You are on page 1of 4

a virtual private network (VPN) A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such

as the Internet, to provide remote offices or individual users with extremely secure access to their organization's network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost. A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses. Advantages
y

Allows you to be at home and access your company's computers in the same way as if you were sitting at work. Almost impossible for someone to tap or interfere with data in the VPN tunnel. If you have VPN client software on a laptop, you can connect to your company from anywhere in the world.

y y

Disadvantages
y

Setup is more complicated than less secure methods. VPN works across different manufacturers' equipment, but connecting to a non-NETGEAR product will add to difficulty, since there may not documentation specific to your situation. The company whose network you connect to may require you to follow the company's own policies on your home computers ( ! )

Ad Hoc Network "Ad Hoc" is actually a Latin phrase that means "for this purpose." It is often used to describe solutions that are developed on-the-fly for a specific purpose. In computer networking, an ad hoc network refers to a network connection established for a single session and does not require a router or a wireless base station. For example, if you need to transfer a file to your friend's laptop, you might create an ad hoc network between your computer and his laptop to transfer the file. This may be done using an Ethernet crossover cable, or the computers' wireless cards to communicate with each other. If you need to share files with more than one computer, you could set up a mutli-hop ad hoc network, which can transfer data over multiple nodes. Basically, an ad hoc network is a temporary network connection created for a specific purpose (such as transferring data from one computer to another). If the network is set up for a longer period of time, it is just a plain old local area network (LAN).

IPv4 IPv4 was the first version of Internet Protocol to be widely used, and accounts for most of today s Internet traffic. There are just over 4 billion IPv4 addresses. While that is a lot of IP addresses, it is not enough to last forever. Each computer or device connected to the Internet must have a unique IP address in order to communicate with other systems on the Internet. Because the number of systems connected to the Internet is quickly approaching the number of available IP addresses, IPv4 addresses are predicted to run out soon. When you consider that there are over 6 billion people in the world and many people have more than one system connected to the Internet (for example, at home, school, work, etc.), it is not surprising that roughly 4.3 billion addresses is not enough. To solve this problem, a new 128-bit IP system, called IPv6, has been developed and is in the process of replacing the current IPv4 system. During this transitional process from IPv4 to IPv6, systems connected to the Internet may be assigned both an IPv4 and IPv6 address IPv6 IPv6, also called IPng (or IP Next Generation), is the next planned version of the IP address system. (IPv5 was an experimental version used primarily for streaming data.) While IPv4 uses 32-bit addresses, IPv6 uses 128-bit addresses, which increases the number of possible addresses by an exponential amount. For example, IPv4 allows 4,294,967,296 addresses to be used (2^32). IPv6 allows for over 340,000,000,000,000,000,000,000,000,000,000,000,000 IP addresses. That should be enough to last awhile. Because IPv6 allows for substantially more IP addresses than IPv4, the addresses themselves are more complex. They are typically written in this format: hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh Each "hhhh" section consists of a four-digit hexadecimal number, which means each digit can be from 0 to 9 and from A to F. An example IPv6 address may look like this: F704:0000:0000:0000:3458:79A2:D08B:4320 Bluetooth Because IPv6 addresses are so complex, the new system also adds extra security to computers connected to the Internet. Since there are so may IP address possibilities, it is nearly impossible to guess the IP address of another computer. While most computer systems today support IPv6, the new Internet procotol has yet to be fully implemented. During this transitional process, computers are often assigned both an IPv4 and an IPv6 address. This wireless technology enables communication between Bluetooth-compatible devices. It is used for short-range connections between desktop and laptop computers, PDAs (like the Palm Pilot or Handspring Visor), digital cameras, scanners, cellular phones, and printers. Infrared once served the same purpose as Bluetooth, but it had a number of drawbacks. For example, if there was an object placed between the two communicating devices, the transmission would be

interrupted. (You may have noticed this limitation when using a television remote control). Also, the Infrared-based communication was slow and devices were often incompatible with each other. TCP/IP Port Filtering TCP/IP port filtering is the practice of selectively enabling or disabling Transmission Control Protocol (TCP) ports and User Datagram Protocol (UDP) ports on computers or network devices. When used in conjunction with other security practices, such as deploying firewall software at your Internet access point, applying port filters to intranet and Internet servers insulates those servers from many TCP/IPbased security attacks, including internal attacks by malicious users. An Internet or intranet host, such as a computer or network device on a TCP/IP-based network, uses a combination of an IP address and port number to communicate with an application or service running on another Internet or intranet host. Together, an IP address and port number make up a socket. Because TCP/IP hosts are assigned a unique IP address, and standard TCP/IP-based applications and services typically use a specific TCP or UDP port number, sockets can direct communications between specific applications or services running on specific hosts. Port Forwarding Port Forwarding is the technique of taking packets destined for a specific TCP of UDP port and machine, and 'forwards' them to a different port and/or machine. This is done 'transparently', meaning that network clients cannot see that Port Forwarding is being done. They connect to a port on a machine when in actually fact the packets are being redirected elsewhere. OR Port forwarding, also referred to as tunneling, is essentially the process of intercepting traffic bound for a certain IP/port combination and redirecting to a different IP and/or port. This redirection may be accomplished by an application running on the destination host, or it may be performed by intermediate hardware, like a router, proxy server or firewall. Normally, a routing device will look at the header of a packet and simply send it to the appropriate interface to reach the destination it finds in the header. In port forwarding, however, the intercepting application or device reads the packet header, notes the destination, but rewrites the header information and sends it to a another host destination, different from the one requested. That host destination may be a different IP using the same port, a different port on the same IP, or completely different combination of the two.