CertiGuide to Security+  9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)       9  3.2  Media

3.2  Media 1 3.2.2  UTP (Unshielded Twisted Pair) / STP (Shielded Twisted Pair)

The initial cabling for Ethernet networks was coax. Thicknet, or 10Base5, is used for longer network distances up to 300 meters and up to 10mb/sec speeds. You can recognize it by its large cable diameter and typically orange or bright blue color. Thinnet, or 10Base2 is used for shorter network distances up to 183 meters and up to 10mb/sec speeds.

For the most part, coax network segments have been replaced by fiber and UTP/STP. However, coax may still be in use within some organizations.

A primary security consideration of coax-based network segments is reliability. Thinnet was used in many small networks in the late 1980’s and early 1990’s because it was the least expensive alternative at the time, and easier to work with than the “frozen garden hose”-like Thicknet. However, Thinnet is also less reliable than other alternatives. Because coax is used to implement bus topology networks, a fault could bring down the network. 10Base2 cabling, which looks very similar to cable TV wiring, is very flexible and susceptible to problems due to kinks, being run over by an office chair, crushed by a server box, etc.

While 10Base2 cable looks like TV cable, it is NOT the same physical media. If TV cable is used for a Thinnet network, it may appear to work (for a while at least), but your network will experience performance and packet error issues. In addition to issues with the cable itself, there could also be issues with connectors and terminators.

A loose connection or missing terminator could cause erratic network performance, with reduced speed, high frame transmission error counts, or even a lack of network connectivity as the result. Similarly, with Thicknet, a malfunctioning transceiver could also cause excessive packet transmissions, frame transmission errors, etc. Since a fault anywhere along the cable is likely to affect the entire segment, coax-based networks don’t have the same level of fault tolerance as UTP/STP based networks. Usually time-consuming trial and error or an expensive diagnostic device like a TDR (Time Domain Reflectometer) is required to locate cable or connector errors on coax-based networks.

Another security consideration for 10Base2 coax-based network segments is that it is possible for anyone with access to the cable, to “tap” into it and add an unauthorized device to the network. It’s easy to tap into a Thinnet-based segment (by adding another length of cable with a Tee connector, anywhere along the network), and also possible, though a bit more involved, to tap into Thicknet. Since the device connections on a bus network don’t occur in a centralized location (as with hub-based systems), but rather at any convenient point along the cable, it is more difficult to physically monitor for these unauthorized devices. To compensate for this, if your network includes coax segments, you might want to regularly scan those network segments with a network scanner program like nmap (mentioned in an earlier section) and flag any unknown devices.

3.2  Media 1 3.2.2  UTP (Unshielded Twisted Pair) / STP (Shielded Twisted Pair)