Computer Security 101 (tm)

In order to better secure your home computer or home network it helps if you have some basic knowledge of how it all works so you can understand what exactly you are securing and why.
This will be the first in a 10-part series to help provide an overview of the terms and technology used and some of the tips, tricks, tools and techniques you can use to make sure your computer is secure.
To begin with, I want to provide some understanding of what these terms are so that when you read about the latest malicious code spreading through the Internet and how it gets into and infects your computer you will be able to decipher the techie terms and determine if this affects you or your computer and what steps you can or should take to prevent it. For Part 1 of this series we will cover Hosts, DNS, ISP’s and Backbone.
The term “host” can be confusing because it has multiple meanings in the computer world. It is used to describe a computer or server that provides web pages. In this context it is said that the computer is “hosting” the web site. Host is also used to describe the companies that allow people to share their server hardware and Internet connection to share these as a service rather than every company or individual having to buy all their own equipment.
A “host” in the context of computers on the Internet is defined as any computer that has a live connection with the Internet. All computers on the Internet are peers to one another. They can all act as servers or as clients. You can run a web site on your computer just as easily as you can use your computer to view web sites from other computers. The Internet is nothing more than a global network of hosts communicating back and forth. Looked at in this way, all computers, or hosts, on the Internet are equal.
Each host has a unique address similar to the way street addressing works. It would not work to simply address a letter to Joe Smith. You have to also provide the street address- for example 1234 Main Street. However, there may be more than one 1234 Main Street in the world, so you must also provide the city- Anytown. Maybe there is a Joe Smith on 1234 Main Street in Anytown in more than one state- so you have to add that to the address as well. In this way, the postal system can work backward to get the mail to right destination. First they get it to the right state, then to the right city, then to the right delivery person for 1234 Main Street and finally to Joe Smith.
On the Internet, this is called your IP (Internet protocol) address. The IP address is made up of four blocks of three numbers between 0 and 255. Different ranges of IP addresses are owned by different companies or ISP’s (Internet service providers). By deciphering the IP address it can be funneled to the right host. First it goes to the owner of that range of addresses and can then be filtered down to the specific address its intended for.
I might name my computer “My Computer”, but there is no way for me to know how many other people named their computer “My Computer” so it would not work to try to send communications to “My Computer” any more than addressing a letter simply to “Joe Smith” would get delivered properly. With millions of hosts on the Internet it is virtually impossible for users to remember the addresses of each web site or host they want to communicate with though, so a system was created to let users access sites using names that are easier to recall.
 The Internet uses DNS (domain name system) to translate the name to its true IP address to properly route the communications. For instance, you may simply enter “yahoo.com” into your web browser. That information is sent to a DNS server which checks its database and translates the address to something like 64.58.79.230 which the computers can understand and use to get the communication to its intended destination.
DNS servers are scattered all over the Internet rather than having a single, central database. This helps to protect the Internet by not providing a single point of failure that could take down everything. It also helps speed up processing and reduce the time it takes for translating the names by dividing the workload among many servers and placing those servers around the globe. In this way, you get your address translated at a DNS server within miles of your location which you share with a few thousand hosts rather than having to communicate with a central server half way around the planet that millions of people are trying to use.
Your ISP (Internet Service Provider) most likely has their own DNS servers. Depending on the size of the ISP they may have more than one DNS server and they may be scattered around the globe as well for the same reasons cited above. An ISP has the equipment and owns or leases the telecommunications lines necessary to establish a presence on the Internet. In turn, they offer access through their equipment and telecommunication lines to users for a fee.
The largest ISP’s own the major conduits of the Internet referred to as the “backbone”. Picture it the way a spinal cord goes through your backbone and acts as the central pipeline for communications on your nervous system. Your nervous system branches off into smaller paths until it gets to the individual nerve endings similar to the way Internet communications branch from the backbone to the smaller ISP’s and finally down to your individual host on the network.
If something happens to one of the companies that provide the telecommunications lines that make up the backbone it can affect huge portions of the Internet because a great many smaller ISP’s that utilize that portion of the backbone will be affected as well.
This introduction should give you a better understanding of how the Internet is structured with the backbone providers supplying communications access to the ISP’s who in turn supply that access to the individual users such as yourself. It should also have helped you understand how your computer relates with the millions of other “hosts” on the Internet and how the DNS system is used to translate “plain-English” names to addresses that can be routed to their proper destinations. In the next installment we will cover TCPIP, DHCP, NAT and other fun Internet acronyms.
Previous
Next Post »