Tutorial Computer Networking, Free Download Software, How to learn Computer Internet
Rabu, 28 November 2007
Jumat, 27 April 2007
Communication Networks
Introduction to Data Communications
Sabtu, 24 Maret 2007
Building Internet Firewalls Second Edition
- Chapter 1, "Why Internet Firewalls?", introduces the major risks associated with using the Internet today; discusses what to protect, and what to protect against; discusses various security models; and introduces firewalls in the context of what they can and can't do for your site's security.
- Chapter 2, "Internet Services", outlines the services users want and need from the Internet, and summarizes the security problems posed by those services.
- Chapter 3, "Security Strategies", outlines the basic security principles an organization needs to understand before it adopts a security policy and invests in specific security mechanisms.
Part II, "Building Firewalls", describes how to build firewalls.
- Chapter 4, "Packets and Protocols ", describes the basic network concepts firewalls work with.
- Chapter 5, "Firewall Technologies", explains the terms and technologies used in building firewalls.
- Chapter 6, "Firewall Architectures", describes the major architectures used in constructing firewalls, and the situations they are best suited to.
- Chapter 7, "Firewall Design", presents the process of designing a firewall.
- Chapter 8, "Packet Filtering" describes how packet filtering systems work, and discusses what you can and can't accomplish with them in building a firewall.
- Chapter 9, "Proxy Systems", describes how proxy clients and servers work, and how to use these systems in building a firewall.
- Chapter 10, "Bastion Hosts", presents a general overview of the process of designing and building the bastion hosts used in many firewall configurations.
- Chapter 11, "Unix and Linux Bastion Hosts", presents the details of designing and building a Unix or Linux bastion host.
- Chapter 12, "Windows NT and Windows 2000 Bastion Hosts ", presents the details of designing and building a Windows NT bastion host.
Part III, "Internet Services", describes how to configure services in the firewall environment.
- Chapter 13, "Internet Services and Firewalls", describes the general issues involved in selecting and configuring services in the firewall environment.
- Chapter 14, "Intermediary Protocols", discusses basic protocols that are used by multiple services.
- Chapter 15, "The World Wide Web", discusses the Web and related services.
- Chapter 16, "Electronic Mail and News", discusses services used for transferring electronic mail and Usenet news.
- Chapter 17, "File Transfer, File Sharing, and Printing", discusses the services used for moving files from one place to another.
- Chapter 18, "Remote Access to Hosts", discusses services that allow you to use one computer from another computer.
- Chapter 19, "Real-Time Conferencing Services", discusses services that allow people to interact with each other online.
- Chapter 20, "Naming and Directory Services", discusses the services used to distribute information about hosts and users.
- Chapter 21, "Authentication and Auditing Services", discusses services used to identify users before they get access to resources, to keep track of what sort of access they should have, and to keep records of who accessed what and when.
- Chapter 22, "Administrative Services", discusses other services used to administer machines and networks.
- Chapter 23, "Databases and Games", discusses the remaining two major classes of popular Internet services, databases and games.
- Chapter 24, "Two Sample Firewalls", presents two sample configurations for basic firewalls.
Part IV, "Keeping Your Site Secure", describes how to establish a security policy for your site, maintain your firewall, and handle the security problems that may occur with even the most effective firewalls.
- Chapter 25, "Security Policies", discusses the importance of having a clear and well-understood security policy for your site, and what that policy should and should not contain. It also discusses ways of getting management and users to accept the policy.
- Chapter 26, "Maintaining Firewalls", describes how to maintain security at your firewall over time and how to keep yourself aware of new Internet security threats and technologies.
- Chapter 27, "Responding to Security Incidents", describes what to do when a break-in occurs, or when you suspect that your security is being breached.
Part V, "Appendixes", consists of the following summary appendixes:
- Appendix A, "Resources", contains a list of places you can go for further information and help with Internet security: World Wide Web pages, FTP sites, mailing lists, newsgroups, response teams, books, papers, and conferences.
- Appendix B, "Tools", summarizes the best freely available firewall tools and how to get them.
- Appendix C, "Cryptography", contains background information on cryptography that is useful to anyone trying to decrypt the marketing materials for security products.
DNS and BIND Fourth Edition
The Domain Name System is a distributed database. This allows local control of the segments of the overall database, yet the data in each segment is available across the entire network through a client-server scheme. Robustness and adequate performance are achieved through replication and caching.
Programs called name servers constitute the server half of DNS's client-server mechanism. Name servers contain information about some segments of the database and make it available to clients, called resolvers. Resolvers are often just library routines that create queries and send them across a network to a name server.
The structure of the DNS database is very similar to the structure of the Unix filesystem, as shown in Figure 1-1. The whole database (or filesystem) is pictured as an inverted tree, with the root node at the top. Each node in the tree has a text label, which identifies the node relative to its parent. This is roughly analogous to a "relative pathname" in a filesystem, like bin. One label -- the null label, or "" -- is reserved for the root node. In text, the root node is written as a single dot ( .). In the Unix filesystem, the root is written as a slash ( / ).
The first implementation of the Domain Name System was called JEEVES, written by Paul Mockapetris himself. A later implementation was BIND, an acronym for Berkeley Internet Name Domain, which was written for Berkeley's 4.3 BSD Unix operating system by Kevin Dunlap. BIND is now maintained by the Internet Software Consortium.
BIND is the implementation we'll concentrate on in this book and is by far the most popular implementation of DNS today. It has been ported to most flavors of Unix and is shipped as a standard part of most vendors' Unix offerings. BIND has even been ported to Microsoft's Windows NT.
The fourth edition of this book deals with the new 9.1.0 and 8.2.3 versions of BIND as well as the older 4.9 versions. While 9.1.0 and 8.2.3 are the most recent versions as of this writing, they haven't made their way into many vendors' versions of Unix yet, partly because both versions have only recently been released and many vendors are wary of using such new software. We also occasionally mention other versions of BIND, especially 4.8.3, because many vendors continue to ship code based on this older software as part of their Unix products. Whenever a feature is available only in the 4.9, 8.2.3, or 9.1.0 version, or when there is a difference in the behavior of the versions, we try to point out which version does what.
We use nslookup, a name server utility program, very frequently in our examples. The version we use is the one shipped with the 8.2.3 BIND code. Older versions of nslookup provide much, but not quite all, of the functionality in the 8.2.3 nslookup. We've used commands common to most nslookup sin most of our examples; when this was not possible, we tried to note it.
Network Troubleshooting Tools First Edition
This book is not a general introduction to network troubleshooting. Rather, it is about one aspect of troubleshooting -- information collection. This book is a tutorial introduction to tools and techniques for collecting information about computer networks. It should be particularly useful when dealing with network problems, but the tools and techniques it describes are not limited to troubleshooting. Many can and should be used on a regular basis regardless of whether you are having problems.
Some of the tools I have selected may be a bit surprising to many. I strongly believe that the best approach to troubleshooting is to be proactive, and the tools I discuss reflect this belief. Basically, if you don't understand how your network works before you have problems, you will find it very difficult to diagnose problems when they occur. Many of the tools described here should be used before you have problems. As such, these tools could just as easily be classified as network management or network performance analysis tools.
This book does not attempt to catalog every possible tool. There are simply too many tools already available, and the number is growing too rapidly. Rather, this book focuses on the tools that I believe are the most useful, a collection that should help in dealing with almost any problem you see. I have tried to include pointers to other relevant tools when there wasn't space to discuss them. In many cases, I have described more than one tool for a particular job. It is extremely rare for two tools to have exactly the same features. One tool may be more useful than another, depending on circumstances. And, because of the differences in operating systems, a specific tool may not be available on every system. It is worth knowing the alternatives.
The book is about freely available Unix tools. Many are open source tools covered by GNU- or BSD-style licenses. In selecting tools, my first concern has been availability. I have given the highest priority to the standard Unix utilities. Next in priority are tools available as packages or ports for FreeBSD or Linux. Tools requiring separate compilation or available only as binaries were given a lower priority since these may be available on fewer systems. In some cases, PC-only tools and commercial tools are noted but are not discussed in detail. The bulk of the book is specific to Ethernet and TCP/IP, but the general approach and many of the tools can be used with other technologies.
While this is a book about Unix tools, at the end of most of the chapters I have included a brief section for Microsoft Windows users. These sections are included since even small networks usually include a few computers running Windows. These sections are not, even in the wildest of fantasies, meant to be definitive. They are provided simply as starting points -- a quick overview of what is available.
Finally, this book describes a wide range of tools. Many of these tools are designed to do one thing and are often overlooked because of their simplicity. Others are extremely complex tools or sets of tools. I have not attempted to provide a comprehensive treatment for each tool discussed. Some of these tools can be extremely complex when used to their fullest. Some have manuals and other documentation that easily exceed the size of this book. Most have additional documentation that you will want to retrieve once you begin using them.
My goal is to make you aware of the tools and to provide you with enough information that you can decide which ones may be the most useful to you and in what context so that you can get started using the tools. Each chapter centers on a collection of related tasks or problems and tools useful for dealing with these tasks. The discussion is limited to features that are relevant to the problem being discussed. Consequently, the same tool may be discussed in several places throughout the book.
Please be warned: the suitability or behavior of these tools on your system cannot be guaranteed. While the material in this book is presented in good faith, neither the author nor O'Reilly & Associates makes any explicit or implied warranty as to the behavior or suitability of these tools. We strongly urge you to assess and evaluate these tool as appropriate for your circumstances.
Click to Read More/Download
Network Troubleshooting Tools (O'Reilly System Administration)
Essential SNMP First Edition
The Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. Many kinds of devices support SNMP, including routers, switches, servers, workstations, printers, modem racks, and uninterruptible power supplies (UPSs). The ways you can use SNMP range from the mundane to the exotic: it's fairly simple to use SNMP to monitor the health of your routers, servers, and other pieces of network hardware, but you can also use it to control your network devices and even send pages or take other automatic action if problems arise. The information you can monitor ranges from relatively simple and standardized items, like the amount of traffic flowing into or out of an interface, to more esoteric hardware- and vendor-specific items, like the air temperature inside a router.
Given that there are already a number of books about SNMP in print, why write another one? Although there are many books on SNMP, there's a lack of books aimed at the practicing network or system administrator. Many books cover how to implement SNMP or discuss the protocol at a fairly abstract level, but none really answers the network administrator's most basic questions: How can I best put SNMP to work on my network? How can I make managing my network easier?
We provide a brief overview of the SNMP protocol in Chapter 2, "A Closer Look at SNMP" then spend a few chapters discussing issues such as hardware requirements and the sorts of tools that are available for use with SNMP. However, the bulk of this book is devoted to discussing, with real examples, how to use SNMP for system and network administration tasks.
Most newcomers to SNMP ask some or all of the following questions:
- What exactly is SNMP?
- How can I, as a system or network administrator, benefit from SNMP?
- What is a MIB?
- What is an OID?
- What is a community string?
- What is a trap?
- I've heard that SNMP is insecure. Is this true?
- Do any of my devices support SNMP? If so, how can I tell if they are configured properly?
- How do I go about gathering SNMP information from a device?
- I have a limited budget for purchasing network-management software. What sort of free/open source software is available?
- Is there an SNMP Perl module that I can use to write cool scripts?
Click to Read More
Managing NFS and NIS Second Edition
This book is of interest to system administrators and network managers who are installing or planning new NFS and NIS networks, or debugging and tuning existing networks and servers. It is also aimed at the network user who is interested in the mechanics that hold the network together.
We'll assume that you are familiar with the basics of Unix system administration and TCP/IP networking. Terms that are commonly misused or particular to a discussion will be defined as needed. Where appropriate, an explanation of a low-level phenomenon, such as Ethernet congestion will be provided if it is important to a more general discussion such as NFS performance on a congested network. Models for these phenomena will be drawn from everyday examples rather than their more rigorous mathematical and statistical roots.
This book focuses on the way NFS and NIS work, and how to use them to solve common problems in a distributed computing environment. Because Sun Microsystems developed and continues to innovate NFS and NIS, this book uses Sun's Solaris operating system as the frame of reference. Thus if you are administering NFS on non-Solaris systems, you should use this book in conjunction with your vendor's documentation, since utilities and their options will vary by implementation and release. This book explains what the configuration files and utilities do, and how their options affect performance and system administration issues. By walking through the steps comprising a complex operation or by detailing each step in the debugging process, we hope to shed light on techniques for effective management of distributed computing environments. There are very few absolute constraints or thresholds that are universally applicable, so we refrain from stating them. This book should help you to determine the fair utilization and performance constraints for your network.
Click to Read More
SSH: The Secure Shell - The Definitive Guide
TCP/IP Network Administration Third Edition
A clear symbol of this change is the fact that my mother-in-law has a TCP/IP network connection in her home that she uses to exchange electronic mail, compressed graphics, and hypertext documents with other senior citizens. She thinks of this as "just being on the Internet," but the truth is that her small system contains a functioning TCP/IP protocol stack, manages a dynamically assigned IP address, and handles data types that did not even exist a decade ago.
In 1991, TCP/IP was a tool of sophisticated users. Network administrators managed a limited number of systems and could count on the users for a certain level of technical knowledge. No more. In 2002, the need for highly trained network administrators is greater than ever because the user base is larger, more diverse, and less capable of handling technical problems on its own. This book provides the information needed to become an effective TCP/IP network administrator.
TCP/IP Network Administration was the first book of practical information for the professional TCP/IP network administrator, and it is still the best. Since the first edition was published there has been an explosion of books about TCP/IP and the Internet. Still, too few books concentrate on what a system administrator really needs to know about TCP/IP administration. Most books are either scholarly texts written from the point of view of the protocol designer, or instructions on how to use TCP/IP applications. All of those books lack the practical, detailed network information needed by the Unix system administrator. This book strives to focus on TCP/IP and Unix and to find the right balance of theory and practice.
I am proud of the earlier editions of TCP/IP Network Administration. In this edition, I have done everything I can to maintain the essential character of the book while making it better. Dynamic address assignment based on Dynamic Host Configuration Protocol (DHCP) is covered. The Domain Name System material has been updated to cover BIND 8 and, to a lesser extent, BIND 9. The email configuration is based on current version of sendmail 8, and the operating system examples are from the current versions of Solaris and Linux. The routing protocol coverage includes Routing Information Protocol version 2 (RIPv2), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP). I have also added a chapter on Apache web server configuration, new material on xinetd, and information about building a firewall with iptables. Despite the additional topics, the book has been kept to a reasonable length.
TCP/IP is a set of communications protocols that define how different types of computers talk to each other. TCP/IP Network Administration is a book about building your own network based on TCP/IP. It is both a tutorial covering the "why" and "how" of TCP/IP networking, and a reference manual for the details about specific network programs.
Building Internet Firewalls First Edition
What is a firewall, and what does it do for you? A firewall is a way to restrict access between the Internet and your internal network. You typically install a firewall at the point of maximum leverage, the point where your network connects to the Internet. The existence of a firewall at your site can greatly reduce the odds that outside attackers will penetrate your internal systems and networks. The firewall can also keep your own users from compromising your systems by sending dangerous information - unencrypted passwords and sensitive data - to the outside world.
The attacks on Internet-connected systems we are seeing today are more serious and more technically complex than those in the past. To keep these attacks from compromising our systems, we need all the help we can get. Firewalls are a highly effective way of protecting your site from these attacks. For that reason, we strongly recommend you include a firewall in your site's overall Internet security plan. However, a firewall should be only one component in that plan. It's also vital that you establish a security policy, that you implement strong host security, and that you consider the use of authentication and encryption devices that work with the firewalls you install. This book will touch on each of these topics while maintaining its focus on firewalls.
Sendmail Desktop Reference First Edition
The sendmail program is written and maintained by Eric Allman at sendmail.org. Versions V8.7 and earlier are no longer supported and are no longer considered secure. If you are not currently running V8.8, we recommend you upgrade now. This Desktop Reference covers sendmail version 8.8.5.
This Desktop Reference is a companion to the second edition of the sendmail book by Bryan Costales with Eric Allman, published by O'Reilly & Associates. Section numbers herein reference the section numbers in that book. This is a reference guide only - for detail or tutorial information, refer to the full sendmail book.
TCP/IP Network Administration Second Edition
The acceptance of TCP/IP as a worldwide standard and the size of its global user base are not the only things that have changed. In 1991 I lamented the lack of adequate documentation. At the time it was difficult for a network administrator to find the information he or she needed to do the job. Since that time there has been an explosion of books about TCP/IP and the Internet. However, there are still too few books that concentrate on what a system administrator really needs to know about TCP/IP administration and too many books that try to tell you how to surf the Web. In this book I strive to focus on TCP/IP and UNIX, and not to be distracted by the phenomenon of the Internet.
I am very proud of the first edition of TCP/IP Network Administration. In the second edition, I have done everything I can to maintain the essential character of the book while making it better. The Domain Name Service material has been updated to cover the latest version of the BIND 4 software. The email configuration is now based on sendmail version 8, and the operating system examples are from the current versions of Solaris and Linux. The routing protocol coverage has been expanded to include Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP). I have also added new topics such as one-time passwords and configuration servers based on Dynamic Host Configuration Protocol (DHCP) and Bootstrap Protocol (BOOTP). Despite the additional topics, the book has been kept to a reasonable length.
The bulk of this edition is derived directly from the first edition of the book. To emphasize both that times have changed and that my focus on practical information has not, I have left the introductory paragraphs from the first edition intact.
DNS and BIND Third Edition
You see, while you, as a human being, prefer to remember the names of computers, computers like to address each other by number. On an internet, that number is 32 bits long, or between zero and four billion or so.[1] That's easy for a computer to remember, because computers have lots of memory ideal for storing numbers, but it isn't nearly as easy for us humans. Pick ten phone numbers out of the phone book at random, and then try to remember them. Not easy? Now flip to the front of the book and attach random area codes to the phone numbers. That's about how difficult it would be to remember ten arbitrary internet addresses.
[1] And, with IP version 6, it's soon to be a whopping 128 bits long, or between zero and a decimal number with 39 digits.
This is part of the reason we need the Domain Name System. DNS handles mapping between host names, which we humans find convenient, and internet addresses, which computers deal with. In fact, DNS is the standard mechanism on the Internet for advertising and accessing all kinds of information about hosts, not just addresses. And DNS is used by virtually all internetworking software, including electronic mail, remote terminal programs such as telnet, file transfer programs such as ftp, and web browsers such as Netscape Navigator and Microsoft Internet Explorer.
Another important feature of DNS is that it makes host information available all over the Internet. Keeping information about hosts in a formatted file on a single computer only helps users on that computer. DNS provides a means of retrieving information remotely, from anywhere on the network.
More than that, DNS lets you distribute the management of host information among many sites and organizations. You don't need to submit your data to some central site or periodically retrieve copies of the "master" database. You simply make sure your section, called a zone, is up to date on your name servers. Your name servers make your zone's data available to all the other name servers on the network.
Because the database is distributed, the system also needs the ability to locate the data you're looking for by searching a number of possible locations. The Domain Name System gives name servers the intelligence to navigate through the database and find data in any zone.
Of course, DNS does have a few problems. For example, the system allows more than one name server to store data about a zone, for redundancy's sake. But inconsistencies can crop up between copies of the zone data.
But the worst problem with DNS is that despite its widespread use on the Internet, there's really very little documentation about managing and maintaining it. Most administrators on the Internet make do with the documentation their vendors see fit to provide, and with whatever they can glean from following the Internet mailing lists and Usenet newsgroups on the subject.
This lack of documentation means that the understanding of an enormously important internet service - one of the linchpins of today's Internet - is either handed down from administrator to administrator like a closely-guarded family recipe, or relearned repeatedly by isolated programmers and engineers. New administrators of domains suffer through the same mistakes made by countless others.
Our aim with this book is to help remedy this situation. We realize that not all of you have the time or the desire to become DNS experts. Most of you, after all, have plenty to do besides managing a domain or a name server: system administration, network engineering, or software development. It takes an awfully big institution to devote a whole person to DNS. We'll try to give you enough information to allow you to do what you need to do, whether that's running a small domain or managing a multinational monstrosity, tending a single name server or shepherding a hundred of them. Read as much as you need to know now, and come back later if you need to know more.
DNS is a big topic - big enough to require two authors, anyway - but we've tried to present it as sensibly and understandably as possible. The first two chapters give you a good theoretical overview and enough practical information to get by, and later chapters fill in the nitty-gritty details. We provide a roadmap up front, to suggest a path through the book appropriate for your job or interest.
When we talk about actual DNS software, we'll concentrate almost exclusively on BIND, the Berkeley Internet Name Domain software, which is the most popular implementation of the DNS specs (and the one we know best). We've tried to distill our experience in managing and maintaining a domain with BIND into this book - a domain, incidentally, that is one of the largest on the Internet. (We don't mean to brag, but we can use the credibility.) Where possible, we've included the real programs that we use in administration, many of them rewritten into Perl for speed and efficiency.
We hope that this book will help you get acquainted with DNS and BIND if you're just starting out, let you refine your understanding if you're already familiar with them, and provide valuable insight and experience even if you know 'em like the back of your hand.
Rabu, 14 Februari 2007
Maximum Security: Hacker's Guide to Protecting Your Internet Site and Network
- The possibility that readers will use the information maliciously
- The possibility of angering the often-secretive Internet-security community
- The possibility of angering vendors that have yet to close security holes within their software
Wireless LAN Communications
Netizens On the History and Impact of the Net
Introduction By Thomas Truscott
Looking Over the Fence at Networks: A Neighbor's View of Networking Research (2001)
- Intellectual ossification—The pressure for compatibility with the current Internet risks stifling innovative intellectual thinking. For example, the frequently imposed requirement that new protocols not compete unfairly with TCP-based traffic constrains the development of alternatives for cooperative resource sharing. Would a paper on the NETBLT protocol that proposed an alternative approach to control called “rate-based” (in place of “window-based”) be accepted for publication today?
- Infrastructure ossification—The ability of researchers to affect what is deployed in the core infrastructure (which is operated mainly by businesses) is extremely limited. For example, pervasive network-layer multicast remains unrealized, despite considerable research and efforts to transfer that research to products.
- System ossification—Limitations in the current architecture have led to shoe-horn solutions that increase the fragility of the system. For example, network address translation violates architectural assumptions about the semantics of addresses. The problem is exacerbated because a research result is often judged by how hard it will be to deploy in the Internet, and the Internet service providers sometimes favor more easily deployed approaches that may not be desirable solutions for the long run.
At the same time, the demands of users and the realities of commercial interests present a new set of challenges that may very well require a fresh approach. The Internet vision of the last 20 years has been to have all computers communicate. The ability to hide the details of the heterogeneous underlying technologies is acknowledged to be a great strength of the design, but it also creates problems because the performance variability associated with underlying network capacity, time-varying loads, and the like means that applications work in some circumstances but not others. More generally, outsiders advocated a more user-centric view of networking research—a perspective that resonated with a number of the networking insiders as well. Drawing on their own experiences, insiders commented that users are likely to be less interested in advancing the frontiers of high communications bandwidth and more interested in consistency and quality of experience, broadly defined to include the “ilities”—reliability, manageability, configurability, predictability, and so forth—as well as non-performance-based concerns such as security and privacy. (Interest was also expressed in higher-performance, broadband last-mile access, but this is more of a deployment issue than a research problem.) Outsiders also observed that while as a group they may share some common requirements, users are very diverse—in experience, expertise, and what they wish the network could do. Also, commercial interests have given rise to more diverse roles and complex relationships that cannot be ignored when developing solutions to current and future networking problems. These considerations argue that a vision for the future Internet should be to provide users the quality of experience they seek and to accommodate a diversity of interests.
An Introduction to Socket Programming
- to develop a function, tcpopen(server,service), to connect to service.
- to develop a server that we can connect to.
This course requires an understanding of the C programming language and an appreciation of the programming environment (ie. compilers, loaders, libraries, Makefiles and the RCS revision control system).
Netstat Observations:
Inter Process Communication (or IPC) is between host.port pairs (or host.service if you like). A process pair uses the connection -- there are client and server applications on each end of the IPC connection.
Note the two protocols on IP -- TCP (Transmission Control Protocol) and UDP (User Datagram Prototocol). There's a third protocl ICMP (Internet Control Message Protocol) which we'll not look at -- it's what makes IP work in the first place!
TCP services are connection orientated (like a stream, a pipe or a tty like connection) while UDP services are connectionless (more like telegrams or letters).
We recognize many of the services -- SMTP (Simple Mail Transfer Protocol as used for E-mail), NNTP (Network News Transfer Protocol service as used by Usenet News), NTP (Network Time Protocol as used by xntpd(8)), and SYSLOG is the BSD service implemented by syslogd(1M).
The netstat(1M) display shows many TCP services as ESTABLISHED (there is a connection between client.port and server.port) and others in a LISTEN state (a server application is listening at a port for client connections). You'll often see connections in a CLOSE_WAITE state -- they're waiting for the socket to be torn down.
Introduction to Securing Data in Transit
Authentication is a difficult task - computers have no way of knowing that they are 'the computer that sits next to the printer on the third floor' or 'the computer that runs the sales for www.dotcom.com'. And those are the matters which are important to humans - humans don't care if the computer is '10.10.10.10', which is what the computers know.
Introduction to Networking Technologies
Introduction to Intrusion Protection and Network Security
Introduction to the Internet Protocols
Internetwork Troubleshooting Handbook
Internetworking over ATM: An Introduction
High-Speed Networking Technology: An Introductory Survey
- The Principles of High-Speed Networking
- Fibre Optical Technology and Optical Networks
- Local Area Networks (Token-Ring, FDDI, MetaRing, CRMA,Radio LANs)
- Metropolitan Area Networks (DQDB, SMDS)
- High-Speed Packet Switches (Frame Relay, Paris, plaNET)
- High-Speed Cell Switching (ATM)
Computer Networks and Internets
- Motivation and Tools
- Network Programming And Applications
- Transmission Media
- Local Asynchronous Communication (RS-232)
- Long-Distance Communication (Carriers, Modulation, And Modems)
- Packets, Frames, And Error Detection
- LAN Technologies And Network Topology
- Hardware Addressing And Frame Type Identification
- LAN Wiring, Physical Topology, And Interface Hardware
- Extending LANs: Fiber Modems, Repeaters, Bridges, and Switches
- Long-Distance And Local Loop Digital Technologies
- WAN Technologies And Routing
- Connection-Oriented Networking And ATM
- Network Characteristics: Ownership, Service Paradigm, And Performance
- Protocols And Layering
- Internetworking: Concepts, Architecture, and Protocols
- IP: Internet Protocol Addresses
- Binding Protocol Addresses (ARP)
- IP Datagrams And Datagram Forwarding
- IP Encapsulation, Fragmentation, And Reassembly
- The Future IP (IPv6)
- An Error Reporting Mechanism (ICMP)
- UDP: Datagram Transport Service
- TCP: Reliable Transport Service
- Network Address Translation
- Internet Routing
- Client-Server Interaction
- The Socket Interface
- Example Of A Client And A Server
- Naming With The Domain Name System
- Electronic Mail Representation And Transfer
- IP Telephony (VoIP)
- File Transfer And Remote File Access
- World Wide Web Pages And Browsing
- Dynamic Web Document Technologies (CGI, ASP, JSP, PHP, ColdFusion)
- Active Web Document Technologies (Java, JavaScript)
- RPC and Middleware
- Network Management (SNMP)
- Network Security
- Initialization (Configuration)
Computer Networks
- What is a computer network?
- What can we do with a computer network?
Keywords: (IPethernet)-address, TCP/IP, UDP, router, bridge, socket, rpc, rpcgen, server, client, arp, rarp ...
Protocol Layering
Protocol layering is a common technique to simplify networking designs by dividing them into functional layers, and assigning protocols to perform each layer's task.
For example, it is common to separate the functions of data delivery and connection management into separate layers, and therefore separate protocols. Thus, one protocol is designed to perform data delivery, and another protocol, layered above the first, performs connection management. The data delivery protocol is fairly simple and knows nothing of connection management. The connection management protocol is also fairly simple, since it doesn't need to concern itself with data delivery.
Protocol layering produces simple protocols, each with a few well-defined tasks. These protocols can then be assembled into a useful whole. Individual protocols can also be removed or replaced.
The most important layered protocol designs are the Internet's original DoD model, and the OSI Seven Layer Model. The modern Internet represents a fusion of both models.
Complete WAP Security
The Wireless Application Protocol (WAP) is a leading technology for companies trying to unlock the value of the Mobile Internet.
The WAP (Wireless Application Protocol) is a suite of specifications that enable wireless Internet applications; these specifications can be found at http://www.wapforum.org). WAP provides the framework to enable targeted Web access, mobile e-commerce, corporate intranet access, and other advanced services to digital wireless devices, including mobile phones, PDAs, two-way pagers, and other wireless devices. The suite of WAP specifications allows manufacturers, network operators, content providers and application developers to offer compatible products and services that work across varying types of digital devices and networks. Even for companies wary of WAP, individual elements of the WAP standards can prove useful by providing industry-standard wireless protocols and data formats.
The WAP architecture is based on the realization that for the near future, networks and client devices (e.g., mobile phones) will have limited capabilities. The networks will have bandwidth and latency limitations, and client devices will have limited processing, memory, power, display and user interaction capabilities. Therefore, Internet protocols cannot be processed as is; an adaptation for wireless environments is required. The entire suite of WAP specifications are derived from equivalent IETF specifications used on the Internet, modified for use within the limited capabilities in the wireless world.
Furthermore, the WAP model introduces a Gateway that translates between WAP and Internet protocols. This Gateway is typically located at the site of the mobile operator, although sometimes it may be run by an application service provider or enterprise.
BSD Sockets
Asynchronous Transfer Mode (ATM) Technical Overview
- Asynchronous Transfer Mode (ATM)
- High-Speed Cell Switching
- Broadband ISDN
This publication is published by Prentice Hall and will be sold inexternal bookstores.
A new TCP congestion control with empty queues and scalable stability
We describe a new congestion avoidance system designed to maintain dynamic stability on networks of arbitrary delay, capacity, and topology. This is motivated by recent work showing the limited stability margins of TCP Reno/RED as delay or network capacity scale up. Based on earlier work establishing mathematical requirements for local stability, we develop new flow control laws that satisfy these conditions together with a certain degree of fairness in bandwidth allocation. When a congestion measure signal from links to sources is available, the system can satisfy also the key objectives of high utilization and emptying the network queues in equilibrium.
A Comprehensive Guide to Virtual Private Networks, Volume III: Cross-Platform Key and Policy Management
A Comprehensive Guide to Virtual Private Networks, Volume II: IBM Nways Router Solutions
Designing A Wireless Network
Understand How Wireless Communication Works
- Step-by-Step Instructions for Designing a Wireless Project from Inception to Completion
- Everything You Need to Know about Bluetooth,LMDS, 802.11, and Other Popular Standards
- Complete Coverage of Fixed Wireless,Mobile Wireless, and Optical
Wireless Technology
Introduction
You’ve been on an extended business trip and have spent the long hours of the flight drafting follow-up notes from your trip while connected to the airline’s onboard server. After deplaning, you walk through the gate and continue into the designated public access area. Instantly, your personal area network (PAN) device, which is clipped to your belt, beeps twice announcing that it automatically has retrieved your e-mail, voicemail, and videomail.You stop to view the videomail—a finance meeting—and also excerpts from your children’s school play.
Meanwhile, when you first walked into the public access area, your personal area network device contacted home via the Web pad on your refrigerator and posted a message to alert the family of your arrival.Your spouse will know you’ll be home from the airport shortly.
You check the shuttlebus schedule from your PAN device and catch the next convenient ride to long-term parking.You also see an e-mail from your MP3 group showing the latest selections, so you download the latest MP3 play list to listen to on the way home.
As you pass through another public access area, an e-mail comes in from your spouse.The Web pad for the refrigerator inventory has noted that you’re out of milk, so could you pick some up on the way home? You write your spouse back and say you will stop at the store.When you get to the car, you plug your PAN device into the car stereo input port.With new music playing from your car stereo’s MP3 player, you drive home, with a slight detour to buy milk at the nearest store that the car’s navigation system can find.
The minute you arrive home, your PAN device is at work, downloading information to various devices.The data stored on your PAN device is sent to your personal computer (PC) and your voicemail is sent to the Bluetooth playback unit on the telephone-answering device.The PAN device sends all video to the television, stored as personal files for playback. As you place the milk in the refrigerator, the Web pad updates to show that milk is currently in inventory and is no longer needed.The kids bring you the television remote and you check out possible movies
together to download later that night.
Networking with z/OS and Cisco Routers: An Interoperability Guide
- The options and configuration of channel-attached Cisco routers
- The design considerations for combining OSPF-based z/OS systems with Cisco-based EIGRP networks
- A methodology for deploying Quality of Service policies throughout the network
- The implementation of load balancing and high availability using Sysplex Distributor and MNLB (including new z/OS V1R2 support)
We highlight our discussion with a realistic implementation scenario and real configurations that will aid you in the deployment of these solutions. In addition, we provide in-depth discussions, traces, and traffic visualizations to show the technology at work.
Networking Fundamentals, v4.0
- to share resources (files, printers, modems, fax machines)
- to share application software (MS Office)
- increase productivity (make it easier to share data amongst users)
Take for example a typical office scenario where a number of users in a small business require access to common information. As long as all user computers are connected via a network, they can share their files, exchange mail, schedule meetings, send faxes and print documents all from any point of the network.
It would not be necessary for users to transfer files via electronic mail or floppy disk, rather, each user could access all the information they require, thus leading to less wasted time and hence greater productivity.
Imagine the benefits of a user being able to directly fax the Word document they are working on, rather than print it out, then feed it into the fax machine, dial the number etc.
Small networks are often called Local Area Networks [LAN]. A LAN is a network allowing easy access to other computers or peripherals. The typical characteristics of a LAN are,
- physically limited ( less than 2km)
- high bandwidth (greater than 1mbps)
- inexpensive cable media (coax or twisted pair)
- data and hardware sharing between users
- owned by the user
Wireless Network Security 802.11, Bluetooth and Handheld Devices
Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless technologies cover a broad range of differing capabilities oriented toward different uses and needs. Wireless local area network (WLAN) devices, for instance, allow users to move their laptops from place to place within their offices without the need for wires and without losing network connectivity. Less wiring means greater flexibility, increased efficiency, and reduced wiring costs. Ad hoc networks, such as those enabled by Bluetooth, allow data synchronization with network systems and application sharing between devices. Bluetooth functionality also eliminates cables for printer and other peripheral device connections. Handheld devices such as personal digital assistants (PDA) and cell phones allow remote users to synchronize personal databases and provide access to network services such as wireless e-mail, Web browsing, and Internet access. Moreover, these technologies can offer dramatic cost savings and new capabilities to diverse applications ranging from retail settings to manufacturing shop floors to first responders.
A Beginner’s Guide to Network Security
With the explosion of the public Internet and e-commerce, private computers, and computer networks, if not adequately secured, are increasingly vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all represent clear and present dangers to networks. And all computer users, from the most casual Internet surfers to large enterprises, could be affected by network security breaches. However, security breaches can often be easily prevented. How? This guide provides you with a general overview of the most common network security threats and the steps you and your organization can take to protect yourselves from threats and ensure that the data traveling across your networks is safe.
The Internet has undoubtedly become the largest public data network, enabling and facilitating both personal and business communications worldwide. The volume of traffic moving over the Internet, as well as corporate networks, is expanding exponentially every day. More and more communication is taking place via e-mail; mobile workers, telecommuters, and branch offices are using the Internet to remotely connect to their corporate networks; and commercial transactions completed over the Internet, via the World Wide Web, now account for large portions of corporate revenue.