11.1 Networking

From a practical viewpoint, computer users today usually divide the world of networking into two halves:^[1]

^[1] We recommend that readers interested in the history of networks read the excellent Casting the Net: From ARPANET to INTERNET and Beyond..., by Peter H. Salus (Addison-Wesley, 1995).

Local area networks

LANs are high-speed networks used to connect computers at a single location. Although the original Ethernet network was a broadcast network that sent high-frequency transmissions over a coaxial cable (see Figure 11-1), today the term Ethernet is widely taken to refer to a twisted-pair network assembled with hubs or switches that can transmit information at speeds of 10, 100, or 1,000 Mbps (see Figure 11-2). Wireless networks that operate over a relatively short range—within an office or home—also constitute "local area networks." The protocols involved in either case are defined in standards developed by the Institute of Electrical and Electronics Engineers (IEEE).

Wide area networks

WANs are typically slower-speed networks that organizations use to connect their LANs. WANs are often built from leased telephone lines and long-distance data circuits (which may transit satellite links, microwave connections, and fiber optic cables) capable of moving data at speeds between 56 Kbps and gigabits per second. A WAN might bridge a company's offices on either side of a town or on either side of a continent.^[2] Some WANs are shared by several organizations.

^[2] A special kind of WAN link that's become increasingly popular is the Virtual Private Network (VPN). The VPN is a virtual network because the packets travel over the Internet (or some other public network); it's a private network because the data in the packets is encrypted to prevent anyone on the public network from reading it or tampering with it. A VPN can connect multiple locations much more cheaply than leasing lines between them.

Figure 11-1. Ethernet local area network

Figure 11-2. 100Base-T local area network

Some authors also use the terms enterprise networks and metropolitan area networks (MANs). In general, these are simply combinations of LANs and WANs that serve a logically related group of systems.

Many businesses started using LANs in the late 1980s and expanded into the world of WANs in the early 1990s. Nevertheless, the technology to network computers was actually developed in the reverse order: WANs were first developed in the early 1970s to network together timesharing computers that were used by many people at the same time. Later, in the early 1980s, LANs were developed after computers became less expensive and single-user computers became a financial reality.

11.1.1 The Internet

One of the first computer networks was the ARPANET, developed in the early 1970s by universities and corporations working under contract to the Department of Defense's Advanced Research Projects Agency (ARPA, sometimes known over the years as DARPA, depending on whether it was politically appropriate to emphasize the word "Defense"). The ARPANET linked computers around the world and served as a backbone for many other regional and campus-wide networks that sprang up in the 1980s. In the late 1980s, the ARPANET was superseded by the NSFNET, funded in part by the National Science Foundation. Funding for the NSFNET was cut in the early 1990s as commercial networks grew in number and scope.

11.1.1.1 Today's Internet

Today, the descendant of the ARPANET is known as the Internet. The Internet is an IP-based^[3] network that encompasses hundreds of millions of computers and more than a billion users throughout the world. Some of these computer systems are constantly connected, while others are connected only intermittently. Any one of those users can try to send you electronic mail, exchange files with your FTP file server, or break into your system—if your system is configured to allow them the access necessary to do so.

^[3] IP stands for Internet Protocol, the basic protocol family for packet interchange, which we describe later in this chapter.

11.1.1.2 Who's on the Internet?

In the early days of the ARPANET, the network was primarily used by a small group of research scientists, students, and administrative personnel. Security problems were rare: if somebody on the network was disruptive, tracking her down and having her disciplined was a simple matter. In extreme cases, people could lose their network privileges, or even their jobs (which usually produced the same result). In many ways, the Internet was a large, private club.

These days the Internet is not so exclusive. The Internet has grown so large that you can almost never determine the identity of somebody who is trying to break into your system. Attackers may appear to be coming from a university in upstate New York, but the real story could be quite different. Attackers based in the Netherlands could have broken into a system in Australia, connected through that Australian computer to a system in South Africa, and finally connected through the South African system to a New York university. The attackers could then use the New York university as a base of operations to launch attacks against other sites, with little chance of being traced back home. This kind of site hopping is a common practice, sometimes called network weaving or connection laundering.

Even if you are persistent and discover the true identity of your attacker, you may have no course of action: the attacks may be coming from a country that does not recognize breaking into computers as a crime. Or, the attacks may be coming from an agent of a foreign government, as part of a plan to develop so-called "information warfare" capabilities.^[4] There is also activity by organized crime and by some attacks by agents of multinational corporations. In each of these cases, there may be considerable resources arrayed against any attempt to identify and prosecute the perpetrators. Finally, the attacker could be a minor or a person of relatively little means, eliminating any possibility of financial compensation—even if you achieve a conviction.

^[4] Some authorities have speculated (in private) that as many as a third of break-ins to major corporate and government computers in the U.S. at certain times may be the result of "probe" attempts by foreign agents, at least indirectly.

11.1.2 Networking and Unix

Unix has both benefited from and contributed to the popularity of networking. Berkeley's 4.2 release in 1983 provided a straightforward and reasonably reliable implementation of the Internet Protocol (IP), the data communications standard that the Internet uses. That code has since been significantly improved and adopted by the majority of Unix vendors, as well as by vendors of many non-Unix systems.

Today, Unix has many network services, including:

Remote virtual terminals (telnet and ssh)

Let you establish an interactive session on another computer on the network

Remote file services (ftp, scp, and NFS)

Let you access your files on one computer while using another

Information services (http and gopher)

Let you publish information such as text, images, or streaming media that can be accessed on another computer on the network

Electronic mail (postfix, qmail, and sendmail)

Lets you send a message to a user or users on another computer

Electronic directory services (finger, whois, ph, and LDAP)

Let you find out the username, telephone number, and other information about somebody on another computer

Date and time (ntpdate and ntpd)

Let your computer automatically synchronize its clock with other computers on the network

Remote Procedure Call (RPC)

Lets you invoke subroutines and programs on remote systems as if they were on your local machine