Home   |  Products   |  Download   |  Purchase   |  Support   |  Resources   |  Company   |  Contacts   |  Service   |  Forum
 
Home User Small & Medium
Business		 Large Enterprise
Business		 Affiliates &
Resellers
Resources
Overview
Protocols
Switch Management
Network ABC
Ports
Vulnerabilities
Sniffer
Network Sniffer
Protocol Analyzer
Network Monitor
Capsa vs Other Sniffing

How to Buy >
Find a Reseller >
Upgrade >
Price: $299.00 - $669.00
 
Feedback
Pre-Sales Toll Free: 888-467-2634(USA)
 
HomeResources >
 
Network ABC

  1. What is network and internet?
  2. What is Ethernet?
  3. What is network arrangement?
  4. What is network security?
  5. What is system's vulnerability?
  6. What are network protocols?
  7. What are network packets?
  8. What is network attack?
  9. What is network monitoring?
  10. What is network analyzer?
  11. What is IP address?
  12. What is MAC?
  13. What is the difference between IP and MAC address?
  14. What is Port?
  15. What is Frame?
  16. What is network interface card?
  17. What are network relays?
  18. What is Hub?
  19. What is Switch?
  20. What is Router?
  21. What is Bridge?

1. What is network and internet?

Network is an aggregation of computers interlinking with cable, line, or wireless communication. With network, you can share or change network data and information with other network users online.

Generally, we separate network as LAN (Local Area Network) and WAN (Wide Area Network) according to the area size of computer's linking. The network in a house, a building or a campus is so called LAN, and the network spanning regions and countries is called WAN. Internet is the biggest typical WAN which originated from ARPANET (A Program by Advanced Research Project Agency of US Department of Defense) in 1969. In 1986, NSF( US National Science Foundation) created NSFNET with TCP/IP sponsored by the government and opened it to public as Internet in 1989.

With the commercialization and popularization of network in global scope, Internet has been becoming a name of information modernizing. We can say Internet is a data library covering nearly everything, or Internet is a hinge central of the whole world through which you can gain international news, chat with friends, write or read emails, shop online, view films, listen concert and do many other things.

Top

2. What is Ethernet?

Ethernet was originally developed by XEROX Corporation. Due to the using of DEC, INTEL and XEROX together, Ethernet was configured in 1980 and adapted by IEEE as 802.3 standard afterwards.

The basic feature of Ethernet is to adopt a kind of shared access plan called CSMA/CD (Carrier Sense Multiple Access/Collision Detection), that is, multi workstations connect on a central line and all workstations send monitoring signals ceaselessly to the central line. However, only one workstation can transmit signals on the line at one time and the others must wait for starting their own transmission until that workstation finishes.
  1. Ethernet and LAN
    Only a kind of LAN, Ethernet is in parallel with Token-Ring and FDDI and involved in LAN system.
    Nowadays, 90% network is Ethernet for it is the main technique applied in LAN at present so that Ethernet almost has been another name of LAN.

  2. Types of Ethernet
    • Classified by speed, Ethernet has 10Mbps Ethernet, 10/100Mbps Ethernet, 1000Mbps Ethernet and 10Gbps Ethernet;
    • Classified by the usage type of wideband, Ethernet has shared Ethernet and switched Ethernet two kinds.

Top

3. What is network arrangement?

Network is a combination of communication and computer resources which normally are kept in network equipments called as nodes. Network arrangement is to fulfill the tasks we need by using softwares on these nodes, commonly including four aspects:
  1. System arrangement: Supervising computer and its groupwares;
  2. Protocol arrangement: Arrangement of network protocols used to communicate and transfer information;
  3. Application arrangement: Arrangement of softwares or programs applied by network users;
  4. Service arrangement: Arrangement of other services supplied by network service providers.

Top

4. What is network security?

Network security means that a network system, including hardware, software and all the data saved in this system, can run normally, continually and stably. In general, network security possesses four features:
  1. Privacy: Information can not be detected by any other person except sender and receiver;
  2. Integrality: Data are protected from being modified damaged randomly;
  3. Identity: Users must have corresponding identification before using network resources;
  4. Authorization: System can accredit a certain user and judge the sufficiency of authority;
  5. Irrefutability: Based on authority as certification of certain activity.

Although the global economy is becoming more and more reliant on network, the security of network is still very worrying for that many means may attack network and cause it disable. The most general menaces to network security are:

  1. Hacker: Most hackers are IT geniuses who can find the leaks in system and enter your computer to rip off or damage your data;
  2. Erotic website: There are millions websites global wide containing erotic contents and produce a lot of junk mails, which not only are very harmful to the minors but also occupy large quality of network resources:
  3. Virus: Viruses may destroy computer system and damage your important data.

Top

5. What is system's vulnerability?

Vulnerability is originated from system's security Bugs, which may exist in software programs and CMOS chips as well, and often utilized by hackers up to no good as the leak to disable personal computer and network.
System's vulnerability mainly represents as follows:
  1. Software's Bug
    The Bugs in Server's daemon threads, applications, operation systems and protocol stacks will arose system's vulnerability and may utilized by attackers. Theses Bugs reflect that the settlement to exceptional input did not be considered when programmed, including:
    1. Buffer's overflow;
    2. Combination of special characters;
    3. Competition conditions.

  2. Inappropriate configure of system
    1. Default configure;
    2. Misconduct by administrators;
    3. Back door of system;
    4. Trust connection

  3. Vulnerable password
    Most of passwords consist of names, simple numbers, or as same as accounts. Attackers can gain password easily by guessing or reckoning.

  4. Information leak
    The main means used by attackers is wire tapping. If the network interface card on LAN is set as miscellaneous mode and the server is installed with a sniffer, attackers can view all packets on network and obtain remote user's account and password.

  5. Design limitation
    1. Protocol limitation
      The most typical is TCP/IP.
    2. Operation system limitation
To view network vulnerabilities list, click here.

Top

6. What are network protocols?

Computers need to abide by certain regulations together to communicate normally via network (involving internet), these regulations are so called network protocols. Network protocols are usually sorted into several layers and each layer has its own functions.

A computer must comply with network protocols in order to communicate with others, and only those on a same protocol layer may contact each other.

TCP/IP and IPX/SPX are two most popular protocols, the prior is used widely on internet, and the latter is used normally on intranet.

Want to know more information about network protocols? Click here.

Top

7. What are network packets?

Packet is data unit of TCP/IP communication transferring, which operates on the second layer (network layer) and the third layer (transport layer) of OSI.

The framework of a packet is very complicated, but primarily, it is composed of destination IP, source IP, data, etc. Destination IP is the IP address of receiver where this packet will reach; source IP is the IP address of sender where the packet is from; and data is the content of this packet. Only those computers installed TCP/IP protocols can communicate with each other owing to such framework of packet, in fact, when we communicate via network which bases on TCP/IP, what transferred through network are packets. To keep network secure, network administrators need to know what packets are active on network by analyzing packets and find out the problems. In a word, comprehending and parsing packets are essential to network security.

Top

8. What is network attack?

Initially network attack indicated those illegal and unauthorized visits to computers, called: Cracking and hacking pointed to the applications of computer techniques by professionals who can operate computers skillfully.

But nowadays, hacking has changed its originated meaning into attacking, and becomes synonymous as damaging network, burgling network information and so on network lawbreaking activities. Most attacks are prankish without a lot of damages for the limited network knowledge and operation skills of attackers. But some attacks to computer are fatal if the attacker can find out leaks of system or software and utilize the leaks to attack.

To prevent network attack, the first thing to do is to detect and analyze the IP address of attacker. Capsa can help you to do that.

Download Capsa to try, or go for more details.

Top

9. What is network monitoring?

Do you know why network monitoring is so important in internet management? According to a report, 30%-40% of employees' network activities are irrelevant to their work, 37% employees state that they often surf online during working time, and 70% visits to erotic websites happen at working time. These are also the reasons why there are 80% American and European corporations have taken steps to monitor the internet activities of employees.

Network monitoring, in nature, is to read and parse the contents of packets transferred on network. The operation principal of network transmission is that a host sends packets to another host, each packet involving data and frame which covers the information of packet like source and destination. The data of a packet may be email, web page, registration information, password, e-business records, and other information of network transactions.

Top

10. What is network analyzer?

Network analyzer is also called as protocol analyzer, which is necessary for users who want to know how the network operates. Basically, an advanced network analyzer may possess following functions:
  1. Captures all packets or appointed packets by presetting filters;
  2. Decodes packets and display data in the packets;
  3. Parses the modes of communication protocols;
  4. Shows other information of captured packets like IP address of source and destination, name of host or server, traffic, etc.

A good network analyzer can be user's right hand as it provides many data for troubleshooting; it is also an application tool to monitor network activities.

Top

11. What is IP address?

IP address is an import concept on network. An IP address is a unique 32bit address distributed to each host connecting Internet global wide. IP address is showed with four decimal numbers separated by dots; each number is homologous to eight binary bits, such as: 128. 52. 3. 2.

Internet NIC (Internet Network Information Center) is in general charge of laying out and managing global IP addresses and the particular distribution of IP addresses in United States and other districts is presided over together by Internet NIC, APNIC, RIPE. Generally each country needs to found an institute which will take charge of applying IP addresses to relevant international organizations before distributing to every client.

Top

12. What is MAC?

MAC is the physical address of network interface card used to identify it from other network interface cards. In general, the MAC address of every network interface card is unique which mostly is comprised of 6 bytes 48 bits.

To know your own MAC address, you can run ¡°command¡± program in start menu and perform ¡°WinIPcfg¡± command in opened DOS window under Win9x or run ¡°cmd¡± program in start menu and perform ¡°IPconfig-all¡± command in opened DOS window under Windows2000 and XP.

Top

13.What is the difference between IP and MAC address?

IP address is used by Internet protocols while MAC address is used by Ethernet protocols, and there is no necessary relevance between each other.

MAC address is 48 bits, which attached with Ethernet NIC (network interface card). Every Ethernet NIC producer must apply a series of MAC addresses for IEEEE organization and program it in EEPROM on NIC when producing NIC. The MAC address of any two NIC should be different, whatever producer it is from. MAC address is in every Ethernet packet as a part of Ethernet header and packets can be exchanged and transferred by Ethernet repeater according as the MAC source and destination address in Ethernet packet header.

Every Internet packet must have IP address which is distributed by Internet service providers (ISP). IP address usually works on WAN while MAC address on LAN. Most interlinks of LAN are achieved by current public web or leased line which require conversion of protocols, and although IP information can be transmitted on Ethernet, it still has to be dealt with by upper layer of network as ordinary data for it is only a part of packet header and cannot be viewed by Ethernet repeater.

Top

14. What is Port?

Port in network technique has several meanings. Port of Hub, Switch, and router is the meeting point connecting other network equipments, such as RJ-45 port, Serial port. But generally, port denotes specially the port in TCP/IP protocol which is its logical sense while not physical sense.

Port is the approach via which a computer communicates with others. We know a host with IP address can offer many kinds of services, like Web service, FTP service, SMTP service, etc, a host distinguishes different network services through IP address and port number. According to protocol type, port can be separated as two kinds: TCP port and UDP port, both are independent and have no conflict with each other. Click here to search a port.

The port numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic and/or Private Ports.

Well Known Ports:

The Well Known Ports can only be used by system (or root) processes or by programs xecuted by privileged users on most systems .
Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the "well-known port".

Registered Ports:

The Registered Ports can be used by ordinary user processes or programs executed by ordinary users on most systems.
Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port.

Dynamic and/or Private Ports

The Dynamic and/or Private Ports are those from 49152 through 65535.

Top

15. What is Frame?

Frame is the minimal unit in network transmission which is composed of binary data. Frame scale of Ethernet floats between 63 bytes at least to 1518 bytes at most, and in practice it is MTU (most transfer unit) of equipment to decide Frame size automatically. Frame is produced when computer transmitting data, say more accurately, is produced by network interface card (NIC) installed in computer. Frame is nothing to Hub since it is significative only to those equipments which can recognize it.

Top

16. What is network interface card?

NIC (network interface card) is the hardware equipment connecting computer with network physically. As the direct connection between computer and communication medium on LAN, NIC has different types according to network techniques, for instance, ATM NIC, Token-Ring NIC, Ethernet NIC and so on. Approximately 180% LAN, as statistics, adopts Ethernet technique currently.

Top

17.What are network relays?

Computer network consists of many different kinds of network that interlink each others, such interlinkage requires to be achieved with some medium devices which are called as ¡°relay system¡± by ISO terms:
  1. Physical layer (L1) relay: Repeater;
  2. Data link layer (L2) relay Bridge;
  3. Network layer (L3) relay: Router;
  4. Brouter: admixture of Bridge and Router, possessing the functions both of Bridge and Router;
  5. Relay above network layer: Gateway.

Top

18. What is Hub?

Hub is a connection device connecting multi computers or other equipments in network. As the minimal unit of concentrated management in network, many kinds of network need to rely on Hubs to connect various devices and distribute data to each segment. Basically, Hub is a shared device which main function is to magnify and transfer signals by distributing the signals received from a port to all ports. Some Hubs magnify weak signals before distributing while some others arrange signals to offer synchronous data communication for all ports.

There are multi kinds of Hubs, each having certain functions and providing different level services. Rife division is on the basis of working features:
  1. Passive Hub
    Only connects multi segments of network medium and allows signals pass through without any disposal.
  2. Active Hub
    Besides possessing all the functions of passive Hub, active Hub can monitor data and redress damaged grouping before Ethernet performs storage and repeat function.
  3. Intelligent Hub
    Possesses the features of active Hub, furthermore, intelligent Hub also provide central management function which makes it easily to find out, diagnose and remedy those problems occur on the devices connected to it. Another outstanding feature is that it can transfer data with various speeds for different devices, supporting Ethernet, Token-Ring and FDDI.
  4. Switching Hub
    A kind of intelligent Hub and holds the ability of switching routes and segmenting network in addition to basic functions of intelligent Hub. Sometimes is classified as primary Switch.

Top

19. What is Switch?

Switch is a kind of network device which is based upon MAC identification and can fulfill the task of transferring packets with encapsulation. A Switch may learn MAC address and save it to inner address list, transferring data frame from source address to destination address through the switching path created temporarily between sender and receiver.
Switch and Hub both follow IEEE802.3 or IEEE802.3u standard and use CSMA/CD technique to access network.

Switch differs from Hub mainly on two aspects:
  1. Hub is shared while Switch is exclusive;
  2. The security of Hub is lower than Switch's for it transfers packet to all ports while Switch can transfer packet to corresponding port via analyzing packet header;
  3. Hub deals with one packet at a time while Switch can transact large quantity of data synchronously.

As viewed from transfer medium and transfer speed, Switch can de separated as Ethernet Switch, Gigabit Ethernet Switch, FDDI Switch, ATM Switch and Token-Ring Switch. But classified with the most common method, Switch has three types: Desktop Switch, Workgroup Switch and Campus Switch.

Top

20. What is Router?

Router is a kind of network device used to connect multi networks with different protocols and architecture. The basic function of Router is transferring packets to proper network, including:
  1. Determining route and transmitting IP packets;
  2. Isolating subnets to control broadcast storm;
  3. Maintaining routing lists and exchanging routing information with other Routers;
  4. Rectifying errors of IP packets and simple congestion control;
  5. Filtering IP packets.

On backbone web, Router is focused on selecting routes. It must know the accesses to all lower networks so that it needs to maintain an enormous routing list and react to the changes of connecting status as quickly as possible. A fault of Router may lead to serious troubles in data transmission.

On area web, the main function of Router is network selection and routes selection, namely to connect each skeleton network unit on underlayers and to take charge of transmitting data among lower layers.

The two major types of Router are:

  1. Static Router
    Requires administrators of setting up and configuring routing table to specify each route manually;
  2. Dynamic Router
    Automatically find out routes and set up the minimal configuration.

Top

21.What is Bridge?

Bridge works on data link layer connecting two LANs and transmitting frames by MAC addresses and can be viewed as a lower router. Bridge differs from Router in following aspects:
  1. Bridge doesn't know the information of middle and upper protocols involved in the frames it transmits, such a feature enables it to settle protocols like IP, IPX and so on with same means at the same time. It also possesses the function to segment networks without route protocols (such as NetBEUI). Whereas Router deals with the data on network layer so that it may interlink different data link layers (Token-Ring segment and Ethernet segment);
  2. Router transmits data by IP address and more easily to be controlled than Bridge;
  3. Bridge is applicable to simple or small scale network commonly.
Top
Copyright © 2008 Colasoft Co., Ltd. All rights reserved.
Colasoft, Capsa and Colasoft logos are registered trademarks of Colasoft Co., Ltd. Sniffer is a registered trademark of Network General Corporation. All other names are trademarks or registered trademarks of their respective owners.
Terms of Use |  Privacy Statement |  Feedback |  Contacts |  Links |  Sitemap