Explores network structures, communication protocols, and methods to combat cybersecurity threats.
### Topic 5: Communication and the Internet
This topic covers the fundamental principles of how computer systems connect and communicate, and the security measures required to protect them.
#### 1. Types of Networks
A computer network is a collection of interconnected computers and other hardware devices that can share resources and data. The two primary types are differentiated by their geographical scope.
Local Area Network (LAN): A network confined to a small geographical area, such as a single building, an office, or a school computer lab in Lahore. The organization that uses the LAN typically owns the network hardware and cabling (e.g., twisted-pair Ethernet cables, fibre optic) or uses its own Wireless Access Points (WAPs) for WiFi. Data transfer speeds are generally very high.
Wide Area Network (WAN): A network that spans a large geographical area, often connecting multiple LANs across cities or even countries. The infrastructure, such as telephone lines, fibre optic cables, or satellite links, is often leased from telecommunications companies like PTCL. The internet is the world's largest public WAN.
#### 2. Network Hardware
Specific hardware is required for devices to communicate on a network.
Network Interface Card (NIC): A hardware component that allows a computer to connect to a network. Each NIC has a unique, globally assigned MAC (Media Access Control) address, which is a permanent, physical address.
Switch: A device that connects multiple devices together on a single LAN. It is more intelligent than an older hub because it uses MAC addresses to forward data packets (specifically, frames) only to the intended recipient device, reducing network traffic and improving efficiency.
Router: A device that connects two or more different networks together, for example, connecting your home LAN to the internet (a WAN). Routers use IP addresses to direct data packets to their destination across networks. Your home WiFi device from a provider like StormFiber is typically a combined router, switch, and WAP.
Wireless Access Point (WAP): Allows wireless-capable devices to connect to a wired network using Wi-Fi.
*Common Misconception: * A **switch** operates on a LAN to connect devices within that network using MAC addresses. A **router** operates between networks to forward traffic from one network to another (e.g., from your LAN to the internet) using IP addresses.
#### 3. How the Internet Works
IP Addresses: An **Internet Protocol (IP) address** is a unique logical address assigned to every device on a network. It's like a postal address for your computer.
IPv4: The older, 32-bit format, written as four numbers separated by dots (e.g., `172.16.254.1`). It supports ~4.3 billion addresses, which are now largely exhausted.
IPv6: The new, 128-bit format, written as eight groups of hexadecimal numbers (e.g., `2001:0db8:85a3:0000:0000:8a2e:0370:7334`). It was introduced to solve the shortage of IPv4 addresses.
DNS (Domain Name System): Humans find it easier to remember names like `seekhoasaan.com` than IP addresses. The DNS acts as the internet's phonebook.
*Step-by-step DNS lookup:*
You type a domain name into your browser.
Your computer sends a request to a DNS resolver (usually run by your Internet Service Provider).
If the resolver doesn't know the IP, it queries a series of authoritative DNS servers.
The correct IP address is returned to your computer.
Your browser uses this IP address to connect to the web server hosting the website.
Packet Switching: Data sent over the internet is broken down into small, manageable chunks called **packets**. Each packet contains a portion of the data, a **header** with the source and destination IP addresses, and its sequence number. These packets travel independently across the network, potentially taking different routes, and are reassembled in the correct order at the destination. This method is efficient and robust; if one packet is lost, only that packet needs to be re-sent.
#### 4. Network Protocols
A protocol is a set of rules that governs how data is transmitted and received. These rules are often organized in layers (a concept known as a protocol stack, like the TCP/IP model).
TCP/IP (Transmission Control Protocol/Internet Protocol): The foundational suite of the internet. IP is responsible for addressing and routing packets. TCP ensures the data transfer is reliable and ordered, reassembling packets correctly and re-requesting any that are lost.
HTTP (Hypertext Transfer Protocol): The protocol used by web browsers to request and display web pages from servers.
HTTPS (HTTP Secure): A secure version of HTTP. It encrypts the data between your browser and the server using SSL/TLS, making it essential for online banking (e.g., HBL Konnect) and e-commerce to protect sensitive information.
FTP (File Transfer Protocol): A standard protocol for transferring files between a client and a server on a network.
Email Protocols:
SMTP (Simple Mail Transfer Protocol): Used for sending emails.
IMAP (Internet Message Access Protocol): Used for receiving emails. It synchronizes with the mail server, so actions (like reading or deleting an email) on one device are reflected everywhere.
POP3 (Post Office Protocol): Also for receiving emails, but it typically downloads them to your device and deletes them from the server.
#### 5. Cybersecurity Threats and Prevention
Cybersecurity involves protecting computer systems and networks from theft, damage, or unauthorized access.
Common Threats:
Malware (Malicious Software):
Virus: Attaches itself to a legitimate program. Requires human action (like running the program) to spread.
Worm: A standalone program that can replicate itself and spread across a network without human intervention.
Ransomware: Encrypts a user's files and demands a ransom payment for the decryption key.
Phishing: A form of social engineering where attackers send fraudulent emails or messages (e.g., pretending to be from Meezan Bank or FBR) to trick victims into revealing sensitive information like passwords or credit card numbers.
Denial-of-Service (DoS) Attack: An attempt to make a machine or network resource unavailable to its intended users by flooding the target with superfluous requests, overwhelming the system.
Brute-force Attack: An automated trial-and-error method used to guess a password by trying all possible combinations.
Prevention Methods:
Authentication: Verifying the identity of a user. Strong passwords (long, complex, unique) are a first line of defence. Biometrics (fingerprint, face ID) provide another layer.
Firewall: A network security system that monitors and controls incoming and outgoing network traffic based on a set of security rules. It acts as a barrier between a trusted internal network and an untrusted external network (like the internet).
Encryption: The process of converting data into a code to prevent unauthorized access. It is the core technology behind HTTPS and VPNs.
Anti-malware Software: Programs designed to detect, prevent, and remove malware from a computer.
User Access Levels: Restricting system access to authorized users and limiting their privileges to only what is necessary for their job (the principle of least privilege). This prevents a user from accidentally or intentionally accessing or damaging sensitive data.
Key Points to Remember
1LAN: local area; WAN: wide area; Internet is largest WAN
2TCP/IP protocols govern internet communication
3DNS translates domain names to IP addresses
4Threats: phishing, malware, brute force; Protect with firewalls, encryption, 2FA
Pakistan Example
Pakistan's Cybercrime Act and FIA — Networking Security in Action
Pakistan's FIA (Federal Investigation Agency) Cybercrime Wing investigates phishing scams, bank fraud, and ransomware attacks. In 2023, major Pakistani banks faced SIM-swap fraud — attackers used social engineering to obtain OTP codes. This combines phishing (fake customer service calls) with brute force. The PTA's DIRBS (Device Identification, Registration, and Blocking System) uses IP addresses and device IDs — real networking concepts protecting Pakistani mobile users.
Quick Revision Infographic
Computer Science — Quick Revision
Networking & Security
Key Concepts
1LAN: local area; WAN: wide area; Internet is largest WAN
2TCP/IP protocols govern internet communication
3DNS translates domain names to IP addresses
4Threats: phishing, malware, brute force; Protect with firewalls, encryption, 2FA
Formulas to Know
CP/IP protocols govern internet communication
Pakistan Example
Pakistan's Cybercrime Act and FIA — Networking Security in Action
Pakistan's FIA (Federal Investigation Agency) Cybercrime Wing investigates phishing scams, bank fraud, and ransomware attacks. In 2023, major Pakistani banks faced SIM-swap fraud — attackers used social engineering to obtain OTP codes. This combines phishing (fake customer service calls) with brute force. The PTA's DIRBS (Device Identification, Registration, and Blocking System) uses IP addresses and device IDs — real networking concepts protecting Pakistani mobile users.