Professional Documents
Culture Documents
Submitted by –
Deepak Khushalani
Mohit Tripathi
1
Merit International Institute of Technology OOTY
22, Havelock Road, Ooty, India - 643 001
Tel: ++ 91-423-2443601-6, 2442486
E-mail: mief@meritworldwide.com, mailmerit@yahoo.com
CERTIFICATE
This is to certify that students of final year BE(Electricals
Electronics and Computer science) at Merit International Institute
of Technology Ooty as per the partial requirements of degree
course have submitted there course summary report and we certify
that they have meet the requirements.
For MERIT
Mr.Ashok Kumar
2
ACKNOWLEDGEMENT
And last but not the least we would like to thank our parents and all those
people who have directly or indirectly helped us in carrying out our
dissertation successfully.
Deepak Khushalani
Mohit Tripathi
3
Index
4
Introduction
Computer on its own is referred to as a stand-alone machine, and most
domestic computer user’s use their PC’s in this way. However even small
commercial organizations may want to link their computers together. Two
computers linked together so that they can exchange data form a network.
However when we think of networks, we tend to think of lots of machines
linked together.
Disadvantages are:
“The network’s down” is a phrase often heard in work places and it can
seriously disrupt the operation of an organisation. Network managers enjoy the
security of tenure of a manger of a premiership football team…
A network consists of two or more computers that are linked in order to share resources
(such as printers and CD-ROMs), exchange files, or allow electronic communications.
The computers on a network may be linked through cables, telephone lines, radio waves,
satellites, or infrared light beams.
5
Local Area Network - A Local Area Network (LAN) is a network that is confined to a
relatively small area. It is generally limited to a geographic area such as a writing lab,
school, or building. Rarely are LAN computers more than a mile apart. In a typical LAN
configuration, one computer is designated as the file server. It stores all of the software
that controls the network, as well as the software that can be shared by the computers
attached to the network. Computers connected to the file server are called workstations.
The workstations can be less powerful than the file server, and they may have additional
software on their hard drives. On most LANs, cables are used to connect the network
interface cards in each computer. See the Topology, Cabling, and Hardware sections of
this tutorial for more information on the configuration of a LAN.
Wide Area Network - Wide Area Networks (WANs) connect larger geographic areas,
such as Florida, the United States, or the world. Dedicated transoceanic cabling or
satellite uplinks may be used to connect this type of network.
Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of
minutes, without paying enormous phone bills. A WAN is complicated. It uses
multiplexers to connect local and metropolitan networks to global communications
networks like the Internet. To users, however, a WAN will not appear to be much
different than a LAN or a MAN.
6
Comparing the two:
In some networks the terminals can act as stand alone machines; in others the
terminals have to access everything from the server. Although these dumb
terminals look like a PC, they cannot do anything, except perhaps the entry
dialogue.
7
LAN CONFIGURATION AND PROTOCOLS
→NETWORK MODELS
When dealing with networking, you may hear the terms "network model" and "network
layer" used often. Network models define a set of network layers and how they interact.
There are several different network models depending on what organization or company
started them. The most important two are:
• The TCP/IP Model - This model is sometimes called the DOD model since it
was designed for the department of defense It is also called the internet model
because TCP/IP is the protocol used on the internet.
• OSI Network Model - The International Standards Organization (ISO) has
defined a standard called the Open Systems Interconnection (OSI) reference
model. This is a seven layer architecture listed in the next section.
8
The three top layers in the OSI model - the application layer, the presentation layer and
the session layer - usually are lumped into one layer in the TCP/IP model.
Application layer - The application layer is used by most programs for network
communication. Data is passed from the program in an application-specific format, then
encapsulated into a transport layer protocol.
Network layer - As originally defined, the Network layer solves the problem of getting
packets across a single network.
Data link layer - The link layer, which is the method used to move packets from the
network layer on two different hosts, is not really part of the Internet protocol suite,
because IP can run over a variety of different link layers. The processes of transmitting
packets on a given link layer and receiving packets from a given link layer can be
controlled both in the software device driver for the network card, as well as on firmware
or specialist chipsets. These will perform data link functions such as adding a packet
header to prepare it for transmission, then actually transmit the frame over a physical
medium.
Physical layer - The Physical layer is responsible for encoding and transmission of data
over network communications media. It operates with data in the form of bits that are
sent from the Physical layer of the sending (source) device and received at the Physical
layer of the destination device.
→ NETWORK TOPOLOGIES
Network topology is the study of the arrangement or mapping of the elements (links,
nodes, etc.) of a network, especially the physical (real) and logical (virtual)
interconnections between nodes. A local area network (LAN) is one example of a
network that exhibits both a physical topology and a logical topology. Any given node in
the LAN will have one or more links to one or more other nodes in the network and the
9
mapping of these links and nodes onto a graph results in a geometrical shape that
determines the physical topology of the network. Likewise, the mapping of the flow of
data between the nodes in the network determines the logical topology of the network. It
is important to note that the physical and logical topologies might be identical in any
particular network but they also may be different.
Linear Bus - A linear bus topology consists of a main run of cable with a terminator at
each end. All nodes (file server, workstations, and peripherals) are connected to the linear
cable. Ethernet and LocalTalk networks use a linear bus topology.
Star - A star topology is designed with each node (file server, workstations, and
peripherals) connected directly to a central network hub or concentrator. Data on a star
network passes through the hub or concentrator before continuing to its destination. The
hub or concentrator manages and controls all functions of the network. It also acts as a
repeater for the data flow. This configuration is common with twisted pair cable;
however, it can also be used with coaxial cable or fiber optic cable.
Tree - A tree topology combines characteristics of linear bus and star topologies. It
consists of groups of star-configured workstations connected to a linear bus backbone
cable. Tree topologies allow for the expansion of an existing network, and enable schools
to configure a network to meet their needs.
Ring - The type of network topology in which each of the nodes of the network is
connected to two other nodes in the network and with the first and last nodes being
connected to each other, forming a ring – all data that is transmitted between nodes in the
network travels from one node to the next node in a circular manner and the data
generally flows in a single direction only.
Mesh - The value of fully meshed networks is proportional to the exponent of the number
of subscribers, assuming that communicating groups of any two endpoints, up to and
including all the endpoints, is approximated by Reed's Law.
Tree (also known as hierarchical) - The type of network topology in which a central 'root'
node (the top level of the hierarchy) is connected to one or more other nodes that are one
level lower in the hierarchy (i.e., the second level) with a point-to-point link between
10
each of the second level nodes and the top level central 'root' node, while each of the
second level nodes that are connected to the top level central 'root' node will also have
one or more other nodes that are one level lower in the hierarchy (i.e., the third level)
connected to it, also with a point-to-point link, the top level central 'root' node being the
only node that has no other node above it in the hierarchy – the hierarchy of the tree is
symmetrical, each node in the network having a specific fixed number, f, of nodes
connected to it at the next lower level in the hierarchy, the number, f, being referred to as
the 'branching factor' of the hierarchical tree.
Hybrid - The hybrid topology is a type of network topology that is composed of one or
more interconnections of two or more networks that are based upon different physical
topologies or a type of network topology that is composed of one or more
interconnections of two or more networks that are based upon the same physical
topology, but where the physical topology of the network resulting from such an
interconnection does not meet the definition of the original physical topology of the
interconnected networks.
Coaxial Cable - Coaxial cabling has a single copper conductor at its center. A plastic
layer provides insulation between the center conductor and a braided metal shield .The
metal shield helps to block any outside interference from fluorescent lights, motors, and
other computers. The most common type of connector used with coaxial cables is the
Bayone-Neill-Concelman (BNC) connector.
Fiber Optic Cable - Fiber optic cabling consists of a center glass core surrounded by
several layers of protective materials. It transmits light rather than electronic signals
eliminating the problem of electrical interference.
11
Wireless LANs - Not all networks are connected with cabling; some networks are
wireless. Wireless LANs use high frequency radio signals, infrared light beams, or lasers
to communicate between the workstations and the file server or hubs. Each workstation
and file server on a wireless network has some sort of transceiver/antenna to send and
receive the data. Information is relayed between transceivers as if they were physically
connected. For longer distance, wireless communications can also take place through
cellular telephone technology, microwave transmission, or by satellite.
→ NETWORK PROTOCOLS
A protocol is a set of rules that governs the communications between computers on a
network. These rules include guidelines that regulate the following characteristics of a
network: access method, allowed physical topologies, types of cabling, and speed of data
transfer.
Ethernet - The Ethernet protocol is by far the most widely used. Ethernet uses an access
method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection). This is a
system where each computer listens to the cable before sending anything through the
network. If the network is clear, the computer will transmit. If some other node is already
transmitting on the cable, the computer will wait and try again when the line is clear.
Token Ring - The Token Ring protocol was developed by IBM in the mid-1980s. The
access method used involves token-passing. In Token Ring, the computers are connected
so that the signal travels around the network from one computer to another in a logical
ring. A single electronic token moves around the ring from one computer to the next.
FDDI - Fiber Distributed Data Interface (FDDI) is a network protocol that is used
primarily to interconnect two or more local area networks, often over large distances. The
access method used by FDDI involves token-passing. Transmission normally occurs on
one of the rings; however, if a break occurs, the system keeps information moving by
12
automatically using portions of the second ring to create a new complete ring. A major
advantage of FDDI is speed. It operates over fiber optic cable at 100 Mbps.
ATM - Asynchronous Transfer Mode (ATM) is a network protocol that transmits data at
a speed of 155 Mbps and higher. ATM works by transmitting all data in small packets of
a fixed size; whereas, other protocols transfer variable length packets. ATM supports a
variety of media such as video, CD-quality audio, and imaging. ATM employs a star
topology, which can work with fiber optic as well as twisted pair cable.ATM is most
often used to interconnect two or more local area networks. It is also frequently used by
Internet Service Providers to utilize high-speed access to the Internet for their clients. As
ATM technology becomes more cost-effective, it will provide another solution for
constructing faster local area networks.
File Servers – A file server stands at the heart of most networks. It is a very fast
computer with a large amount of RAM and storage space, along with a fast network
interface card. The network operating system software resides on this computer, along
with any software applications and data files that need to be shared.
The file server controls the communication of information between the nodes on a
network. For example, it may be asked to send a word processor program to one
workstation, receive a database file from another workstation, and store an e-mail
message during the same time period. This requires a computer that can store a lot of
information and share it very quickly. File servers should have at least the following
characteristics:
13
• 800 megahertz or faster microprocessor (Pentium 3 or 4, G4 or G5)
• A fast hard drive with at least 120 gigabytes of storage
• A RAID (Redundant Array of Inexpensive Disks) to preserve data after a disk
casualty
• A tape back-up unit (i.e. DAT, JAZ, Zip, or CD-RW drive)
• Numerous expansion slots
• Fast network interface card
• At least of 512 MB of RAM
Network Interface Cards - The network interface card (NIC) provides the physical
connection between the network and the computer workstation. Most NICs are internal,
with the card fitting into an expansion slot inside the computer.Laptop computers can
now be purchased with a network interface card built-in or with network cards that slip
into a PCMCIA slot.Network interface cards are a major factor in determining the speed
and performance of a network.
Ethernet Cards - Ethernet cards are usually purchased separately from a computer,
although many computers (such as the Macintosh) now include an option for a pre-
installed Ethernet card. Ethernet cards contain connections for either coaxial or twisted
pair cables (or both) (See fig. 1). If it is designed for coaxial cable, the connection will be
BNC. If it is designed for twisted pair, it will have a RJ-45 connection. Some Ethernet
cards also contain an AUI connector. This can be used to attach coaxial, twisted pair, or
fiber optics cable to an Ethernet card.
14
Ethernet Cards vs. LocalTalk Connections
Ethernet LocalTalk
Token Ring Cards - Token Ring network cards look similar to Ethernet cards. One
visible difference is the type of connector on the back end of the card. Token Ring cards
generally have a nine pin DIN type connector to attach the card to the network cable.
Switch - A concentrator is a device that provides a central connection point for cables
from workstations, servers, and peripherals. In a star topology, twisted-pair wire is run
from each workstation to a central switch/hub. Most switches are active, that is they
electrically amplify the signal as it moves from one device to another. Switches no longer
broadcast network packets as hubs did in the past, they memorize addressing of
computers and send the information to the correct location directly. Switches are:
Repeaters - Since a signal loses strength as it passes along a cable, it is often necessary
to boost the signal with a device called a repeater. The repeater electrically amplifies the
signal it receives and rebroadcasts it. Repeaters can be separate devices or they can be
incorporated into a concentrator. They are used when the total length of your network
cable exceeds the standards set for the type of cable being used. A good example of the
use of repeaters would be in a local area network using a star topology with unshielded
twisted-pair cabling. The length limit for unshielded twisted-pair cable is 100 meters. The
most common configuration is for each workstation to be connected by twisted-pair cable
to a multi-port active concentrator. The concentrator amplifies all the signals that pass
15
through it allowing for the total length of cable on the network to exceed the 100 meter
limit.
Bridges - A bridge is a device that allows you to segment a large network into two
smaller, more efficient networks. If you are adding to an older wiring scheme and want
the new network to be up-to-date, a bridge can connect the two. A bridge monitors the
information traffic on both sides of the network so that it can pass packets of information
to the correct location. Most bridges can "listen" to the network and automatically figure
out the address of each computer on both sides of the bridge. The bridge can inspect each
message and, if necessary, broadcast it on the other side of the network. The bridge
manages the traffic to maintain optimum performance on both sides of the network. You
might say that the bridge is like a traffic cop at a busy intersection during rush hour. It
keeps information flowing on both sides of the network, but it does not allow
unnecessary traffic through. Bridges can be used to connect different types of cabling, or
physical topologies. They must, however, be used between networks with the same
protocol.
While bridges know the addresses of all computers on each side of the network, routers
know the addresses of computers, bridges, and other routers on the network. Routers can
even "listen" to the entire network to determine which sections are busiest -- they can
then redirect data around those sections until they clear up.
If you have a school LAN that you want to connect to the Internet, you will need to
purchase a router. In this case, the router serves as the translator between the information
on your LAN and the Internet. It also determines the best route to send the data over the
Internet. Routers can:
Unlike operating systems, such as DOS and Windows, that are designed for single users
to control one computer, network operating systems (NOS) coordinate the activities of
multiple computers across a network. The network operating system acts as a director to
16
keep the network running smoothly. The two major types of network operating systems
are:
17
Fig. 2. Client/server network
• Centralized - Resources and data security are controlled through the server.
• Scalability - Any or all elements can be replaced individually as needs increase.
• Flexibility - New technology can be easily integrated into system.
• Interoperability - All components (client/network/server) work together.
• Accessibility - Server can be accessed remotely and across multiple platforms.
The following list includes some of the more popular peer-to-peer and client/server
network operating systems.
• AppleShare
• Microsoft Windows Server
• Novell Netware
18
LAN MANAGEMENT AND SERVICES
→ LICENSING
Network licensing helps ensure that your users have access to the right software at the
right time and enables you to control the use of your software licenses easily and
efficiently. Effective use of network licensing software requires investment in planning,
implementation, and maintenance. But, used properly, it can generate significant benefits
for you and your organization.
Yet each network process costs only 30 percent more than a process locked to one
machine. This allows users to recoup the small fee for MathLM almost instantly. Of
course, Wolfram Research supports mixed installations of network and locked processes.
Therefore, those relying on a program extensively will have guaranteed access at any
time--even when colleagues are temporarily using all available network processes.
19
essential stand-alone licenses for key users. Most companies that implement network
licensing also have some stand-alone licenses for special cases.
→ FILE SYSTEMS
A network file system is any computer file system that supports sharing of files, printers
and other resources as persistent storage over a computer network. The first file servers
were developed in the 1970s, and in 1985 Sun Microsystems created the file system
called "Network File System" (NFS) which became the first widely used network file
system. Other notable network file systems are Andrew File System (AFS), NetWare
Core Protocol (NCP), and Server Message Block (SMB), also known as Common
Internet File System (CIFS).
Transparency
Ideally, a network file system should appear to its users to be a conventional, centralized
file system. The multiplicity and dispersion of its servers and storage devices should be
made invisible. That is, the client interface used by programs should not distinguish
between local and remote files. It is up to the network file system to locate the files and to
arrange for the transport of the data.
Performance
The most important performance measurement of a network file system is the amount of
time needed to satisfy service requests. In conventional systems, this time consists of a
disk-access time and a small amount of CPU-processing time. But in a network file
system, a remote access has additional overhead due to the distributed structure. This
includes the time to deliver the request to a server, the time to deliver the response to the
client, and for each direction, a CPU overhead of running the communication protocol
software. The performance of a network file system can be viewed as one dimension of
its transparency: ideally, it would be comparable to that of a conventional file system.
20
Coda
DCE Distributed File System
NetWare Core Protocol (NCP)
Network File System (protocol) (NFS)
Secure File System (SFS)
Self-certifying File System (SFS)
Server Message Block (SMB)
The word domain naming system is commonly abbreviated as DNS. For a domain
naming system, the word domain is defined as a group of workstations and servers which
share a single group name. The word domain also refers to the address of a website on the
Internet. The protocol, the path, the page and the other items are not attached to the
domain.
A trust relationship is a link between domains where the trusting domain honors the
logon validations from the trusted domain. Trust relationships make the network easier to
manage and easier to use because each user needs only a single account in one of the
domains on the network, which can provide access to resources anywhere on the
network.
21
→ PASSWORDS
• What you know, for example a password or PIN number. We know that
these are not foolproof because people use obvious words, divulge their
password, or write it down. Sometimes fraudsters pose as people who
would seem to be authorised to know it. The fraudster runs a program
that appears to be a login procedure and the employee is asked to
supply their password. (Some fraudsters have been known to send bogus
but genuine-looking e-mails to bank customers, to ask for bank details
and PINs. If that happens to you, DO NOT send them details, but let
your bank know. Your bank will never send such an e-mail.)
• What you have, for example an ID card with a barcode or a chip.
• Where you are, using a specified telephone number. This is a call-back
system. The use dials in and enters an ID and a password. After
checking these, the user is called back on a predetermined phone
number.
• Who you are - the computer can check voice-print and/or biometric
data.
These become less effective if users leave their computers logged in. Screen-
savers can come on if there is no keyboard activity for, say, ten minutes. A
password may be needed to restore the system. Or the user can be logged out.
Policies can define a specific user's settings or the settings for a group of users.
The resulting policy file contains the registry settings for all users, groups, and
computers that will be using the policy file. Separate policy files for each user,
group, or computer are not necessary. If you create a policy that will be
automatically downloaded from validating domain controllers, you should name
the file NTConfig.POL. As system administrator, you have the option of renaming
the policy file and, by modifying the Windows NT-based workstation, directing the
computer to update the policy from a manual path. You can do this by either
manually changing the registry or by using the System Policy Editor. This can
even be a local path such that each machine has its own policy file, but if a
change is necessary to all machines, it must be made individually to each
workstation. When a Windows NT4/200x/XP machine logs onto the network, the
client looks in the NETLOGON share on the authenticating domain controller for
the presence of the NTConfig.POL file. If one exists, it is downloaded, parsed, and
then applied to the user's part of the registry. MS Windows 200x/XP clients that
log onto an MS Windows Active Directory security domain may additionally
acquire policy settings through GPOs that are defined and stored in Active
22
Directory itself. The key benefit of using AD GPOs is that they impose no registry
spoiling effect. This has considerable advantage compared with the use of
NTConfig.POL (NT4) style policy updates. In addition to user access controls that
may be imposed or applied via system and/or group policies in a manner that
works in conjunction with user profiles, the user management environment under
MS Windows NT4/200x/XP allows per-domain as well as per-user account
restrictions to be applied. Common restrictions that are frequently used include:
• Logon hours
• Password aging
• Permitted logon from certain machines only
• Account type (local or global)
• User rights
Samba-3.0.20 does not yet implement all account controls that are common to
MS Windows NT4/200x/XP. While it is possible to set many controls using the
Domain User Manager for MS Windows NT4, only password expiry is functional
today. Most of the remaining controls at this time have only stub routines that
may eventually be completed to provide actual control. Do not be misled by the
fact that a parameter can be set using the NT4 Domain User Manager or in the
NTConfig.POL.
• Ethernet
• FDDI
• Token Ring
• ARCnet
• AppleTalk
• Fiber channel - Operates at 256 Mbps or 1 Gbps. It was developed for peripheral
devices like disk arrays, but is now used for point to point networking for full
duples server to server communications. It is the lowest cost 1 Gbps network.
• Gigabit Ethernet - This type of ethernet places ethernet packets in fiber channel
packets. The fiber channel network works like an ethernet bridge.
23
Ethernet
The IEEE 802.3 standard defines ethernet at the physical and data link layers of the OSI
network model. Most ethernet systems use the following:
FDDI
FDDI stands for Fiber Distributed Data Interface. The FDDI standard is ANSI X3T9.5 .
The FDDI topology is ring with two counter rotating rings for reliability with no
hubs. Cable type is fiber-optic. Connectors are specialized. The media access method is
token passing. Multiple tokens may be used by the system. The maximum length is 100
kilometers. The maximum number of nodes on the network is 500. Speed is 100 Mbps.
FDDI is normally used as a backbone to link other networks. A typical FDDI network
can include servers, concentrators, and links to other networks. CDDI is a copper
version of FDDI which uses category 5 cable. Obviously the distance is more limited
than FDDI.
Devices called concentrators provide functions similar to hubs. Most concentrators use
dual attachment station network cards but single attachment concentrators may be used to
attach more workstations to the network.
FDDI token passing allows multiple frames to circulate around the ring at the same time.
Priority levels of a data frame and token can be set to allow servers to send more data
frames. Time sensitive data may also be given higher priority. The second ring in a FDDI
network is a method of adjusting when there are breaks in the cable. The primary ring is
normally used, but if the nearest downstream neighbor stops responding the data is sent
on the secondary ring in attempt to reach the computer. Therefore a break in the cable
will result in the secondary ring being used. There are two network cards which are:
1. Dual attachment stations (DAS) used for servers and concentrators are attached to
both rings.
2. Single Attachment stations (SAS) attached to one ring and used to attach
workstations to concentrators.
A router or switch can link an FDDI network to a local area network (LAN). Normally
FDDI is used to link LANs together since it covers long distances.
24
Token Ring
Developed by IBM, Token Ring, is standardized to IEEE 802.5. Token Ring uses a star
topology, but it is wired so the signal will travel from hub to hub in a logical ring. These
networks use a data token passed from computer to computer around the ring to allow
each computer to have network access. The token comes from the nearest active upstream
neighbor (NAUN). When a computer receives a token, if it has no attached data and the
computer has data for transmission, it attaches its data to the token then sends it to its
nearest active downstream neighbor (NADN). Each computer downstream will pass the
data on since the token is being used until the data reaches its recipient. The recipient will
set two bits to indicate it received the data and transmit the token and data. When the
computer that sent the data receives the package, it can verify that the data was received
correctly. It will remove the data from the token and pass the token to its NADN.
It can use UTP, STP, or fiber optic cable. Maximum cable length is 45 meters with UTP
and 101 meters with STP. Topology is star-wired ring. Uses type 1 STP and type 3 UTP.
Connectors are RJ-45 or IBM type A. Minimum length between nodes is 2.5 meters.
Maximum number of hubs or segments is 33. Maximum nodes per network is 72 nodes
with UTP and 260 nodes with STP. Speed is 4 or 16 Mps. IEEE 802.5 defines token ring.
Data frames may be 4,000 to 17,800 bytes long.
A token ring network uses a multistation access unit (MAU) as a hub. It may also be
known as a Smart Multistation Access Unit (SMAU). A MAU normally has ten ports.
Two ports are Ring In (RI) and Ring Out (RO) which allow multiple MAUs to be linked
to each other. The other 8 ports are used to connect to computers.
25
Signals are broadcast across the entire network with computers processing only signals
addressed to them. ARCnet tokens travel based on a station identifier (SID) which each
computer has. Each network card has a DIP switch used to set the SID with an address
between 1 and 255. Signals are generally sent from the lowest numbered station to the
next until they wrap around back to SID of 1. To determine non-existent stations, the
station with the lowest ID indicates it has the token and begins querying IDs of higher
value until it gets a response. Then the next computer does the same until the original
station is queried. This procedure is done when a station is added or removed from the
network or when the network is originally started. The acronym SID is used for a station
identifier with regard to ARCnet, but as used in the Windows NT and Windows 95
operating systems, it refers to the security identification number of a user or group.
AppleTalk
AppleTalk topology is bus. Cable type is STP. The connectors are specialized. The media
access method is CSMA/CA . Maximum segment and network length is 300 meters. The
maximum number of connected segments is 8. There are 32 maximum nodes per segment
with 254 maximum number of nodes per network. Speed is 230.4Kbps. The cabling
system used with AppleTalk is called LocalTalk.
Addressing
Addressing is dynamic with each computer, when powered on, choosing its last used
address or a random address. The computer broadcasts that address to determine if the
address is used. If it is used, it will broadcast another random address until it finds an
unused address.
EtherTalk and TokenTalk provide for use of AppleTalk network protocols on top of
ethernet and token ring architectures respectively.
LocalTalk
LocalTalk uses STP cable and bus topology. Using CSMA/CA for media access,
computers will first determine if any other computers are transmitting, before they
transmit. A packet is transmitted prior to transmitting that alerts other computers that a
transmission will be sent. Usually LocalTalk is only used in small environments.
26
→ SECURITY AND RELATED ISSUES
Firewalls
• A router that examines all packets of data going in and out, checking
source or destination addresses. Packets going to or from unwanted
addresses are barred.
• Special software that restricts traffic to a particular application, for
example e-mail, or Lotus Notes, software that enables several users to
work on the same document at the same time.
• A proxy server that maintains replicated copies of web-pages for easy
access to normal or outside users of the site. Only authorised users can
access the more sensitive information. For example, a college will have
web-pages that anyone can access, usually with details of courses, and a
message from the principal. Only staff and students can access the
intranet through an ID and a password.
Audit Controls
Audit controls can track all network activity:
Special monitoring software can produce statistical profiles on the use of the
network. Each individual user can also be monitored, and any abnormal
behaviour of users can be detected.
27
Performance Monitoring
The network performance can be monitored:
These will help in the management and planning of a network. Bottlenecks can
be identified and sorted out. If more copies of software are being used than
allowed by the licence, then action can be taken.
Encryption
Data passing through a wire or as a radio signal are vulnerable to interception.
Such data can be scrambled or encrypted to make sure they are meaningless to
everyone else other than the intended recipient.Encryption is nothing new; the
Enigma machine used by the Germans in the Second World War were
sophisticated devices. And it took a sophisticated electro-mechanical
computer, Collosus, to crack them. Collosus was faster at decoding Enigma
than a Pentium Processor, so it was a pretty good machine. (Many historians
state that the Germans were good soldiers, but had a blind spot about the
value of good intelligence. The Allies were good at intelligence which won the
war.)
Directories
Directories contain data describing resources such as computers, printers and user
accounts that are contained within a particular network. Directories can be as simple as
text file, such as the /etc.passwd and /etc/group files on traditional Unix systems, which
list the active user accounts and their group permissions, or a directory can be complex
LDAP directory structure such as microsoft's active directory. Directories can contain
authentication data. Authenticating "against" a directory takes two forms: a client
machine can contact a directory, obtain the hashed version of the user's password, hash
the password given by the user, and compare the two. this method is used by NIS, for
example.
28
the other form, employed by most LDAP authentication mechanisms, is to attempt to
bind to the LDAP directory using the crudentials that the user provided.The pam_ldap
PAM module uses this latter method to authenticate against an LDAP directory.
Permissions
Microsoft windows XP to support many different types of partitions(NTFS,FAT16
,FAT32), old and new! network permissions are Microsoft's way of enabling you to
administer file sharing on any typr of partition supported by windows, no mater how
ancient. sure your options will be pretty limited if you are working with the older
partition type, but you can do it. the beauty of windowsNT/2000/xp is that gives you
another tool - NTFS permissions - that can do much more. NTFS is where power lies, but
power always comes with a price: you have to configure two seperate sets of permissions,
so if you are sharing a folder on an NTFS drive, as you normally are these days, you must
set both the network permissions and the NTFS permissions to let others access your
shared resources.
Shares
In network sharing you just give access or permissions shared on LAN to transfer or view
files according to the levels specified once the network ids are setup with IP addresses
specified and communication link build up.
To share a folder right click on the folder or drive to be shared then click on the sharing
and security tab, then in the network sharing and security area highlight the sharing
option and specify the mane with which it can be seen on the network.
29
→ AUDITING
Assessment can be defined as the act of testing network security to determine the strength
of current security measures taken in the network. futhermore auditing can be defined as
teh act of examining, evaluating and recording security measures. so basically both the
terms mean similar but in laymans language have to be assessed together to prevent
hacking of the network in means of theft , piracy and many more terms related to cyber
crime. So hence we require lot of securities firewalls and auditing is the means of testing
of those measures.
30
The printer can be physically cabled to the PC running the Network OS. Print jobs are
submitted by clients to the printserver software on the fileserver, which sends them down
the parallel or serial cable to the printer. The printer must be physically close to the
fileserver. This kind of printserving is popular in smaller workgroup networks, in smaller
offices.
It is possible to run a print server program on a cheap PC that is located next to the
printer and plugged into it via parallel cable. This program simply acts as a pass-through
program, taking network packets from the network interface and passing them to the
printer. This kind of server doesn't allow any manipulation of print jobs, jobs usually
come from a central fileserver, where jobs are controlled.
The HP JetDirect Internal is the best known printserver of this type. It is inserted into a
slot in the printer case, and it works identically to the external JetDirect units.
31
Printspooling is an integral part of network printing. Since the PC can spit out data much
faster than the printer can accept it, the data must be buffered in a spool at some location.
In addition, because many clients share printers, when clients send print jobs at the same
time, jobs must be placed on a queue so that one can be printed after the other.
To share the printer, I opened the Printers and Faxes folder on the computer that was
connected to my printer.
That's it—the printer was immediately available for other computers to use.
Now that I had a network printer, I was ready to connect to it and print from other
computers on the network.
32
•Instead of adding a local printer, though, I clicked Printer Connection and then
browsed the network for the printer.
The whole process took less than a minute before I was printing to the network printer as
though it was connected to the computer.
→MONITORING ISSUES
• Quality of data - how complete is the logging data sent to logging systems and are
logging systems working as designed.
• Volume of traffic - how much data volume is being stored and is it possible to
effectively analyze it.
• Spatial distribution - where is the data coming from within the organization.
• More sophisticated attacks - do data analysis systems have the capability to detect
sophisticated attacks embedded within the data collected.
• Complexity of the networks - how complex is our network and does its complexity
outstrip our ability of our analysis systems to comprehend the attacks taking place on it.
• Encryption .
• Protection of reported network data.
• Keeping dust level to the minimum and cleaning the server workstation with blowers
whenever possible.
33
• Providing the server with as many cooler fans as possible to keep the heat level of the
processor as well as the machine to the minimum.
• Keeping track of the access limits to different hierarchy of users and implementing
firewalls wherever possible and to keep a check for loop holes and vires definations by
using a anti virus.
→ TROUBLESHOOTING
Eg : if the lan card is not functioning : then according to the above steps
1> Calm your self to search the problem as banging the machine is not a solution.
2> Then set your goal that you wont make the problem worse in the troubleshooting
process
3> Then why is the problem being caused like hardware or is it software related.
4> Then recheck whether it is the same problem.
5,6,7> If hardware then check whether the slot where lan card is placed is properly
functioning if yes then check the card if yes then the problem is software related
then perform the nic check if that is also working then it is the network media
problem. Whatever is the cause once determined replace it with spare or get the
cause fixed or else call an expert.
8> Once fixed recheck whether the cause is not creating trouble once again
9,10> Take precaution that you don’t create that problem again.
34
→ ON-LINE HELP
The method for managing system resources required for communication between a
source device and a sink device includes the steps of (a) initially allocating system
resources presently required to the source device, (b) monitoring the format of the output
bit stream of the source device in a state in which communication between the two
devices is maintained, (c) allocating additional system resources to the source device or
releasing redundant system resources from the source device, under the lead of the source
device when it is determined as a result of monitoring that the requirements for system
resources have changed, and (d) detecting final system resources and releasing the
detected system resources when communication between two devices is terminated.
If there are more copies of the software being used than is allowed for in the licence, then
the licence needs to be changed;
Monitoring whether the software is performing as it claims to;
Assessing whether the software is using more resources than it should do;
In the event of a software crash, looking at the software behaviour just before the crash.
Assessing whether all functions are working.
Accounting Software
There are organisations that provide other organisations with network services and charge
for network use. The charge depends on:
Processing time;
35
Time of day.
Like auditing software, patterns of usage can be monitored to encourage users to use the
system at less busy times of the day. It can also help administrators to decide whether
extra resources are used.
Backup: Information technology, backup refers to making copies of data so that these
additional copies may be used to restore the original after a data loss event. These
additional copies are typically called "backups." Backups are useful primarily for two
purposes. The first is to restore a computer to an operational state following a disaster
(called disaster recovery). The second is to restore small numbers of files after they have
been accidentally deleted or corrupted.Backups are typically that last line of defense
against data loss, and consequently the least granular and the least convenient to use.
Since a backup system contains at least one copy of all data worth saving, the data
storage requirements are considerable. Organizing this storage space and managing the
backup process is a complicated undertaking. A data repository model can be used to
provide structure to the storage. In the modern era of computing there are many different
types of data storage devices that are useful for making backups. There are also many
different ways in which these devices can be arranged to provide geographic redundancy,
data security, and portability.Before data is sent to its storage location, it is selected,
extracted, and manipulated. Many different techniques have been developed to optimize
the backup procedure. These include optimizations for dealing with open files and live
data sources as well as compression, encryption, and de-duplication, among others. Many
organizations and individuals try to have confidence that the process is working as
expected and work to define measurements and validation techniques. It is also important
to recognize the limitations and human factors involved in any backup scheme.
Backup teniques:
Data repository models - Any backup strategy starts with a concept of a data repository.
The backup data needs to be stored somehow and probably should be organized to a
degree. It can be as simple as a sheet of paper with a list of all backup tapes and the dates
they were written or a more sophisticated setup with a computerized index, catalog, or
relational database. Different repository models have different advantages. This is closely
related to choosing a backup rotation scheme.
36
Full + Incrementals - A Full + Incremental repository aims to make storing several
copies of the source data more feasible. At first, a full backup (of all files) is taken. After
that an incremental backup (of only the files that have changed since the previous full or
incremental backup) can be taken. Restoring whole systems to a certain point in time
would require locating the full backup taken previous to that time and all the incremental
backups taken between that full backup and the particular point in time to which the
system is supposed to be restored. This model offers a high level of security that
something can be restored and can be used with removable media such as tapes and
optical disks. The downside is dealing with a long series of incrementals and the high
storage requirements.
Full + Differential - A full + differential backup differs from a full + incremental in that
after the full backup is taken, each partial backup captures all files created or changed
since the full backup, even though some may have been included in a previous partial
backup. Its advantage is that a restore involves recovering only the last full backup and
then overlaying it with the last differential backup.
Continuous data protection - This model takes it a step further and instead of
scheduling periodic backups, the system immediately logs every change on the host
system. This is generally done by saving byte or block-level differences rather than file-
level differences.It differs from simple disk mirroring in that it enables a roll-back of the
log and thus restore of old image of data.
37
REFERENCES
• Site: www.google.co.in
• Site: www.wikipedia.org
• Site: www.nevisnetworks.com
• Site: www.networkcomputing.com
• Site: www.sdn.sap.com
38