Network Adapter Facts
A network adapter connects a host to the network medium. Some computers, like
laptops, come with built-in network adapters. Other computers use NICs (network
interface cards) that plug in to the system's expansion slots or which are
external to the computer and connect through an existing computer port.
A common network interface card is one used on an Ethernet network. The table
below describes the components of an Ethernet NIC.
| Component |
Description |
| Media connectors |
These connect the network interface and host to the network media. |
| Link indicator |
This visually indicates the network connection status. Green generally
indicates a good connection, and red or an unlit diode indicates a bad
connection. |
| Transceiver |
A NIC's transceiver is responsible for transmitting and receiving network
communications. To send signals to the network, it converts digital data from a
PC to digital signals. The type of signal the transceiver sends depends on the
type of network. A fiber optic NIC sends light signals; an Ethernet NIC sends
electronic signals. To receive signals, the transceiver converts digital signals
from the network to digital data for the PC. |
| MAC Address |
The MAC address is a unique hexadecimal identifier burned into the ROM
(physically assigned address) of every network interface.
- The MAC address is a 12-digit hexadecimal number (each number ranges from
0-9 or A-F).
- The address is often written as 00-B0-D0-06-BC-AC or 00B0.D006.BCAC,
although dashes, periods, and colons can be used to divide the MAC address
parts.
- The MAC address is guaranteed unique through design. The first half (first 6
digits) of the MAC address is assigned to each manufacturer. The manufacturer
determines the rest of the address, assigning a unique value which identifies
the host address. A manufacturer that uses all the addresses in the original
assignment can apply for a new MAC address assignment.
Note:
Some network cards allow you to change (logically assigned address) the MAC
address through jumpers, switches, or software. However, there is little
practical reason for doing so. |
A NIC communicates across the network using the following method:
- The NIC receives data from the PC.
- The NIC breaks the data into frames, which include the following
information:
- The receiving NIC's MAC address
- The sending NIC's MAC address
- The data it is transmitting
- The CRC (cyclic redundancy checking) which is used to verify correct
transmission and reception of the data
- The NIC encodes the frames as electrical or light impulses and transmits
them across the network.
- The receiving NIC verifies the NIC addresses and CRC.
- The receiving NIC tracks the frames and reassembles the data.
- The receiving NIC sends the data to the PC.
The type of network interface card you choose depends on the type of network
to which you are connecting.
- Use an Ethernet NIC (as described above) to connect to an Ethernet network.
- Use a token ring NIC to connect to a token ring network.
- Use a modem to use the phone line to communicate with remote computers (such
as to connect to an ISP). Modems communicate through the telephone system by
converting binary data to analog waves (modulation) on the sending end,
and then converting the analog waves back to binary data (demodulation)
on the receiving end.
- Use an ISDN NIC to connect through an ISDN network. ISDN is a dialup
technology for host-to-host connections. However, unlike a modem, ISDN NICs send
digital signals over a digital network.
HUB
Networks using a Star topology require a central point for the devices to connect. Originally this device was called a concentrator since it consolidated the cable runs from all network devices. The basic form of concentrator is the hub.
As shown in Figure; the hub is a hardware device that contains multiple, independent ports that match the cable type of the network. Most common hubs interconnect Category 3 or 5 twisted-pair cable with RJ-45 ends, although Coax BNC and Fiber Optic BNC hubs also exist. The hub is considered the least common denominator in device concentrators. Hubs offer an inexpensive option for transporting data between devices, but hubs don't offer any form of intelligence. Hubs can be active or passive.
An active hub strengthens and regenerates the incoming signals before sending the data on to its destination.
Passive hubs do nothing with the signal.
Ethernet Hubs
An Ethernet hub is also called a multiport repeater. A repeater is a device that amplifies a signal as it passes through it, to counteract the effects of attenuation. If, for example, you have a thin Ethernet network with a cable segment longer than the prescribed maximum of 185 meters, you can install a repeater at some point in the segment to strengthen the signals and increase the maximum segment length. This type of repeater only has two BNC connectors, and is rarely seen these days.
8 Port mini Ethernet Hub
The hubs used on UTP Ethernet networks are repeaters as well, but they can have many RJ45 ports instead of just two BNC connectors. When data enters the hub through any of its ports, the hub amplifies the signal and transmits it out through all of the other ports. This enables a star network to have a shared medium, even though each computer has its own separate cable. The hub relays every packet transmitted by any computer on the network to all of the other computers, and also amplifies the signals.
The maximum segment length for a UTP cable on an Ethernet network is 100 meters. A segment is defined as the distance between two communicating computers. However, because the hub also functions as a repeater, each of the cables connecting a computer to a hub port can be up to 100 meters long, allowing a segment length of up to 200 meters when one hub is inserted in the network.
Multistation Access Unit
A Multistation Access Unit (MAU) is a special type of hub used for token ring networks. The word "hub" is used most often in relation to Ethernet networks, and MAU only refers to token ring networks. On the outside, the MAU looks like a hub. It connects to multiple network devices, each with a separate cable.
Unlike a hub that uses a logical bus topology over a physical star, the MAU uses a logical ring topology over a physical star.
When the MAU detects a problem with a connection, the ring will beacon. Because it uses a physical star topology, the MAU can easily detect which port the problem exists on and close the port, or "wrap" it. The MAU does actively regenerate signals as it transmits data around the ring.
Switches
Switches are a special type of hub that offers an additional layer of intelligence to basic, physical-layer repeater hubs. A switch must be able to read the MAC address of each frame it receives. This information allows switches to repeat incoming data frames only to the computer or computers to which a frame is addressed. This speeds up the network and reduces congestion.
Switches operate at both the physical layer and the data link layer of the OSI Model.
Bridges
A bridge is used to join two network segments together, it allows computers on either segment to access resources on the other. They can also be used to divide large networks into smaller segments. Bridges have all the features of repeaters, but can have more nodes, and since the network is divided, there is fewer computers competing for resources on each segment thus improving network performance.
Bridges can also connect networks that run at different speeds, different topologies, or different protocols. But they cannot, join an Ethernet segment with a Token Ring segment, because these use different networking standards. Bridges operate at both the Physical Layer and the MAC sublayer of the Data Link layer. Bridges read the MAC header of each frame to determine on which side of the bridge the destination device is located, the bridge then repeats the transmission to the segment where the device is located.
Routers
Routers Are networking devices used to extend or segment networks by forwarding packets from one logical network to another. Routers are most often used in large internetworks that use the TCP/IP protocol suite and for connecting TCP/IP hosts and local area networks (LANs) to the Internet using dedicated leased lines.
Routers work at the network layer (layer 3) of the Open Systems Interconnection (OSI) reference model for networking to move packets between networks using their logical addresses (which, in the case of TCP/IP, are the IP addresses of destination hosts on the network). Because routers operate at a higher OSI level than bridges do, they have better packet-routing and filtering capabilities and greater processing power, which results in routers costing more than bridges.
Routing tables
Routers contain internal tables of information called routing tables that keep track of all known network addresses and possible paths throughout the internetwork, along with cost of reaching each network. Routers route packets based on the available paths and their costs, thus taking advantage of redundant paths that can exist in a mesh topology network.
Because routers use destination network addresses of packets, they work only if the configured network protocol is a routable protocol such as TCP/IP or IPX/SPX. This is different from bridges, which are protocol independent. The routing tables are the heart of a router; without them, there's no way for the router to know where to send the packets it receives.
Unlike bridges and switches, routers cannot compile routing tables from the information in the data packets they process. This is because the routing table contains more detailed information than is found in a data packet, and also because the router needs the information in the table to process the first packets it receives after being activated. A router can't forward a packet to all possible destinations in the way that a bridge can.
- Static routers: These must have their routing tables configured manually with all network addresses and paths in the internetwork.
- Dynamic routers: These automatically create their routing tables by listening to network traffic.
- Routing tables are the means by which a router selects the fastest or nearest path to the next "hop" on the way to a data packet's final destination. This process is done through the use of routing metrics.
- Routing metrics which are the means of determining how much distance or time a packet will require to reach the final destination. Routing metrics are provided in different forms.
- hop is simply a router that the packet must travel through.
- Ticks measure the time it takes to traverse a link. Each tick is 1/18 of a second. When the router selects a route based on tick and hop metrics, it chooses the one with the lowest number of ticks first.
You can use routers, to segment a large network, and to connect local area segments to a single network backbone that uses a different physical layer and data link layer standard. They can also be used to connect LAN's to a WAN's.
Brouters
Brouters are a combination of router and bridge. This is a special type of equipment used for networks that can be either bridged or routed, based on the protocols being forwarded. Brouters are complex, fairly expensive pieces of equipment and as such are rarely used.
A Brouter transmits two types of traffic at the exact same time: bridged traffic and routed traffic. For bridged traffic, the Brouter handles the traffic the same way a bridge or switch would, forwarding data based on the physical address of the packet. This makes the bridged traffic fairly fast, but slower than if it were sent directly through a bridge because the Brouter has to determine whether the data packet should be bridged or routed.
Gateways
A gateway is a device used to connect networks using different protocols. Gateways operate at the network layer of the OSI model. In order to communicate with a host on another network, an IP host must be configured with a route to the destination network. If a configuration route is not found, the host uses the gateway (default IP router) to transmit the traffic to the destination host. The default t gateway is where the IP sends packets that are destined for remote networks. If no default gateway is specified, communication is limited to the local network. Gateways receive data from a network using one type of protocol stack, removes that protocol stack and repackages it with the protocol stack that the other network can use.
Examples
- E-mail gateways-for example, a gateway that receives Simple Mail Transfer Protocol (SMTP) e-mail, translates it into a standard X.400 format, and forwards it to its destination
- Gateway Service for NetWare (GSNW), which enables a machine running Microsoft Windows NT Server or Windows Server to be a gateway for Windows clients so that they can access file and print resources on a NetWare server
- Gateways between a Systems Network Architecture (SNA) host and computers on a TCP/IP network, such as the one provided by Microsoft SNA Server
- A packet assembler/disassembler (PAD) that provides connectivity between a local area network (LAN) and an X.25 packet-switching network
CSU / DSU (Channel Service Unit / Data Service Unit)
A CSU/DSU is a device that combines the functionality of a channel service unit (CSU) and a data service unit (DSU). These devices are used to connect a LAN to a WAN, and they take care of all the translation required to convert a data stream between these two methods of communication.
A DSU provides all the handshaking and error correction required to maintain a connection across a wide area link, similar to a modem. The DSU will accept a serial data stream from a device on the LAN and translate this into a useable data stream for the digital WAN network. It will also take care of converting any inbound data streams from the WAN back to a serial communication.
A CSU is similar to a DSU except it does not have the ability to provide handshaking or error correction. It is strictly an interface between the LAN and the WAN and relies on some other device to provide handshaking and error correction.
NICs (Network Interface Card)
Network Interface Card, or NIC is a hardware card installed in a computer so it can communicate on a network. The network adapter provides one or more ports for the network cable to connect to, and it transmits and receives data onto the network cable.
Wireless Lan card
Every networked computer must also have a network adapter driver, which controls the network adapter. Each network adapter driver is configured to run with a certain type of network adapter.
Network card
Network Interface Adapter Functions
Network interface adapters perform a variety of functions that are crucial to getting data to and from the computer over the network.
These functions are as follows:
Data encapsulation
The network interface adapter and its driver are responsible for building the frame around the data generated by the network layer protocol, in preparation for transmission. The network interface adapter also reads the contents of incoming frames and passes the data to the appropriate network layer protocol.
Signal encoding and decoding
The network interface adapter implements the physical layer encoding scheme that converts the binary data generated by the network layer-now encapsulated in the frame-into electrical voltages, light pulses, or whatever other signal type the network medium uses, and converts received signals to binary data for use by the network layer.
transmission and reception
The primary function of the network interface adapter is to generate and transmit signals of the appropriate type over the network and to receive incoming signals. The nature of the signals depends on the network medium and the data-link layer protocol. On a typical LAN, every computer receives all of the packets transmitted over the network, and the network interface adapter examines the destination address in each packet, to see if it is intended for that computer. If so, the network interface adapter passes the packet to the computer for processing by the next layer in the protocol stack; if not, the network interface adapter discards the packet.
Data buffering
Network interface adapters transmit and receive data one frame at a time, so they have built-in buffers that enable them to store data arriving either from the computer or from the network until a frame is complete and ready for processing.
Serial/parallel conversion
The communication between the computer and the network interface adapter runs in parallel, that is, either 16 or 32 bits at a time, depending on the bus the adapter uses. Network communications, however, are serial (running one bit at a time), so the network interface adapter is responsible for performing the conversion between the two types of transmissions.
Media access control
The network interface adapter also implements the MAC mechanism that the data-link layer protocol uses to regulate access to the network medium. The nature of the MAC mechanism depends on the protocol used.
Network protocols
A networked computer must also have one or more protocol drivers (sometimes called a transport protocol or just a protocol). The protocol driver works between the upper-level network software and the network adapter to package data to be sent on the network.
In most cases, for two computers to communicate on a network, they must use identical protocols. Sometimes, a computer is configured to use multiple protocols. In this case, two computers need only one protocol in common to communicate. For example, a computer running File and Printer Sharing for Microsoft Networks that uses both NetBEUI and TCP/IP can communicate with computers using only NetBEUI or TCP/IP.
ISDN (Integrated Services Digital Network) adapters
Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over standard telephone cabling. ISDN adapters must be connected directly to a digital telephone network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the digital ISDN signal.
Like standard modems, ISDN adapters are available both as internal devices that connect directly to a computer's expansion bus and as external devices that connect to one of a computer's serial or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps (using a T1 carrier service).
ISDN hardware requires a NT (network termination) device, which converts network data signals into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated, with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the adapter or router must be implemented. ISDN works at the physical, data link, network, and transport layers of the OSI Model.
WAPs (Wireless Access Point)
A wireless network adapter card with a transceiver sometimes called an access point, broadcasts and receives signals to and from the surrounding computers and passes back and forth between the wireless computers and the cabled network.
Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network.
Modems
A modem is a device that makes it possible for computers to communicate over telephone lines. The word modem comes from Modulate and Demodulate. Because standard telephone lines use analog signals, and computers digital signals, a sending modem must modulate its digital signals into analog signals. The computers modem on the receiving end must then demodulate the analog signals into digital signals.
Modems can be external, connected to the computers serial port by an RS-232 cable or internal in one of the computers expansion slots. Modems connect to the phone line using standard telephone RJ-11 connectors.
Transceivers (media converters)
Transceiver short for transmitter-receiver, a device that both transmits and receives analog or digital signals. The term is used most frequently to describe the component in local-area networks (LANs) that actually applies signals onto the network wire and detects signals passing through the wire. For many LANs, the transceiver is built into the network interface card (NIC). Some types of networks, however, require an external transceiver.
In Ethernet networks, a transceiver is also called a Medium Access Unit (MAU). Media converters interconnect different cable types twisted pair, fiber, and Thin or thick coax, within an existing network. They are often used to connect newer 100-Mbps, Gigabit Ethernet, or ATM equipment to existing networks, which are generally 10BASE-T, 100BASE-T, or a mixture of both. They can also be used in pairs to insert a fiber segment into copper networks to increase cabling distances and enhance immunity to electromagnetic interference (EMI).
Firewalls
In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction.
A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.
There are three basic types of firewalls depending on:
- whether the communication is being done between a single node and the network, or between two or more networks
- whether the communication is intercepted at the network layer, or at the application layer
- whether the communication state is being tracked at the firewall or not
With regard to the scope of filtered communication these firewalls are exist:
- Personal firewalls, a software application which normally filters traffic entering or leaving a single computer through the Internet.
- Network firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the connected networks.
In reference to the layers where the traffic can be intercepted, three main categories of firewalls exist:
- network layer firewalls An example would be iptables.
- application layer firewalls An example would be TCP Wrapper.
- application firewalls An example would be restricting ftp services through /etc/ftpaccess file
These network-layer and application-layer types of firewall may overlap, even though the personal firewall does not serve a network; indeed, single systems have implemented both together.
There's also the notion of application firewalls which are sometimes used during wide area network (WAN) networking on the world-wide web and govern the system software. An extended description would place them lower than application layer firewalls, indeed at the Operating System layer, and could alternately be called operating system firewalls.
Lastly, depending on whether the firewalls track packet states, two additional categories of firewalls exist:
- stateful firewalls
- stateless firewalls
Network layer firewalls
Network layer firewalls operate at a (relatively low) level of the TCP/IP protocol stack as IP-packet filters, not allowing packets to pass through the firewall unless they match the rules. The firewall administrator may define the rules; or default built-in rules may apply (as in some inflexible firewall systems).
A more permissive setup could allow any packet to pass the filter as long as it does not match one or more "negative-rules", or "deny rules". Today network firewalls are built into most computer operating system and network appliances.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.
Application-layer firewalls
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.
By inspecting all packets for improper content, firewalls can even prevent the spread of the likes of viruses. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.
Proxies
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.
Proxies make tampering with an internal system from the external network more difficult, and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network.
