Perhaps you’re familiar with the How Stuff Works series of books. They cover topics from military hardware to the mundane, explaining how they work in full page, full color graphics. They are like picture books for adults, and they’re great for visual learners. Success brought sequels, some of which focused on topics that would be useful to those gunning for CompTIA A+ certification. How Networks Work is a wonderful resource for those who find textbook descriptions of routers and switches lacking, and I’ve often recommended it for visual learners. Once upon a time, A+ certification courseware even came with a copy of How Computers Work, which was very useful for students curious to see the inner workings of hard drives, RAM and more.

As good as some book illustrations are, they are almost always black-and-white, and of course non-interactive. That’s why I’m fond of pointing A+ certification students towards How Stuff Works’ Computer Channel. The full color illustrations are nice, but the real draw is the interactive Flash-based graphics that can show processes, not just hardware. Some of the nice ones I’ve found:

• Front-side buses
• DRAM
• Flip-flops (used in high-speed cache memory)
• Inkjet printers
• Routers

How Stuff Works Computer Channel

I was rather surprised when during a discussion on security one of my students referenced the attack on Morgan Hill (a city just south of San Jose). Not knowing about it, I Googled around a bit and was frankly shocked—not just by the attack, but by how underreported it went. Some party or parties with apparently expert knowledge of AT&T’s infrastructure severed (only!) eight fiber optic cables. The extent of the damage was sobering, if brief. According to Bruce Perens’ report:

“That attack demonstrated a severe fault in American infrastructure: its centralization. The city of Morgan Hill and parts of three counties lost 911 service, cellular mobile telephone communications, land-line telephone, DSL internet and private networks, central station fire and burglar alarms, ATMs, credit card terminals, and monitoring of critical utilities. In addition, resources that should not have failed, like the local hospital’s internal computer network, proved to be dependent on external resources, leaving the hospital with a “paper system” for the day.”

Wouldn’t you think cell phone service would still work if you severed underground fiber? But cell phone service is basically a network, and even towers that use radio frequency transmissions rely on their wired connections to centralized servers. Wouldn’t you think a hospital’s internal network could carry on without a connection to the outside world? But it too was dependent on outside services.

Service was out for about a day for hundreds of thousands of people and businesses. That may not seem terrible until you think about what a day without 911 service would be like. What pulled the city through was the local cadre of ham radio operators. Respect and thanks are owed to these volunteers, and kudos to the local authorities for the foresight to have long standing relationships with the hams.

Why haven’t we heard more about this?

In the modern, consumer-driven, 24-hour news cycle, if it bleeds it leads. Since, strangely, there was no concurrent terrorist attack and no one was hurt, the event was a blip on the news radar screen which quickly vanished. It is left to the imagination how much we would have heard about it had the intent (which remains mysterious) been more malicious.

I can’t realistically fault the mainstream news media for not analyzing in depth a story in which not one person was injured. But I remain surprised at the lack of noise that has reached my ears from respected sources in the information security world. Neither SANS nor NIST have a whisper about the attack or its implications for those of us who work with computers, networks, and information security on their websites. Industry specific blogs, for example related to the internet or homeland security, have reported the event, but the computer industry has been remarkably silent about the important lessons illustrated by this event.

So what are the lessons for computer professionals?

First, the Morgan Hill attack should remind any computer professional of the primacy of physical security. If you can get your hands on it, it’s game over.

Second, I’ve always been a big fan of having low-tech backups for high-tech solutions. How many calls for emergency police and fire services would have gone unanswered if not for the ham radio enthusiasts of Morgan Hill?

Third, the drawbacks of centralization must be mitigated. Bob lives in San Martin. Someone cuts a fiber optic cable in Morgan Hill. Now Bob’s cell phone doesn’t work. It seems ludicrous, but it happened because the local cell phone network was optimized through central switching devices for speed and service, not reliability. We must examine our networks carefully for non-obvious single points of failure, and dependency on remote services.

Remember, if you’re going for CompTIA A+ certification, networking is 15% of the Essentials test and security is 8%. For the CompTIA A+ Practical Application test the percentages are 15% and 13%, respectively. The attack on Morgan Hill provides a vivid and blessedly bloodless (this time) example of the real world importance of these topics.

While CompTIA does not directly address phishing in the A+ certification objectives, most A+ certification books I’ve read expressly mention it as it relates to the Security domain of both A+ certification tests. Sometimes end users will ask me, “What exactly is phishing?” or “How can I tell if an email is real or fake?” A simple, direct answer can be elusive, as the tell-tale signs of a phishing email are varied, and users often gain knowledge of them through experience.

Fortunately Consumer Reports has put together a wonderful visual aid that I use in A+ certification classes when we talk about phishing. Their online security guide has a link at the bottom, “Go phish”. Follow and it will launch an interactive Flash quiz that presents real phishing emails mixed in with legitimate emails, and challenges the user to determine which are the fakes. A real boon is that the phishing emails are subsequently highlighted to display the little mistakes that give them away, making the tool not only a great introduction to the concept of phishing, but an education in real, practical tips for email safety.

Most of my students are pretty savvy, and have the experience to know a fake when they see one. But being able to show someone else how to spot a phishing attack is something else again. That’s why I’ve been recommending to my students who work in IT to use the tool as a means to educate the end users in their charge.

Consumer Reports Online Security Guide

I’ve just posted a network speed table to help you memorize the speeds of all the various connections. CompTIA is fond of asking a question on the A+ test involving a scenario where a given minimum bandwith is listed, and you must know which connection would be fast enough to meet their criteria. Thus, I’ve listed all of the connections mentioned in most A+ certification books, and sorted them by typical speed.

CompTIA requires information like this in domain 4.0 Networking of the 220-701 A+ Essentials test, and domain 3.0 Networking of the 220-702 A+ Practical Application test. Specifically, A+ Essentials domain 4.2 requires you to “Compare and contrast the different network types”, and lists DSL, cable, fiber, dial-up, wireless (all 802.11 types, they specify) and more.

I consider the Network Speed Table a work in progress and I’ll be updating it in the future. Particularly, CompTIA mentions other network types such as satellite, cellular, and Bluetooth, which the table does not include. When I’ll update the table I’ll post a notification here on the front page. Additionally, the speeds listed include minimum, maximum, and typical speeds. For this information I drew from various sources, including A+ certification books, books for other CompTIA certifications including Network+ and Security+, and good old Wikipedia. As such there is certainly room for some, shall we say, discussion about the speeds. The speeds I list as typical are particularly open to interpretation and may conflict with your personal experience, but rest assured those numbers were not pulled out of a hat. They were pulled out of Wikipedia. I know that’s not an authoritative source, but that way I know if you and I have a disagreement over them, then other geeks have already had the same disagreement and the result you see on the table is the result the Wikipedia-editing geek community has come to rest on (for now). However some of the other numbers were drawn straight from CompTIA A+ certification books, and I’ve been around enough to know that those numbers aren’t always accurate, even though they ought to be. Heck, sometimes two different books don’t agree with each other, even though they have each gone though a supposedly authoritative vetting process. Therefore, if you find an inaccuracy in the table, or have any suggested addition or edit, leave it in the comments!

I’ve added a guide to the 7 layer OSI model, which will help illustrate how various pieces of hardware and software interact with each other. Networking is covered in domain 4.0 of CompTIA’s 220-701 A+ Essentials test and domain 3.0 of CompTIA’s 220-702 A+ Practical Application test. Most A+ courseware does a pretty good job of going over the basics of TCP/IP, including DNS, DHCP, SSL and other protocols. However, much is left for the student to figure out regarding how these protocols interrelate.
When looking at the chart, I recommend starting by following the link to “James Bond Meets the 7 Layer OSI Model”. It is perhaps the best description I’ve seen of the process the OSI model is designed to model.
Armed with that knowledge, look particularly at the right side of the chart, which illustrates which particular pieces of hardware and software fit in at a given layer of the OSI model. Remember that transmitted data will be passed down the stack from one layer to the next. That will help clarify the relationship between TCP/IP, routers, switches, NICs, and other elements that are required knowledge on CompTIA’s A+ test.