Computer network is an integral part of our daily lives, with the most important reason being that of communication. The use of computer networking is to share resources like fax machines, printers, modems, files etc., and its other uses are database server, computer server, email, chat, internet etc. The computer to which the resources are attached is called the server and the other computers that access the resource are called clients. In peer-to-peer computer networks there are no servers.

The sharing of fax machines, printers, and modems amongst many computers and users reduce the operational cost. A database on a computer network is a very important application as it stores and runs many important data and jobs. Emails and chats can be used for instantaneous communication and sending of files on a computer network.

The computer networks are classified, depending upon the size, as Local Area Networks (LAN), Wide Area Networks (WAN), Metropolitan Area Networks (MAN) and Personal Area Networks (PAN). The topology (topology is the way the computer networks and network resources are connected) of the networking can be classified as Bus Network, Ring Network and Star Network.

The networking hardware basically consists of wiring, network cards and a hub. Computer network cards are required so that one computer can understand what the other computer is “talking”. Network cards have a unique MAC address to identify computers on a computer network. Hubs connect all the computers in the network. Hubs can also be used to connect to other hubs to increase the size of the computer network. Two computers can be connected using Ethernet cards or phone lines or power lines for communication, with hardware kits available at roughly a cost of $100.

As the number of computers in an office or a home increases, so do the number of cables, so wireless networking is a viable solution. In wireless networking radio transreceivers or infrared signals are used to communicate between computers and devices. Examples of wireless networking include Wi-fi and Bluetooth technology, though there may be security issues involved in wireless networking. However there definitely is a stronger preference towards wireless networking nowadays among consumers.

Computer networks have added a new dimension to the 21st century. Today the cyber world is much faster and wider than the real world. This has all been made possible due to computer networks. Computer networks have revolutionized business, communication, travel, research, defense, society and almost all human endeavors. The evolution of computer networks has helped the technological revolution take a big leap forward.

Mistake number one ? Blindly choosing the lowest bidder

This is the most common mistake made when installing voice and data network cabling. Often the lowest bidder is the contractor who is the smallest, has the least experience or the one that made a mistake on their bid. Prior to making this decision you should know your contractor. Find out how long they have been in business, visit some of the large installations they have done and by all means go visit their offices and warehouse. A site visit to their office will tell you most of what you need to know about an organization. Make sure your contractor has completed jobs of similar scope and size.

Mistake number two ? Choosing the manufactures product that will be installed

Many companies have tried to standardize on a particular manufacture of cabling system. Some of the larger manufactures are Belden, Comscope, Ortronics, AMP and Leviton. You can’t go wrong with any of these big names. However IT managers and corporate executives get hung up on trying to standardize because they believe it will make things easier for the IT staff. The reality of the situation is that if you choose any of the larger names the only components that might not be interchangeable are the faceplates. Of course there are performance criteria as well and they all claim to be the best. Do your own research and choose a manufacture that you feel has a strong company that will be there to stand behind their product should you even need to make a warranty claim

Mistake number three ? Paying too much for the latest cabling technologies

The fact is that today’s network components and network components of the future cannot exceed the specifications of Cat 5E and Cat 6 cabling components. Combine this with the fact that the average company moves every 3 to 4 years. You will find it hard to benefit from future proofing a building you don’t occupy. Look at you current infrastructure, what equipment or applications do you plan to add or upgrade? Is Gigabit or 10 Gigabit Ethernet an option for you in the near future?

Mistake number four ? Not using universal wiring

The EIA/TIA and BICSI both recommend a universal wiring platform for your Communications Infrastructure. In the old days the average install would consist of a single voice grade cable for the phone system and a single data grade cable (Cat 3, Cat5, Cat5E or Cat 6) for their computers. This of course dedicates the usability of these cables to one system type. This is further exacerbated by the termination method used. Voice cables were traditionally terminated on 66 style blocks (66m1-50), which are not user friendly and require a special tool and cross connect wire to make changes. Telephony companies have made a killing for years just performing MAC work (Moves, Adds and Changes) because a customer was unable or unwilling to brave the telephone closet and perform the MAC work themselves.

The practice of using a true universal wiring platform is now the standard for all reputable cabling contractors. A Universal Wiring Platform is made up of all data grade components that are downward compatible for all voice applications. A common installation would consist of 3 Category 5E or Category 6 cables all terminated on a 110 type Patch Panel. At the wall plate all cable would be terminated on the matching grade of 8 position modular jack (incorrectly know as an RJ-45). This design not only allows for maximum flexibility were the customer could have 3 computers or 3 phones or 2 computer and 1 phone or any configuration that works for their application. The point is that now the customer is in complete control of their cabling infrastructure and does not need to pay a contractor to come out every time they move an office. In the long run this will also save you money on the overall cabling system as it will shift and flex to meet your needs without having to bring in your cabling contractor. Remember, having the contractor in after construction has completed will involve them pulling out ceiling tiles and standing on desks while you are trying to do business. The elimination of the disruption alone makes it worth while.

Mistake number five ? No CAD pre installation and post installation CAD drawings.

Most customers really have no idea what their cabling platform will look like when they sign the paperwork. They rely on their contractor to “just do the right thing”. Do not make this mistake, if you don’t understand how your infrastructure will work or what it should look like, don’t sign. Your contractor should have the ability to take your building blue print and overlay his cabling plan on top of your electrical plans. This will give you a visual representation of what you are paying for and allow you to ask questions. Likewise, after the job is complete you should receive what is called an “As Built Drawing” showing all of your communications outlets with a standards based numbering system. Some contractor will even provide a scale elevation plan showing were your patch panels are and how much room you have left in each rack for growth and or other equipment. This should be provided to you both hard copy and in AutoCAD format for your architect to incorporate into your final building As Builts.

Mistake number six ? Not getting a design before the job starts.

This seems to be all over the board, some people have no design plan what so ever. Some will pay $10,000 for an engineering firm to write a specification were they charge by the pound for the spec. Don’t be fooled that a large spec is a good spec. Often a specification filed with time consuming exercises for the bidding contractor and unnecessary pricing breakouts will only prevent good contractors from bidding on your project. What you want is a spec that clearly defines your realistic requirements, requires basic qualification with references and does it as quickly and simply as possible. Do not try to write a spec that will cover every contingency, you will drive your contractor away and you will only confuse the process more. Once you have selected your contractor based on an apple s to apple comparison, you can always and should always sit down to discuss the project and other options that they recommend. One more thing, always, always have the contractor provide you with a parts list with quantities, not individual prices, just quantities. This will help you weed out the contractors that did their homework when you start to compare their list of parts.

Mistake number six ? No cable management

All cabling systems will look organized before they are used, that’s easy. Show me that cabling system after 6 months and I will tell you if the proper wire management was used. “Used” being the key word here. Remember, you can have the best wiring management in the world, if you don’t strictly enforce its use with your IT Staff, you will have a mess. That said, your contractor must provide you with a good design. My recommendation is, listen to your contractor, they know more than you do about this. Then, go visit some of the sites that are done the way they recommend. See how they look after being used a few months. Ask the customer how easy it is to keep organized. Don’t underestimate the value of this step. If your patch panels are a mess and you can’t effect changes in a rapid and orderly fashion then you would have been better off paying your contractor to do the MAC work for you.

Most businesses owners are not technically inclined, though they may be power users, in general security settings is not one of the first things they want to mess around with in their day to day operations. This makes most wireless LANs a great target for information predators.

Here are some general guidelines to follow in setting up your wireless network. Though it may vary from vendor to vendor, the gist is more or less the same:

1. Setup the wireless access/router point via a wired client.
2. Always change the factory setting password to something difficult for someone to guess.
3. Enable 128-bit Wired Equivalency Privacy (WEP) encryption on both your access point and network card. From time to time change the WEP key entries. If your hardware does not support a minimal of 128 bit WEP encryption, then it may be time to replace this dinosaur. WEP is only a minimal security precaution, which is better than none at all.
4. Alter the factory default SSID on the access/router point to a convoluted difficult to guess string. Initiate your computer to connect to this configured SSID by default.
5. Setup your access point not to broadcast the SSID if available.
6. Block off anonymous internet requests and pings.
7. P2P Connections should be disabled.
8. Enable MAC filtering.
9. Enable firewall on the network router/access point with demilitarized zone function disabled. Enable client firewalls for each computer in the network.
10. Update router and access point firmware as updates become available.
11. Make sure the physical router is hidden so that a random person can’t reset the settings.
12. Position the physical router near the middle of the establishment as opposed to near windows to prevent others outside from receiving the signals.

These and other settings will collectively help prevent any unwanted intrusions on your private data.

Well, there is something you should realize. Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken. As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, thus gaining access to your computer. They could load viruses on to your laptop which could be transferred to the company’s network when you go back to work.

Believe it or not! Up to 75 per cent of WLAN users do not have standard security features installed, while 20 per cent are left completely open as default configurations are not secured, but made for the users to have their network up and running ASAP. It is recommended that wireless router/access point setup be always done though a wired client.

You can setup your security by follow these steps:

1. Change default administrative password on wireless router/access point to a secured password.

2. Enable at least 128-bit WEP encryption on both card and access point. Change your WEP keys periodically. If equipment does not support at least 128-bit WEP encryption, consider replacing it. Although there are security issues with WEP, it represents minimum level of security, and it should be enabled.

3. Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.

4. Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.

5. Block anonymous Internet requests or pings. On each computer having wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only. Computer to Computer (peer to peer) Connection should not be allowed.

Enable MAC filtering. Deny association to wireless network for unspecified MAC addresses. Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards. When adding new wireless cards / computer to the network, their MAC addresses should be registered with the router /access point. Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.

All computers should have a properly configured personal firewall in addition to a hardware firewall. You should also update router/access point firmware when new versions become available. Locating router/access point away from strangers is also helpful so they cannot reset the router/access point to default settings. You can even try to locate router/access point in the middle of the building rather than near windows to limit signal coverage outside the building.

There is no guarantee of a full protection of your wireless network, but following these suggested tips can definitely lessen your risk of exposing to attackers aiming at insecure networks.

My first thought was to write an article just about MAC addresses and wireless Ethernet. After thinking about it I decided to expand on this and go over some specific information about Ethernet cards and communication.

Different Ways Of Finding Your MAC Address And More
————————————————–
There are several ways of finding your Ethernet and communications protocol information. Many Ethernet card manufacturer’s have proprietary software that can reveal this information but they work differently depending on the manufacturer. So we will use the Windows 2000 and XP “ipconfig” utility since this is available in the majority of Windows Operating Systems.

First, go to “start” -> “run” and type “cmd” without the quotes. Then hit the enter key. At the command line type “ipconfig /all”, again without the quotes. Actually, just typing ipconfig without the /all will work but will only provide you with abbreviated information regarding your network cards. An example of what you might see by typing the “ipconfig /all” command is below with each item commented in green lettering:

Fault Tolerant And Highly Availability Computer Systems
—————————-
There are several ways of finding your Ethernet and communications protocol information. Many Ethernet card manufacturer’s have proprietary software that can reveal this information but they work differently depending on the manufacturer. So we will use the Windows 2000 and XP “ipconfig” utility since this is available in the majority of Windows Operating Systems.

First, go to “start” -> “run” and type “cmd” without the quotes. Then hit the enter key. At the command line type “ipconfig /all”, again without the quotes. Actually, just typing ipconfig without the /all will work but will only provide you with abbreviated information regarding your network cards. An example of what you might see by typing the “ipconfig /all” command is below:

OutPut Of The “Ipconfig /All” Command
———————————————————-
Windows IP Configuration

Host Name . . . . . . . . . . . . : Home Computer
This is the name of your computer, typically defined during the windows installation. However, it can be changed after installation.

Primary Dns Suffix . . . . . . . : domain.com
If your computer participates in a network such as a Microsoft Windows domain this item may contain the name of the domain.

Node Type . . . . . . . . . . . . : Unknown
The Node Type may say Unknown, or peer-to-peer, or in some cases “hybrid”. It is a setting that has to do with the Windows Internet Naming Services used in certain types of Windows domain networks.

IP Routing Enabled. . . . . . . . : No
This setting determines if Windows XP or 2000 will function as an IP router. If you have two or more network cards you can setup your system to act as a router, forwarding communications requests from one network to another. Windows 2000 can be configured to do this in a pretty straight forward fashion; Windows XP will need a registry modification.

WINS Proxy Enabled. . . . . . . . : No
WINS Proxy is another setting that is related to the “Node Type” we discussed earlier. It is normally not a required setting in a home or small office network, or newer types of Microsoft Windows domains.

Ethernet adapter Wireless Network Connection 2:
If you have multiple Ethernet (network) cards in your systems, as I do in this laptop, you will have multiple listings. This one happens to be the second Ethernet card, an internal wireless Ethernet card.

Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
This is the description of the Ethernet card, usually the Name / Manufacturer and type of Ethernet card. In this case, it is a Broadcom wireless Ethernet card built into my laptop.

Physical Address. . . . . . . . . : 00-90-4B-F1-6E-4A
And here we have the MAC address. The MAC address is a 48 bit hexadecimal code and is suppose to be a totally unique address. It is 48 bits because each number or letter in hexadecimal represents 8 bits. Hexadecimal numbers range from 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E, F. There are 6 alpha-numeric codes hence 6*8=48(bits). The first 3 codes identify the manufacturer of the card and the remaining codes are used to create a unique number. Theoretically there should never be a card with same MAC address on a local network. However, there are a few exceptions. There are software tools that allow you to change this code. In fact, this is a step some hackers take to attack other systems on a local network. I say local network because MAC addresses are not routable between network segments. By spoofing this address, you can impersonate another machine on the local network. Traffic that was bound for the intended target can be redirected to the hacker’s machine. This is the address you would also use to populate a MAC address, or physical address table when setting up your wireless access point to support MAC address filtering.

DHCP Enabled. . . . . . . . . . . : Yes
DHCP, or the Dynamic Host Control Protocol, if enabled means your computers IP address is being provided by a DHCP server on you network. The DHCP server could be your wireless access point, cable/dsl router, cable modem, or a server on your network. Also, if a DHCP server is not enabled on your network, your computers Operating System will auto generate a random IP address within a certain predefined range. This means you could network a group of systems together without having to manually assign the IP settings.

IP Address. . . . . . . . . . . . : 192.168.0.117
This parameter provides you with your current IP address. The address listed above is what is called a “private” address. There are certain classes of IP addresses that have been set aside for private use. This means for your internal, local, or private network at home or office. These addresses are not, or should not, be routable on the Internet. The Internet routes what are called “valid” IP addresses. Your cable/dsl router or cable modem has a valid IP address assigned to its “external” network interface. The external interface may be your phone line or cable TV cable.

Subnet Mask . . . . . . . . . . . : 255.255.255.0
The Subnet Mask is a special number, or in some sense, filter, that breaks down your IP address, in this case private IP address, into certain groups. IP addresses and Subnet Masks can be a complicated matter and would take an entire article to go over.

Default Gateway . . . . . . . . . : 192.168.0.254
The default gateway, the IP addresses listed above, is the IP address of the device that will route your request, such as when you try to browse a website, to the Internet. It is a bit more complicated than that though as gateways or routers can route traffic to various different networks, even other private networks. At your home or small office, this gateway most likely is your cable/dsl modem or router.

DHCP Server . . . . . . . . . . . : 192.168.0.49
The DHCP server, remember we talked a little about this above, is the device that assigns your computer an IP address and other information. DHCP servers can assign all kinds of information such as; Default Gateway, Domain Name Servers (DNS), IP address, Subnet Mask, Time Server, and much more.

DNS Servers . . . . . . . . . . . : 192.168.0.49, 64.105.197.58
DNS Servers are internal or external servers that resolve Fully Qualified Domain Names (FQDN), such as www.defendingthenet.com , to IP addresses. This is done because computers don’t actually transmit your requests using the domain name, they use the IP address assigned to the FQDN. For most home or small office users, the primary DNS server is the IP address of your cable/dsl router. Your cable/dsl router than queries an external DNS server on the Internet to perform the actual resolution of the FQDN to IP address. The address 192.168.0.49 is an internal private device on my network whereas the 64.105.197.58 is an external public Internet DNS server and is present just in case my router has trouble performing the DNS resolution tasks.

Lease Obtained. . . . . . . . . . : Sunday, March 19, 2006 6:38:16 PM
This information tells you when your computer received its IP address and other information from a DHCP server. You will notice it says “Lease Obtained”, that is because most DHCP servers only lease the IP address to you from a pool of available address. For instance, your pool may be 192.168.1.1 through 192.168.1.50. So your DHCP server has 50 IP addresses to choose from when assigning your computer its IP address.

Lease Expires . . . . . . . . . . : Wednesday, March 29, 2006 9:38:16 PM
When the IP address, assigned by the DHCP server, lease expires it will attempt to lease you the same or another IP address. This function can typically be changed on the DHCP server. For instance, on some fully functional DHCP servers, you can configure the Lease to never expire, or to expire within 1 day and so on.

Why Are MAC Addresses So Important And How Do They Work
——————————————————
To jump back to MAC address for just a bit. You may think that IP addresses are the most important thing when it comes to network communication. The reality is, MAC addresses are very important because without them computers would not be able to communicate over Ethernet networks. When a computer wants to speak with another computer on a local network, it will make a broadcast request, or ask a question, of who owns a particular IP address. For instance, your computer may say “Who is 192.168.0.254″. Using the information above, my default gateway is 192.168.0.254 and will answer “I am “00-90-4B-F1-6E-4A” 192.168.0.254″. It sends back its MAC address. That MAC address then goes into what is called a Address Resolution Protocol (ARP) table on your computer. You can see this information by going to the command prompt like you did above and typing “arp ?a”. You will get information like the following:

Internet Address Physical Address Type
192.168.0.49 00-12-17-5c-a2-27 dynamic
192.168.0.109 00-12-17-5c-a2-27 dynamic
192.168.0.112 00-0c-76-93-94-b2 dynamic
192.168.0.254 00-0e-2e-2e-15-61 dynamic

How A Hacker Can Use MAC Addresses In An Attack
———————————————-
You will notice the IP addresses and to the right of them the MAC addresses. Without this information, without the MAC address, you would not be reading this article right now. MAC addresses are not routable like IP addresses. They work on your local or private network. However, devices on the Internet perform the same tasks. Routers and switches maintain a list of their peer devices MAC address just like your computers and devices on your home or office network. I mentioned above that MAC addresses can be changed in order to redirect requests. For instance, if I were on your office network and you had an internal web server that took personal information as input, I could tell your computer to go to my laptop for the web site by broadcasting my MAC address tied to the real web servers IP address. I would do this when you computer asked “Who is the “Real Web Server”". I could setup a fake web server that looks just like the real thing, and start collecting information the real web server would normally collect. You can see how dangerous this can be.

Conclusion
———–
There are several other easy ways you can find your MAC address but they can be a little confusing if you have more than one internal network card. Most external USB, or PCMCIA wired and wireless Ethernet cards have their MAC address printed on them. In cases where the wired or wireless network card are inside your computer, such as in laptops, the MAC address is sometimes printed on the bottom of the laptop. Even Desktop systems cards that are inserted in PCI slots have the MAC address printed on the Ethernet card.

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)
————
http://www.defendingthenet.com/NewsLetters/FindingYourMACAddressOnWiredAndWirelessNetworkCards.htm

About The Author
—————-
Darren Miller is an Information Security Consultant with over seventeen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@defendingthenet.com. If you would like to know more about computer security please visit us at http://www.defendingthenet.com.

Network interface layer
The lowest layer of the TCP/IP model. Its task is to provide access to the transmission physical medium and it differs according to the implementation of the medium.

Network layer
The network layer provides network addressing, routing and datagram transmission. Used protocols that will be of interest further regarding DHCP are IP and ARP.

IP protocol
It is the basic protocol of the network layer and in general the internet as a whole. It sends datagrams, which are independent units that contain information about the destination, source and the sequence number of the datagram. The sequence number is used for message reconstruction, since the delivery order of the datagrams might not be the same as their order in the message and delivery reliability isn’t guaranteed at all.
IP protocol versions:
” IP v4 – 32 bit addresses. Provides approximately 4 billion unique addresses which aren’t sufficient at present times.
” IP v6 – 128 bit addresses. The transition to v6 will bring (is bringing) higher security, QoS, packet segmentation and many more IP addresses. (the transition from IP v4 to IP v6 must be supported by the system provider)

ARP protocol
The ARP abbreviation stands for Address Resolution Protocol. This protocol is used to find the physical address (MAC) based on a known IP address. If required ARP sends information concerning the wanted address to all the stations in the network – Broadcast. The stations consequently answer with a message containing their MAC. If the wanted device/station is outside the node/segment, the appropriate router will answer instead of it.

Transport layer
The transport layer is implemented only in terminal devices and it adjusts the behavior of the network according to the requirements of the device/application.

Application layer
The application layer is composed of programs that use net services to fulfill the needs of users. Examples of specific protocols are for instance FTP, DNS and DHCP.
Application protocols use TCP, UDP or both services at the same time. So called ports are used to differentiate between application protocols, they represent a type of label of the application. It is possible to change the ports in the settings of the service, but each service has a default port that isn’t changed for most services and is used as an unwritten standard.

” FTP = 21
” DNS = 53
” DHCP = 67 + 68