internet & computer security exercise - 10 · it workshop lab manual 180 approved by :...
TRANSCRIPT
IT WORKSHOP LAB MANUAL
180
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Internet & Computer Security
Exercise - 10
Aim: Introduction to computer networking, demonstration on network components,
drivers loading and configuration settings, mapping of IP addresses, configuration of
Internet and Wi-Fi.
10.1 Introduction to Types of Networks
One way to categorize the different types of computer network designs is by their scope or scale.
For historical reasons, the networking industry refers to nearly every type of design as some kind
of area network. Common examples of area network types are:
LAN - Local Area Network
WLAN - Wireless Local Area Network
WAN - Wide Area Network
MAN - Metropolitan Area Network
SAN - Storage Area Network, System Area Network, Server Area Network, or
sometimes Small Area Network
CAN - Campus Area Network, Controller Area Network, or sometimes Cluster Area
Network
PAN - Personal Area Network
DAN - Desk Area Network
LAN and WAN were the original categories of area networks, while the others have gradually
emerged over many years of technology evolution. Note that these network types are a separate
concept from network topologies such as bus, ring and star.
Topology in Network Design
Network topologies are categorized into the following basic types:
bus
ring
star
tree
mesh
More complex networks can be built as hybrids of two or more of the above basic topologies.
IT WORKSHOP LAB MANUAL
181
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Bus Topology
Bus networks use a common backbone to connect all devices. A single cable, the backbone
functions as a shared communication medium that devices attach or tap into with an interface
connector.
Fig. 1. Bus Topology
Ring Topology
In a ring network, every device has exactly two neighbors for communication purposes. All
messages travel through a ring in the same direction (either "clockwise" or "counterclockwise").
A failure in any cable or device breaks the loop and can take down the entire network.
Fig. 2. Ring Topology
Star Topology
Many home networks use the star topology. A star network features a central connection point
called a "hub" that may be a hub, switch or router. Devices typically connect to the hub with
Unshielded Twisted Pair (UTP) Ethernet.
IT WORKSHOP LAB MANUAL
182
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Fig. 3. Star Topology
Tree Topology
Tree topologies integrate multiple star topologies together onto a bus. In its simplest form, only
hub devices connect directly to the tree bus, and each hub functions as the "root" of a tree of
devices. This bus/star hybrid approach supports future expandability of the network much better
than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star
(limited by the number of hub connection points) alone.
Fig. 4. Tree Topology
Mesh Topology
Mesh topologies involve the concept of routes. Unlike each of the previous topologies, messages
sent on a mesh network can take any of several possible paths from source to destination. (Recall
that even in a ring, although two cable paths exist, messages can only travel in one direction.)
Some WANs, most notably the Internet, employ mesh routing.
IT WORKSHOP LAB MANUAL
183
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Fig. 5. Mesh Topology
LAN - Local Area Network
A LAN connects network devices over a relatively short distance. A networked office building,
school, or home usually contains a single LAN, though sometimes one building will contain a
few small LANs (perhaps one per room), and occasionally a LAN will span a group of nearby
buildings. In TCP/IP networking, a LAN is often but not always implemented as a single IP
subnet.
In addition to operating in a limited space, LANs are also typically owned, controlled, and
managed by a single person or organization. They also tend to use certain connectivity
technologies, primarily Ethernet and Token Ring.
WAN - Wide Area Network
As the term implies, a WAN spans a large physical distance. The Internet is the largest WAN,
spanning the Earth.
A WAN is a geographically-dispersed collection of LANs. A network device called a router
connects LANs to a WAN. In IP networking, the router maintains both a LAN address and a
WAN address.
A WAN differs from a LAN in several important ways. Most WANs (like the Internet) are not
owned by any one organization but rather exist under collective or distributed ownership and
management. WANs tend to use technology like ATM, Frame Relay and X.25 for connectivity
over the longer distances.
LAN, WAN and Home Networking
Residences typically employ one LAN and connect to the Internet WAN via an Internet Service
Provider (ISP) using a broadband modem. The ISP provides a WAN IP address to the modem,
and all of the computers on the home network use LAN (so-called private) IP addresses. All
IT WORKSHOP LAB MANUAL
184
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
computers on the home LAN can communicate directly with each other but must go through a
central gateway, typically a broadband router, to reach the ISP.
Other Types of Area Networks
While LAN and WAN are by far the most popular network types mentioned, you may also
commonly see references to these others:
Wireless Local Area Network - a LAN based on WiFi wireless network technology
Metropolitan Area Network - a network spanning a physical area larger than a LAN but
smaller than a WAN, such as a city. A MAN is typically owned an operated by a single
entity such as a government body or large corporation.
Campus Area Network - a network spanning multiple LANs but smaller than a MAN,
such as on a university or local business campus.
Storage Area Network - connects servers to data storage devices through a technology
like Fibre Channel.
System Area Network - links high-performance computers with high-speed connections
in a cluster configuration. Also known as Cluster Area Network.
10.2 To make an Internet connection
1. Open Network Connections.
2. Under Network Tasks, click Create a new connection, and then click Next.
3. Click Connect to the Internet, and then click Next.
4. Choose one of the following:
o If you already have an account with an Internet service provider (ISP), click Set up
my connection manually and then click Next.
o If you have a CD from an ISP, click Use the CD I got from an ISP and then click
Next.
o If you do not have an Internet account, click Choose from a list of Internet service
providers (ISPs) and then click Next.
5. From your choice above, click one of the following:
� Set up my connection manually
o If you are connecting to your ISP using a standard 28.8 Kbps, 56 Kbps, or ISDN
modem, click Connect using a dial-up modem, click Next, and follow the
instructions in the wizard.
IT WORKSHOP LAB MANUAL
185
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
o If your DSL or cable modem ISP connection requires a user name and
password, click Connect using a broadband connection that requires a
user name and password, click Next, and then follow the instructions in the
wizard.
o If your DSL or cable modem ISP connection is always on and does not require
you to type a user name and password, click Connect using a broadband
connection that is always on, click Next, and then click Finish.
� Use the CD I got from an ISP
o Click Next, and then click Finish. Insert the CD provided by your ISP and
follow the instructions.
� Choose from a list of Internet service providers (ISPs)
o To create an Internet account using MSN Explorer, click Get online with MSN,
and then click Finish. Follow the instructions in MSN Explorer.
o To choose an ISP, click Select from a list of ISPs, click Finish, and then
double-click Refer me to more Internet service providers. Follow the
instructions in the wizard.
10.3 Procedure:
• To open Network Connections, click Start, point to Settings, click Control Panel, and
then double-click Network Connections.
• If your DSL or cable modem is always connected and your ISP does not require a user
name and password, you do not need to run the New Connection Wizard. No additional
configuration is required for your broadband connection.
• Before you create an Internet connection, check with your Internet service provider (ISP) to
verify the required connection settings. A connection to your ISP may require one or
more of the following settings:
o A specific IP address.
o DNS addresses and domain names.
o POP3 settings for incoming e-mail.
o SMTP settings for outgoing e-mail.
IT WORKSHOP LAB MANUAL
186
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
10.3.1 To configure TCP/IP settings
1. Open Network Connections.
2. Click the connection you want to configure, and then, under Network Tasks, click
Change settings of this connection.
3. Do one of the following:
o If the connection is a local area connection, on the General tab, under This
connection, uses the following items, click Internet Protocol (TCP/IP), and
then click Properties.
o If this is a dial-up, VPN, or incoming connection, click the Networking tab. In This
connection uses the following items, click Internet Protocol (TCP/IP), and
then click Properties.
1. Do one of the following:
o If you want IP settings to be assigned automatically, click Obtain an IP address
automatically, and then click OK.
o If you want to specify an IP address or a DNS server address, do the following:
� Click Use the following IP address, and in IP address, type the IP
address.
� Click Use the following DNS server addresses, and in Preferred DNS
server and Alternate DNS server, type the addresses of the primary and
secondary DNS servers.
2. To configure DNS, WINS, and IP Settings, click Advanced.
10.3.2 Procedure to open Network connections
• To open Network Connections, click Start, point to Settings, click Control Panel, and
then double-click Network Connections.
• You should use automated IP settings (DHCP) whenever possible, for the following
reasons:
o DHCP is enabled by default.
o If your location changes, you do not have to modify your IP settings.
IT WORKSHOP LAB MANUAL
187
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
o Automated IP settings are used for all connections, and they eliminate the need to
configure settings such as DNS, WINS, and so on.
10.4 TCP/IP ADDRESSING:
Every IP address can be broken down into 2 parts, the Network ID (netid) and the Host ID
(hostid).
Network id: identifies the network to which a device is attached.
Host id: The host portion of an IP address identifies the specific device on that
network
All hosts on the same network must have the same netid. Each of these hosts must have a hostid
that is unique in relation to the netid. IP addresses are divided into 4 octets with each having a
maximum value of 255. We view IP addresses in dotted decimal notation such as 124.35.62.181,
but it is actually utilized as binary data so one must be able to convert addresses back and forth.
When converting binary data to decimal, a "0" is equal to 0. "1" is equal to the number that corresponds to
the field it is in. For example, the number 213 would be 11010101 in binary notation.
This is calculated as follows: 128+64+0+16+0+4+0+1=213. Remember that this only represents 1 octet
of 8 bits, while a full IP address is 32 bits made up of 4 octets. This being true, the IP address
213.128.68.130 would look like:
11010101 10000000 01000100 10000010.
IP Address Classes:
• Class A.
When written in a binary format, the first (leftmost) bit of a Class A address is always 0.
An easy way to recognize whether a device is part of a Class A network is to look at the
first octet of its IP address, which will range from 0-126. (127 reserved for loopback and
diagnostics.) 224 - 2 = 16,777,214, possible IP addresses to devices that are attached to
its network.
• Class B.
The first 2 bits of a Class B address are always 10. Class B IP addresses always have
values ranging from 128 to 191 in their first octet. 216 - 2= 65,534 possible IP addresses
to devices that are attached to its network.
IT WORKSHOP LAB MANUAL
188
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
• Class C.
The first 3 bits of a Class C address are always 110. Class C IP addresses always have
values ranging from 192 to 223 in their first octet. 28 -2 = 254 possible IP addresses to
devices that are attached to its network.
• Other Classes.
In addition to the three most popular classes, there are two additional classes, class D and
class E. Class D addresses have their leading four bits set to 1110 and are used to support
IP Multicasting. Class E addresses have their leading five bits set to 11110 and are
reserved for future use.
The formats used for IP address are shown below:
Fig. 7. Format of IP address
The IP address 0.0.0.0 is used by hosts when they are being booted but is not used
afterwards.
10.5 Accessing Internet and Email
Email:
• A Electronic mail, abbreviated e-mail or email is a method of composing, sending and
receiving messages over electronic communication systems.
• Quickly delivered in seconds or minutes (if without problem).
• What you need is
� The E-mail address of the recipient.
IT WORKSHOP LAB MANUAL
189
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
� user@host
• “yahoo.com" is the domain name of the mail server, which handles the recipient's mail.
• “john" is the user name of the recipient.
• User name and hostname are separated by "@".
• Carbon Copy Section
� Send a message to more than one person; all the recipients will see the list of email
addresses.
• Blind Carbon Copy Section
� The recipients won’t see others’ addresses.
� When email is sent to a large group of people who don’t know each other.
Email Services:
• Web Mail
• POP
• IMAP
POP:
• Don’t have to know the name of your machine
• POP mail server is installed on a computer always ON
• Use Windows interface to read email
• The email at the mail server is popped to your local machine
IMAP:
• Internet Message Access Protocol
• Permits a "client" email program to access remote message stores as if they were local
• No need to transfer messages or files back and forth between computers
SPAM:
• SPAM is flooding the Internet with many copies of the same message
� Force to send message to people
� Junk electronic mail.
• Why cause problem?
� Cost-shifting – very cheap to send thousands of emails
IT WORKSHOP LAB MANUAL
190
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
� Fraud – not an advertisement subject
� Waste of others’ resources – stealing bandwidth
� Displacement of Normal Email–destroy the usefulness and effectiveness of email
� Ethics problem
.
10.6 How to configure Internet Explorer automatic download prompts
on your Windows XP:
Beginning with Windows XP Service Pack 2 (SP2), a new visual feature named the
Information Bar is added to Internet Explorer. You may notice that the Information Bar
alerts you to files that are blocked from being downloaded when you visit a Web site. This
article describes how to configure these automatic download prompts.
Pop-up Blockers
Pop-up windows can interrupt what you're doing, but Toolbar's Pop-up blocker blocks most
unwanted pop-ups from ever becoming a nuisance while still allowing the ones you do want to
open to open. Say that three times fast.
Enable or disable the Pop-up blocker
1. Click Toolbar's wrench icon.
2. On the Tools tab, select (or deselect) the 'Pop-up blocker' checkbox.
3. Click Save.
Allow pop-ups
To allow pop-ups, just click Toolbar's Pop-up blocker button. The button's icon should change
from 'Pop- ups blocked' to 'Pop-ups allowed' . Once you allow pop-ups on a specific
website, Pop-up blocker adds the website to an 'Allowed sites' whitelist.
View the 'Allowed sites' list
1. Click Toolbar's wrench icon.
2. On the Tools tab, click the Edit link next to the 'Pop-up blocker' checkbox.
If you're still unable to open pop-ups after clicking the Pop-up blocker button, check that IE and
your security software aren't preventing it from opening.
IT WORKSHOP LAB MANUAL
191
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Reset the Pop-up blocker counter
Click the Pop-up blocker button's drop-down menu, then select Reset count.
Block Pop-up Windows with Internet Explorer
Many legitimate advertisers on the Internet use windows that pop up in the middle of your screen
to display a message. They might also open when you click a link or button on a Web site, and
they might open either over or under the window you wish to view.
Some pop-ups are helpful. For example, if you click an image to see a larger version, it might
open in a pop-up window. Unfortunately, some pop-up windows can contain inappropriate
content or can be a way for you to accidentally download dangerous software (called spyware or
adware) onto your computer.
With Windows XP Service Pack 2 (SP2) Internet Explorer allows you to prevent most pop-up
windows from appearing over pages you want to view while you're using the Internet.
Using Pop-up Blocker
When you install SP2, Pop-up Blocker is turned on in Internet Explorer and set to the medium
setting, which means it will block most automatic pop-ups. The default settings for the pop-up
blocker allow you to see pop-ups that are opened when you click a link or button on a Web site.
Pop-up Blocker will also play a sound and show the Information Bar when a pop-up is blocked.
You can adjust these settings so that Pop-up Blocker works the way you want it to.
To change Pop-up Blocker settings
• Open Internet Explorer.
• On the Tools menu, point to Pop-up Blocker, and then click Pop-up Blocker Settings.
Internet Explorer Tools menu
If you want to see pop-up windows from a specific Web site, type the address (or URL) of the
site in the Address of Web site to allow box, and then click Add.
IT WORKSHOP LAB MANUAL
192
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Pop-up Blocker Settings window
Tip To temporarily allow a site to display pop-ups, click the Information Bar when it notifies
you that a pop-up has been blocked. Then click Temporarily Allow Pop-ups.
To block pop-ups even if they are launched when you click a link or button on a Web site:
1. Open Internet Explorer.
2. On the Tools menu, point to Pop-up Blocker, and then click Pop-up Blocker Settings.
3. Select the High setting in the box near the bottom of the dialog box.
Note If you want to see pop-ups that are blocked when you have this setting turned on, hold
down the CTRL key while the window opens.
Troubleshooting Pop-Up Blocker
If you've installed SP2 and you still see pop-ups in Internet Explorer, try the possible solutions
below.
� Make sure Pop-up Blocker is turned on: Pop-up Blocker is turned on by default, but
someone may have turned it off.
IT WORKSHOP LAB MANUAL
193
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
To turn on Pop-up Blocker
1. On the Tools menu, point to Pop-up Blocker.
2. Click Turn on Pop-up Blocker.
• Rid your system of spyware: If you get similar pop-up windows no matter what sites
you visit or even if you're not on the Web at all, you could have spyware, adware, or
other software on your computer that's launching pop-ups. To stop these pop-ups, you
will have to identify the software, then remove it or change its settings to stop it from
launching pop-ups.
• Some windows are not blocked: Pop-up Blocker is smart enough to not block pop-up
windows that you open deliberately by clicking a link—for example, if you were on a
travel reservation site and you clicked a link to open a pop-up window containing
your confirmation details, this pop-up window would not be blocked because you
opened it intentionally. Also, Pop-up Blocker will not block some pop-ups with
certain types of animated content or pop-ups from
10.7 Wi-Fi configuration
(To Access WiFi Service Laptop/Computer should be Wireless Enabled)
1. Enter IP 192.168.1.1, in Internet Explorer after connecting the router as before(As in ADSL
Router without wifi capability)
2. Enter User Name Password as before(As in ADSL Router without wifi capability): i.e. admin,
admin
3. Click Tab Interface Setup shown below:
a) Click Internet, you will find page as given below:
IT WORKSHOP LAB MANUAL
194
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
Fig 8:Interface setup
Configure PVCs, Enter Username & Password as earlier(As in ADSL Router without wifi
capability), and Click save button.
b) To configure Wireless setting Click Wireless Tab and you will get window as given
below:
Fig 9: configuration window
IT WORKSHOP LAB MANUAL
195
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
* Activate Access Port radio button (WiFi would not work without it)
* Type your SSID.
* You can Configure Channel Id.
* Select Authentication type by clicking combo box and enter KEY in required format.
You can filter/allow Mac address by activating wireless MAC address filter as desired by
clicking Activated tab. You have to enter the mac address of your WIFI card installed in
your laptop/computer. Upto 8 MAC can be allowed or denied.
Click Save Button.
As below one USER is allowed to access the WiFi Service from this Access point. i. e.
00:14:A4:19:74:8C. If you enter WiFi Card MAC addresses of other Laptops/Computers
(Maximum 8 Laptops/Computers are allowed)
Fig 10:Interface setup
Click Save Button.
IT WORKSHOP LAB MANUAL
196
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
C) To configure LAN(Local Area Network) settings like DNS, DHCP Click LAN TAB as shown below
Click Save Button.
IMPORTANT:
KEY POINT to prevent misuse of WiFi Facility by unauthorized user, ALWAYS USE
Security feature of WiFi router given above and repeated below again:
1. SSID The SSID is a unique name to identify the ADSL Router in the wireless LAN.
Wireless clients associating to the ADSL Router must have the same SSID.
Broadcast SSID Select No to hide the SSID such that a station can not obtain the SSID
through passive scanning. Select Yes to make the SSID visible so a station can obtain the
SSID through passive scanning.
2. Wireless LAN :: WEP
WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the
wireless network. Select Disable to allow all wireless computers to communicate with
the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to use
data encryption.
3. Key#1~Key#4 The WEP keys are used to encrypt data. Both the ADSL Router and the
wireless clients must use the same WEP key for data transmission. If you chose 64-bit
IT WORKSHOP LAB MANUAL
197
APPROVED BY :
Dr.K.RAMANI
HOD, IT
Prepared by:
Ms.K.NIRMALA
Mr.V.S.V.S.S.S.M.CHAKRADHAR
WEP, then enter any 5 Characters each key (1-4). If you chose 128-bit WEP, then enter
13 characters for each key (1-4).The values must be set up exactly the same on the
Access Points as they are on the wireless client stations. The same value must be assigned
to Key 1 on both the access point (your ADSL Router) and the client adapters, the same
value must be assigned to Key 2 on both the access point and the client stations and so
on, for all four WEP keys.
Wireless LAN :: WPA-PSK
Wi-Fi Protected Access, pre-shared key. Encrypts data frames before transmitting over
the wireless network.
Pre-shared Key The Pre-shared Key are used to encrypt data. Both the ADSL Router and
the wireless clients must use the same WPA-PSK key for data transmission. Key Length
8 to 64 characters.
4. Wireless LAN :: MAC Filter
You can allow or deny a list of MAC addresses associated with the wireless stations
access to the ADSL Router.
Status Use the drop down list box to enable or disable MAC address filtering.
Action Select Deny Association to block access to the router, MAC addresses not listed
will be allowed to access the router. Select Allow Association to permit access to the
router, MAC addresses not listed will be denied access to the router.
NOTE: You Should always use WiFi Facility with Activating the Security features
highlighted above.