Some very basic network basics
Networking is a ICT expertise all of its own but there are a couple of things you should know to understand why networking is sometimes not working at all.
WAN is a wide area network. Internet is a typical example.
LAN is a local area network, the technology is basically the same as in
a WAN but access is limited. Your home network is a LAN
WLAN is a wireless local network.
LAN or WLAN
The advantage of a wireless solution is obvious: you can place the unit
almost everywhere without having to run a cable. An easy and aesthetically
pleasing solution.
The disadvantages are:
- setup more complex
- a 53 MBps (Mega Bits (yes Bits, not Bytes) per second) WLAN is about as 5 times slower then a 100 MBps LAN (sounds illogical but a encrypted WLAN generates much more overhead)
- less stable (might drop off now and then)
Another issue is health. Some people believe that the radiation generated by Wi-Fi (or GSM or UMTS) is detrimental to our health. As far as I could judge, there is no scientific evidence that this might be the case. On the other hand, it took science almost 3 decades to establish the relation between asbestos and cancer. Fortunately, as a smoker I don't have this problem.
Access Point
A common configuration is:
You have a cable entering your house, this is your connection to Internet.
This cable is attached to a box (the Access Point, AP for short)
All your devices are connected to this box. It takes care of the communication
between the devices in your LAN (switch function).
If you are browsing the Internet or e-mailing, it take care of the connection
with internet.
It separates internal communication (LAN) from external communication (WAN)
(router function).
Often it has a built-in firewall to protect your LAN
You can compare it with a telephone switch. If you dial a internal number,
the communication remains local. Only if you dial an outside number you
are connected to the world.
TCP/IP
TCP/IP is the lingua franca of the internet. In enables all kind of devices
to exchange information simply because they all speak the same language:
the TCP/IP protocol.
Each computer in a TCP/IP network has its own unique (IP) address.
You can compare it with the telephone system where each phone has its unique
number to.
In general all devices in a local network with common access to the internet
by an AP has an address starting with 192.168.xxx.xxx.
If you your HF show something like 192.168…. it is probably connected
to your AP.
Port
If you surf the internet, every thing you do is displayed in your browser.
If you receive an email, it is not displayed in your browser but in your
e-mail application.
How does your computer knows it? This is because each application is using
a different port.
Your IP-address is like the address of your home, it tells where the package
should be delivered. The port tells to which member of the household it
is addressed.
DHCP
What happens if you connect your HF to your LAN?
It needs to have an unique IP-address in your LAN otherwise communication
fails (or your music is send to a printer or so)
This is solved for you by the AP with a trick called DHCP (Dynamic Host
Configuration Protocol). DHCP sees to it that each device connected to
your LAN gets its own unique number. It sets a couple of other parameters
as well like the address of the router so the HF knows which address to
use to access the Internet.
So DHCP automatically configures the network connection of the HF.
Security
In the past hacking was the ultimate sport for nerds. Today it more and more becomes a criminal activity. As people starts to use the internet for banking, shopping, etc. the more interesting it becomes to hack a PC and try to find information about your banking account, credit card, etc. A sound security is unfortunately a must.
Firewall
They come in many flavours but modern ones are like the Windows firewall
keep track of the state of a connection.
If you browse to http://www.hifidelio-user.de/,
you send a package to this address and the server sends back a package
containing the opening page. The firewall accept this because the request
has been generated from inside. If some hacker makes a spoof and send a
package to you as if it was send by http://www.hifidelio-user.de/ de
firewall will drop this package because there is no matching request from
inside the firewall. It prevents you from unsolicited access over the internet.
In practice it is also the tool to control the ports. In general they are
all closed except when needed. If you close port 80 you can't surf
the internet because browsers use this port to communicate with web servers.
So it must be open.
Your AP is your gateway to the (internet) world. Likewise it’s the worlds gateway to you. It is the front door to your whole network so you better have a lock on it. I think a good firewall at your AP is a must.
Virus scan
A firewall projects you against unsolicited access. It don't protect you against the content of a package. Even without visiting a porn site you might get a virus. A virus scan is needed to scan the content of all information entering your PC.
Encryption
A WLAN-device broadcasts its signal. Any receiver inside the distance (20-30m in case of Wi-Fi) will pickup the signal. Compared with access to the internet where the whole world is knocking at your front door , this is almost trivial. On the other hand, if somebody get access, it is inside your LAN. So sound encryption is needed. WEP could be easily cracked (couple of minutes) so WPA is recommended.
Janus Head
Network security is a Janus head indeed. At one hand it protects you against
malicious content. At the other end things might simply not work, not because
the software is malfunctioning but because the security measures are blocking
proper functioning.
So for testing purposes you might decide to lift the security rules a bit.
If your AP has a good firewall, you might decide to have the firewall at
your PC disabled.
The company I’am working for switched from wire to fibre for Internet
access. But it wasn't working over fibre. So the engineer, just for
testing purposes, disabled the firewall. Within half an hour our network
was hacked en we where sending spam al over the world.
Disabling the firewall at your AP is not a good idea.
The essence of security: don't forget: just because you're paranoid,
it doesn't mean that they are not out to get you.