11.1 Networking
From a practical viewpoint, computer users today usually divide the
world of networking into two halves:
- Local area networks
-
LANs are high-speed networks used to connect computers at a single
location. Although the original Ethernet network was a broadcast
network that sent high-frequency transmissions over a coaxial cable
(see Figure 11-1), today the term
Ethernet is widely taken to refer to a
twisted-pair network assembled with hubs or switches that can
transmit information at speeds of 10, 100, or 1,000 Mbps (see Figure 11-2). Wireless networks that operate over a
relatively short range—within an office or home—also
constitute "local area networks."
The protocols involved in either case are defined in standards
developed by the Institute of Electrical and Electronics Engineers
(IEEE).
- Wide area networks
-
WANs are typically slower-speed networks that organizations use to
connect their LANs. WANs are often built from leased telephone lines
and long-distance data circuits (which may transit satellite links,
microwave connections, and fiber optic cables) capable of moving data
at speeds between 56 Kbps and gigabits per second. A WAN might bridge
a company's offices on either side of a town or on
either side of a continent. Some WANs are shared by
several organizations.
Some authors also use the terms enterprise
networks and metropolitan area
networks
(MANs). In general, these are simply combinations of LANs and WANs
that serve a logically related group of systems.
Many businesses started using LANs in the late 1980s and expanded
into the world of WANs in the early 1990s. Nevertheless, the
technology to network computers was actually developed in the reverse
order: WANs were first developed in the early 1970s to network
together timesharing computers that were used by many people at the
same time. Later, in the early 1980s, LANs were developed after
computers became less expensive and single-user computers became a
financial reality.
11.1.1 The Internet
One of the first computer networks was
the ARPANET, developed in the early 1970s by universities and
corporations working under contract to the Department of
Defense's Advanced Research Projects Agency (ARPA,
sometimes known over the years as DARPA, depending on whether it was
politically appropriate to emphasize the word
"Defense"). The ARPANET linked
computers around the world and served as a backbone for many other
regional and campus-wide networks that sprang up in the 1980s. In the
late 1980s, the ARPANET was superseded by the NSFNET, funded in part
by the National Science Foundation. Funding for the NSFNET was cut in
the early 1990s as commercial networks grew in number and scope.
11.1.1.1 Today's Internet
Today, the
descendant of the ARPANET is known as the Internet. The Internet is
an IP-based network that encompasses hundreds
of millions of computers and more than a billion users throughout the
world. Some of these computer systems are constantly connected, while
others are connected only intermittently. Any one of those users can
try to send you electronic mail, exchange files with your FTP file
server, or break into your system—if your system is configured
to allow them the access necessary to do so.
11.1.1.2 Who's on the Internet?
In the early days of the ARPANET, the network was primarily used by a
small group of research scientists, students, and administrative
personnel. Security problems were rare: if somebody on the network
was disruptive, tracking her down and having her disciplined was a
simple matter. In extreme cases, people could lose their network
privileges, or even their jobs (which usually produced the same
result). In many ways, the Internet was a large, private club.
These days the Internet is not so exclusive. The Internet has grown
so large that you can almost never determine the identity of somebody
who is trying to break into your system. Attackers may appear to be
coming from a university in upstate New York, but the real story
could be quite different. Attackers based in the Netherlands could
have broken into a system in Australia, connected through that
Australian computer to a system in South Africa, and finally
connected through the South African system to a New York university.
The attackers could then use the New York university as a base of
operations to launch attacks against other sites, with little chance
of being traced back home. This kind of site hopping is a common
practice, sometimes called network
weaving or connection
laundering.
Even if you are persistent and discover the true identity of your
attacker, you may have no course of action: the attacks may be coming
from a country that does not recognize breaking into computers as a
crime. Or, the attacks may be coming from an agent of a foreign
government, as part of a plan to develop so-called
"information warfare"
capabilities. There is also
activity by organized crime and by some attacks by agents of
multinational corporations. In each of these cases, there may be
considerable resources arrayed against any attempt to identify and
prosecute the perpetrators. Finally, the attacker could be a minor or
a person of relatively little means, eliminating any possibility of
financial compensation—even if you achieve a conviction.
11.1.2 Networking and Unix
Unix has both
benefited from and contributed to the popularity of networking.
Berkeley's 4.2 release in 1983 provided a
straightforward and reasonably reliable implementation of the
Internet Protocol (IP), the data communications standard that the
Internet uses. That code has since been significantly improved and
adopted by the majority of Unix vendors, as well as by vendors of
many non-Unix systems.
Today, Unix has many network services,
including:
- Remote virtual terminals (telnet and ssh)
-
Let you establish an interactive session on another computer on the
network
- Remote file services (ftp, scp, and NFS)
-
Let you access your files on one computer while using another
- Information services (http and gopher)
-
Let you publish information such as text, images, or streaming media
that can be accessed on another computer on the network
- Electronic mail (postfix, qmail, and sendmail)
-
Lets you send a message to a user or users on another computer
- Electronic directory services (finger, whois, ph, and LDAP)
-
Let you find out the username, telephone number, and other
information about somebody on another computer
- Date and time (ntpdate and ntpd)
-
Let your computer automatically synchronize its clock with other
computers on the network
- Remote Procedure Call (RPC)
-
Lets you invoke subroutines and programs on remote systems as if they
were on your local machine
|