a data access protocol currently run over TCP and is the basis
of the World-Wide Web. The initial work will be to document existing practice and short-term extensions. Subsequent work will
be to extend and revise the protocol. Directions which have already been mentioned include: improved efficiency, extended
operations, extended negotiation, richer metainformation, ties with security protocols. The HTTP working group will not address
HTTP security extensions as these are expected to be the topic of another working group.
4.4 File Transfer
Protocol (FTP) [11]
FTP is an
older protocol for moving files back and forth over the Internet and other networks. All modern web browsers still speak FTP, which was
sometimes used as a substitute for HTTP in the early days of the web. FTP is still used often as a means of downloading
large files. Many web hosts still offer FTP as the preferred way of uploading new web pages to a web site. However, because
there is no encryption of your password, FTP is not the best choice for this purpose. And since there is no encryption of
the files being moved, FTP is a poor choice indeed for more sensitive information.
Remember that anonymous FTP is a privilege
granted by the organization that owns the computer to which you are connecting, and you should show good manners in your usage.
Don't transfer files you don't need or an excessive amount of material, and try to restrict your transfers to off-peak hours.
Many FTP sites are used very heavily, and you may need patience to connect.
4.5 Hub [12]
Networking hubs are central components of
local area networks (LANs). To understand the role of networking hubs, a basic understanding of LANs is
required. Whenever one or more computers are networked together, a LAN is created. A LAN can be vital at work, but it can also be useful at home. The
purpose of joining computers together in a LAN is to share resources like files, a printer, a scanner, or Internet access.
There are four components in a basic wired hub network: Ethernet wire, Network Interface Cards (NICs), Networking Hubs, Networking Software.
Networking hubs will broadcast all traffic that comes through the hub to all machines or nodes connected to the LAN. Networking
hubs are simple devices that are fine for home use in most cases, but not considered optimal for workplace environments. Networking
hubs can only operate in half-duplex mode (a computer cannot receive and send transmissions at the same time).
4.6 Switch [13]
A network switch is a small hardware device
that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer) of the OSI model.
Network switches
appear nearly identical to network hubs, but a switch generally contains more "intelligence" (and a slightly higher
price tag) than a hub. Unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source and destination device of
that packet, and forwarding it appropriately. By delivering each message only to the connected device it was intended for,
a network switch conserves network bandwidth and offers generally better performance than a hub.
As with hubs, Ethernet implementations of network switches are the most common. Mainstream Ethernet network switches
support 10 Mbps, 100 Mbps, or 10/100 Mbps Ethernet standards.
Different models of network switches support
differing numbers of connected devices. Most consumer-grade network switches provide either four or eight connections for
Ethernet devices. Switches can be connected to each other. Such "daisy chaining" allows progressively larger number of devices
to join the same LAN.
4.7 Firewalls [14]
Firewalls are mainly used as a means
to protect an organization's internal network from those on the outside (internet). It is used to keep outsiders from gaining
information to secrets or from doing damage to internal computer systems. Firewalls are also used to limit the access of individuals
on the internal network to services on the internet along with keeping track of what is done through the firewall. Please
note the difference between firewalls and routers as described in the second paragraph in the IP Masquerading section.
 
4.8 Boot Protocol (BOOTP) [15]
BOOTP (Boot Protocol) may be used to boot remote computers over a network. BOOTP messages are encapsulated inside
UDP messages and therefore its requests and replies are forwarded by routers. BOOTP is defined by RFCs 951 and 1542. The drawing
below illustrates the data encapsulation:
4.9 Dynamic Host Configuration Protocol (DHCP)
[16]
This protocol is used to assign IP addresses
to hosts or workstations on the network. Usually a DHCP server on the network performs this function. Basically it "leases"
out address for specific times to the various hosts. If a host does not use a given address for some period of time, that
IP address can then be assigned to another machine by the DHCP server. When assignments are made or changed, the DHCP server
must update the information in the DNS server. The DHCP protocol is built on BOOTP and replaces BOOTP. Lease Request sends
a broadcast requesting an IP address. Lease Offer sends the above information and marks the offered address as unavailable.
The message sent is a DHCPOFFER broadcast message. Lease Acceptance is the first offer received by the client is accepted.
The acceptance is sent from the client as a broadcast (DHCPREQUEST message) including the IP address of the DNS server that
sent the accepted offer. Other DHCP servers retract their offers and mark the offered address as available and the accepted
address as unavailable. Server lease acknowledgement sends a DHCPACK or a DHCPNACK if an unavailable address was requested.
4.10 SNMP [17]
SNMP lets TCP/IP-based network management clients use a TCP/IP-based internet work
to exchange information about the configuration and status of nodes. The information available is defined by a set of managed
objects referred to as the SNMP Management Information Base (MIB). The subset of managed objects that make up the TCP/IP
portion of the MIB is maintained by each TCP/IP node. SNMP can also generate trap messages used to report significant
TCP/IP events asynchronously to interested clients. Below is a basic diagram illustrating this concept. All SNMP message exchanges
consist of a community name and a data field, which contains the SNMP operation and its associated operands. It is embedded
within a UDP Datagram, inside an IP Packet within an Ethernet frame (see below).
Question 5
Question 6
Introduction Proxy server[18]
A server that sits
between a client application such as, a Web browser, and a real server. It intercepts all requests to the real server to see
if it can fulfill the requests itself. If not, it forwards the request to the real server.
Proxy servers have two main purposes:
-
Improve transfer speed Performance in Utar Internet lab because it allows
large quantity staffs and students can sharing and retrieve the information from website much faster.
-
Filter, it allow to block some high risk website prevent from attack by
virus beside it also can forbidden student to visit some porn website.
-
Security issue is one of the important issues to protect Utar ICTC attack
by hacker or spammer. So it can prevent those private information steal by other party.
Improve Performance: Proxy servers can dramatically improve performance
for groups of users. This is because it saves the results of all requests for a certain amount of time. Consider the case
where both user X and user Y access the World Wide Web through a proxy server. First user X requests a certain Web page, which
we'll call Page 1. Sometime later, user Y requests the same page. Instead of forwarding the request to the Web server where
Page 1 resides, which can be a time-consuming operation, the proxy server simply returns the Page 1 that it already fetched
for user X. Since the proxy server is often on the same network as the user, this is a much faster operation. Real proxy servers
support hundreds or thousands of users. The major online services such as America Online, MSN and Yahoo, for example, employ
an array of proxy servers.
Filter Requests: Proxy servers can also be used to filter requests.
For example, a company might use a proxy server to prevent its employees from accessing a specific set of Web sites.
Why we need?
-
Transfer speed improvement. If the file you requested was received before
to your proxy server, then proxy server will interrupt this file request and you will receive the file directly from proxy.
However need to know, you can got the "speed down" effect. This effect appears when your proxy has long answer time because
there is slow connection between you and your proxy server.
-
Security and privacy. Anonymous proxies destroy information about your computer
in the requests header. So you can safely surf the net and your information will never be used by hackers and spammers.
-
Sometimes you encounter some problems while accessing to web server (for
example, web-chat). You have mistaken while working with some data and / or the server administrator restricted access from
your IP. So you can use the anonymous proxy and try to access again.
Question 7
Introduction of IPtables [19, 20]
IP Filters that are typically used in hardware routers operate
at the IP layer. These filters typically are too coarse to allow for control of applications and systems to keep them safe.
The IPTable application operates at a higher level by filtering TCP and UDP protocols before the data is passed onto the user
applications that can be corrupted. In this section we will look at IP filtering, TCP filtering, and UDP filtering as well
as how IPTables can be configured to perform filtering.
The IPTables program that comes with Linux distributions allows
administrators to configure the operating system so that it allows applications and clients to connect through the network
and stop unwanted applications and clients from communicating and corrupting the operating system.
The Internet Protocol (IP) is a data oriented protocol that
allows multiple hosts to talk to each other across network connections. Data in an IP network are sent in blocks referred
to as packets or datagrams. They typically have a source host, destination host, and source and destination ports associated
with the communication.
Applications that require real time streams or can accept data
loss typically use the user datagram protocol (UDP). This protocol is lighter weight and does not provide reliability or ordering
guarantees. Typical applications that use UDP are online games, streaming media, domain name servers (DNS), or voice over
IP.
When we look at protecting a computer, we typically want to
filter ports and IP addresses. To do this we need to open up the data packets, figure out what protocol is being used, what
the source address and port are as well as the destination address and port to make sure that it is destined for us. Finding
out what port allows us to route the data to a specific application and deliver it for use.
If we configure rules on a computer to drop any traffic destined
for a specific port, the data packets will never be seen by any application. This dropping of traffic effectively creates
a firewall or filter that protect the operating system. The Linux operating system has software configured into the kernel
that inspects packets and either passes the data to the application waiting for the data or drops the data. We can configure
this data by modifying the iptables configuration file located in /etc/sysconfig/iptables.
Filtering packets
The filter table is split up into three separate chains, a list
of rules, filtering packets at specific parts of the routing system on the firewall. The INPUT chain is used to match packets
hitting the firewall host, OUTPUT to match packets originating on the firewall, and FORWARD contains rules to match packets
routed from one interface to another across the firewall.
iptables offers support for connection tracking, which was lacking
in both ipchains and ipfwadm. With connection tracking, the kernel keeps a database of existing connections to allow return
packets for connections to pass through the firewall. Previous Linux firewall implementations had to check for specific packet
types that were common with new connections, or even open ports up for connections. iptables instead allows the state of a
connection to be used in a rule, permitting new or existing connections to be handled differently by the kernel. The connection
tracking processes within iptables also track multiple connections that are associated with each other, such as FTP data traffic,
or ICMP packets returned from a failed connection.
Generally it's a good idea to populate a firewall rule set with
rules to allow all loop back traffic on the firewall, and allow existing connections permitted by other rules to pass traffic
across the firewall. Firewall rules are constructed using a variety of checks, to match our rule against a specific type of
packet, a packet to a host or port, or even a packet to or from a specific interface. Rules are inserted into the specific
chain as desired by the location in the routeing process when we want to check packets. Should a packet match a rule, the
kernel will process the packet based upon the target of the chain, such as dropping the packet, or allowing it to pass through
the firewall unfiltered.
The iptables command manages the kernel iptables system, through
which you can add, insert, and delete rules on the firewall. As we've not selected a specific table, our rules will manipulate
the filter table, and the appropriate chain as defined in the command. Firewall rules are very simple, and have a selection
of attributes which must be matched for the packet to activate the specific target. The structure of a typical firewall rule
entry would be as follows, although IP arguments can be ommitted if they are no necessary for the rule to be matched. You
can find detailed information on the specific format of each argument, and the variety of targets available, within the netfilter
documentation.
There are few reasons why IPTABLE is being adopted:
- The connection-tracking feature of IP Table is a very useful
thing. It can be used to prevent most TCP hijackings for non-IP Masqueraded clients that suffer from poor TCP sequence number
randomization, such as Windows systems, some UNIXes (notably SGI), some IBM system configurations, and many older systems.
Similarity, it can be used to prevent UDP packet hijacking in the same way. This functionality can also prevent attackers
from injecting spurious ICMP packets for cracking and probing.
- Packets can now be matched based on MAC address, the local
process's UID, Time To Live (TTL), or the rate of a class of packets being send. These allow better detection and rejection
of interlopers trying to inject packets or scan a system.
- Incoming packets initiating TCP connections to your organization's
servers can be randomly distributed among a set of servers to spread the load. With IP Tables, you can specify a text string
to precede the logged message, making figuring out why a packet was logged much easier.
- IP Tables has the ability to REDIRECT packets like IP Chains
does, however it also has a generalized DNAT feature that allows arbitrary changing of the destination IP address and port
number. Thus, you can actually disguise where packets of a given service go. This has uses everywhere from Honey Pots and
Tarpits to enforcing the use of a given proxy server for web caching.
Question 8
Introduction for ISPs [21, 22]
Short for Internet Service Provider, a company that provides
access to the Internet. For a monthly fee, the service provider gives you a software package, username, password and access
phone number. Equipped with a modem, you can then log on to the Internet and browse the World Wide Web and USENET, and send
and receive e-mail. In addition to serving individuals, ISPs also serve large companies, providing a direct connection from
the company's networks to the Internet.
Internet Service Providers (ISPs) in Malaysia have: Broadband,
Cable, Wi-fi, Wi-MAX, Wireless, Hotspots & Dial-Up Access. Let me explain more details about the different of the
ISPs:
Broadband
In general, broadband refers to telecommunication in which a
wide band of frequencies is available to transmit information. Because a wide band of frequencies is available, information
can be multiplexed and sent on many different frequencies or channels within the band concurrently, allowing more information
to be transmitted in a given amount of time (much as more lanes on a highway allow more cars to travel on it at the same time).
Cable
A cable modem is a device that enables you to hook up your PC
to a local cable TV line and receive data at about 1.5 Mbps. This data rate far exceeds that of the prevalent 28.8 and 56
Kbps telephone modems and the up to 128 Kbps of Integrated Services Digital Network (ISDN) and is about the data rate available
to subscribers of Digital Subscriber Line (DSL) telephone service
WiMAX
WiMAX (World Interoperability for Microwave Access), based on
the IEEE 802.16 standard, is expected to enable true broadband speeds over wireless networks at a cost point to enable mass
market adoption. WiMAX is the only wireless standard today that has the ability to deliver true broadband speeds and help
make the vision of pervasive connectivity a reality.
There are two main applications of WiMAX today: fixed WiMAX
applications are point-to-multipoint enabling broadband access to homes and businesses, whereas mobile WiMAX offers the full
mobility of cellular networks at true broadband speeds. Both fixed and mobile applications of WiMAX are engineered to help
deliver ubiquitous, high-throughput broadband wireless services at a low cost.
Hotspots
Hotspots are venues that offer Wi-Fi access. The public can
use their laptop, PDA, or Dual-mode phone to access the Internet. Of the estimated 150 million laptops, 14 million PDAs, and
other emerging Wi-Fi devices sold per year for the last few years, most include the Wi-Fi feature.
For venues that have broadband service, offering wireless access
is as simple as purchasing one AP and connecting the AP with the gateway box.
Hotspots are often found at restaurants, train stations, airports,
libraries, coffee shops, bookstores, and other public places. Many universities and schools have wireless networks in their
campus.
Dial-Up Access
Refers to connecting a device to a network via a modem and a
public telephone network. Dial-up access is really just like a phone connection, except that the parties at the two ends are
computer devices rather than people. Because dial-up access uses normal telephone lines, the quality of the connection is
not always good and data rates are limited. In the past, the maximum data rate with dial-up access was 56 Kbps (56,000 bits
per second), but new technologies such as ISDN are providing faster rates.
An alternative way to connect two computers is through a leased
line, which is a permanent connection between two devices. Leased lines provide faster throughput and better quality connections,
but they are also more expensive.
Compare the services and pricing provided by any 2 ISPs in
Malaysia.
Two major ISPs are TM Net (Telekom Malaysia Berhad wholly-owned
company) and JARING (a MIMOS Berhad wholly-owned company).
|
Services |
JARING |
TM Nnet |
Remarks |
|
Internet Services
|
Yes |
Yes |
-
PSTN charge
-
ISP - RM0.01 per min
-
TELCO - RM0.015 per min
-
ISP - RM0.025 per min
-
TELCO - RM0.04 per min
1511 (JARING) |
|
Broadband Services |
Yes |
Yes |
-
TM Net - Offers through fixed and wireless (residential & corporate)
-
JARING - Offers through fixed line (corporate) and wireless (residential &
corporate)
|
|
Data Center Services |
Yes |
Yes |
|
|
Virtual Private Network (VPN) |
Yes |
Yes |
|
|
Satellite Services |
Yes |
No |
|
|
|
|
|
|
ADSL
Package Choices
-
Basic 512k - 512/256 - $17.50
per month
-
Basic 1.0M - 1024/384 - $23.34
per month
-
Soho 1.0M - 1024/384 - $39.25
per month
-
Enterprise ADSL 1.0M - 1024/384
- $110.89 per month
-
Enterprise ADSL 1.5M - 1.5M/1.5M
- $163.95 per month
-
Enterprise ADSL 2.0M - 2.0M/384
- $182.51 per month
-
Corporate ADSL 1.0M - 1024/384
- $163.95 per month
-
Corporate ADSL 1.5M - 1.5M/1.5M
- $278.02 per month
-
Corporate ADSL 2.0M - 2.0M/384
- $315.16 per month
-
Basic Home Package - 512/?
- $26.52 per month
-
Standard Home Package -
1024/? - $33.15 per month
Minimum
Contract Duration
-
Streamyx
- 1 year
-
Jaring - 3 months
Other
Cost
The
users may purchase/rent the equipment from the service providers or purchase their own from third party.
-
Fixed land line - $6.90 basic
rental per month
-
ADSL modem - $2.65 rental
per month
-
Registration fee - $19.90
-
Activation fee - $13.26
-
Wireless station - $397.93
purchase price or $5.31 rental per month
-
Registration fee - $13.26
Question
9
Wireless LAN [23, 24]
Wireless LAN is a wireless local area
network, which is the linking of two or more computers without using wires. It uses radio
communication to accomplish the same functionality that a wired LAN has. WLAN utilizes spread-spectrum technology based on radio waves to enable communication between devices in a limited area, also known as the basic
service set. This gives users the mobility to move around within a broad coverage area and still be connected to the network.
This technology is becoming more and more
popular, especially with the rapid emergence of small portable devices such as PDAs (personal digital assistants).
A wireless network connects computers without using network cables.
Computers use radio communications to send data between each other. You can communicate directly with other wireless computers,
or connect to an existing network through a wireless access point. When you set up your wireless adapter, you select the operating
mode for the kind of wireless network you want.
Peer-to-Peer mode,
also called Ad Hoc mode, works without access points and allows wireless computers to send information directly to other wireless
computers. You can use Peer-to-Peer mode to network computers in a home or small office or to set up a temporary wireless
network for a meeting.
Access
Point (AP)
Access points are two-way transceivers that broadcast data into the surrounding environment. Access points act as a mediator between wired and wireless
network. , a wireless access point (WAP or AP) is a device that connects wireless communication devices together to form a
wireless network. The WAP usually connects to a wired network, and can relay data between wireless devices and wired devices. Several WAPs can link together to form
a larger network that allows "roaming".
Wireless LANs can operate with or without access points, depending on the number
of users in the network. Infrastructure mode uses access points to allow wireless computers to send and receive information.
Wireless computers transmit to the access point, the access point receives the information and rebroadcasts it to other computers.
The access point can also connect to a wired network or to the Internet. Multiple access points can work together to provide
coverage over a wide area.
Health
Wireless
LAN systems use radiowaves similar to those in mobile phones, so they share similar health concerns. Typical power levels from a wireless AP and a mobile phone handset in
an urban environment are similar. However, due to fundamental differences in power levels and modulation, it is difficult
to make a fair comparison. There have not been any significant studies into potential health effects of Wireless LANs.
Carriers
While the overall market penetration
of wireless LANs in the US is approximately 10%, a couple of vertical markets are adopting the technology much more quickly.
Adoption among large education entities about more than 1,000 employees is even faster, with almost 35% of these
organizations having already either piloted or implemented the technology. There are no particular patterns in usage frequency
by vertical market or company size; however, the more staff that have access to the WLAN, and the longer access structures
have been in place, the more reliant respondents tend to be on the technology.
Other than that, Wireless LANs
are being utilized for a wide variety of applications, in an increasingly diverse set of locations and across several key
platform types. Portability is the most important benefit, and also no wired infrastructure, users just pick it up
and move it. It is also easy to set up, and it's quick to get installed. WLAN being able to keep up with e-mail from
wherever users are great, the technology gives users more immediate access to communication.
Enterprises
Mobility is essential. Checking inventory
of companies’ product (large store fixtures) would be impossible with any type of wired equipment, it requires the person
to move around a great deal – and this gives users actual figures in real time.
In addition, enterprises also can reduce time-consuming
for cabling. Ease of implementation and moving offices are key benefits – management don't have to drop cords
and wires of any kind. Cost savings also due to helps a lot for an enterprise. (Primarily as a result of lower cabling/installation
costs)
Other advantages that an enterprise is adopted enthusiastically
are:
-
easier to collaborate with others
-
increased competitive advantage for company
-
reducing errors (by replacing paper with wireless
output)
-
improved company image
-
productivity gains
-
easier to collaborate with others
-
improved company image
-
more efficient use of office space
-
lower support and maintenance costs
Question 10
The proliferation
of technology has created a mobile society consisting of millions of telecommuters, field workers, traveling sales personnel
and home-office workers. Users can connect to their office networks from hotels, airports and other remote locations besides
home. Today, the word 'network' has larger connotations. Network now encompasses the whole process of information creation,
flow, storage and processing. In other words, it is the lifeline of the process of value creation, on which a company thrives.
Today, most companies' host computers can be accessed by their employees whether in their offices over a private communications
network, or from their homes or hotel rooms while on the road through normal telephone line. Network security involves all
activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets
and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then
choosing the most effective set of tools to combat them.
But, the
very features of connectivity and accessibility that make networks so indispensable to contemporary society are today creating unforeseen
consequences - making it important for organizations to adopt security measures. Some have their applications protected with
robust encryption; others are looking to lock down their networks in the face of external threats; still others want to open
their networks up to partners, customers and the mobile workforce, without compromising on security. Adds Ross Wilson, MD,
South Asia and India, RSA Security, "An enterprise's network, information systems, databases and processes are essential for
its survival and must be protected from threats[10]. Unauthorized users can break into an organization’s network to
steal information or create damage. Hackers often target business and financial institutions possessing data that can be further
exploited. This enhances the role of network security today." The importance of network security has even prompted the Indian
Computer Emergency Response Team (CERT-In) to sign a MoU with Cisco Systems on security co-operation. Both parties will work
together to increase Internet security threats faced by critical information infrastructure.This will be done by improving
computer security readiness and raising awareness about the importance of keeping systems and cyber infrastructure secure,
software up-to-date and security practices and procedures current.[10].
Network security ensuring that a system is operational and functional at a given moment, usually provided through redundancy;
loss of availability is often referred to as "denial-of-service" It also Ensuring that individuals maintain the right to control
what information is collected about them, how it is used, who has used it, who maintains it, and what purpose it is used for.
Network security can increase the confidentiality of the information is shared among authorized person or organization. Network
security can increase the Access control .It Ensuring that users access only those resources and services that they are entitled
to access and that qualified users are not denied access to services that they legitimately expect to receive Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are allowed to be accessed
by the network users. Though effective to prevent unauthorized access, this component fails to check potentially harmful contents
such as computer
worms being transmitted over the network Example: setting the password
for the qualified users, only the qualified users can access the network through type their password. It also can increase
the integrity and assurance that the information is authentic and complete and can be relied upon to be sufficiently accurate
for its purpose.Network security also can recovery the file ,and be prepared to pull out backup media and restore from scratch,
or cut to backup servers and net connections, or fall back on a disaster recovery facility.
Network security solutions are
much more easy to deploy than host-based or desktop solutions. Network solutions can protect the entire network through a
centralized solution, whereas host-based security solutions, like anti-virus software, must be deployed on individual machines.
Deploying host-based security is time-consuming and sometimes it is impossible to control the individual's desktop as in the
case of education environments where the university does not "own" the student's computer or in the case of an Internet Service
Provider who does not own its customers' machines.Poor network security may allow malicious users that break into a network
system to access the rest of the internal network more easily. This would enable a sophisticated attacker to read and possible
leak confidential emails and document, delete data and damaged computers – leading to loss of important information
and more. Spiteful intruders may also use computer network and network resources to turn around and attack or spy other sites.
In this way, all evidence of the attack will lead back to the user of the computer network, without exposing the hacker’s
own identify.
"In such a case, a network security
solution is much more efficient and can protect the organization and its users from threats. It's also more difficult to update
and patch host-based solutions since this must be done on each individual machine. In large organizations with thousands of
employees, this can take weeks."Hence, the importance of network security. [25]
|
 |
|
|
|
Enter supporting content here
| | |
|
|
|
