Module 5: Application Layer

Domain Name Space (DNS):

An application layer protocol defines how the application processes running on different
systems, pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a host on the
network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a sequence of
symbols specified by dots.
o DNS is a service that translates the domain name into IP addresses. This allows the
users of networks to utilize user-friendly names when looking for other hosts instead of
remembering the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50,
most people would reach this site by specifying ftp.EduSoft.com. Therefore, the
domain name is more reliable than IP address.

DNS is a TCP/IP protocol used on different platforms. The domain name space is divided into
three different sections: generic domains, country domains, and inverse domain.
Generic Domains

o It defines the registered hosts according to their generic behavior.

o Each node in a tree defines the domain name, which is an index to the DNS database.
o It uses three-character labels, and these labels describe the organization type.

Label Description

Aero Airlines and aerospace companies

Biz Businesses or firms

Com Commercial Organizations

Coop Cooperative business Organizations

Edu Educational institutions

Gov Government institutions

Info Information service providers

Int International Organizations

Mil Military groups

Museum Museum & other nonprofit organizations

Name Personal names

Net Network Support centers

Org Nonprofit Organizations

Pro Professional individual Organizations

Country Domain

The format of country domain is same as a generic domain, but it uses two-character country
abbreviations (e.g., us for the United States) in place of three character organizational
abbreviations.

Inverse Domain
The inverse domain is used for mapping an address to a name. When the server has received a
request from the client, and the server contains the files of only authorized clients. To determine
whether the client is on the authorized list or not, it sends a query to the DNS server and ask
for mapping an address to the name.

Working of DNS

o DNS is a client/server network communication protocol. DNS clients send requests to

the. server while DNS servers send responses to the client.
o Client requests contain a name which is converted into an IP address known as a
forward DNS lookups while requests containing an IP address which is converted into
a name known as reverse DNS lookups.
o DNS implements a distributed database to store the name of all the hosts available on
the internet.
o If a client like a web browser sends a request containing a hostname, then a piece of
software such as DNS resolver sends a request to the DNS server to obtain the IP
address of a hostname. If DNS server does not contain the IP address associated with a
hostname, then it forwards the request to another DNS server. If IP address has arrived
at the resolver, which in turn completes the request over the internet protocol.
Dynamic Domain Name System (DDNS)
What is DDNS?

The Dynamic Domain Name System (DDNS) is a protocol that provides DNS extensions that
allow DNS servers to accept requests to dynamically add, update, and delete entries in the
DNS database.
 A DDNS server can serve both static and dynamic domains at the same time,
since DDNS is a functional superset of existing DNS servers.
 Rather than allowing any server to change its DNS records, the secure version
of DDNS authenticates update requests from DDNS hosts using critical public
security and digital signatures.
 Dynamic DNS was created to address the problem of frequent IP changes. For
example, when you search for a domain name, you'll get a dynamic IP address
mapped to that domain. The Internet Service Provider (ISP) provides this
dynamic IP address.
 When the same domain is searched again later, the ISP may be given a different
IP address from the IP address pool, resulting in a different IP address being
returned.
 When the IP address changes, the DDNS system refreshes the DNS database,
which is always up to date with the domain-IP mapping. The outside world will
be able to access the domain name at all times without having to worry about IP
changes.

Applications of DDNS

Since domain controllers register their network service types in DNS so that other computers
in the domain (or forest) can access them, dynamic DNS is an essential aspect of Active
Directory in Microsoft Windows networks.

DDNS for Internet Access Devices

 Dynamic DNS providers provide a software client programme that automates

discovering and registering public IP addresses for the client system. On a
computer or device in the private network, the client programme is run. It uses
a unique login name to connect to the DDNS provider's systems.
 The provider uses the name to associate the found public IP address of the home
network with a domain name system hostname.

For Security

 For IP-based security products like DVRs and IP cameras, dynamic DNS is an
expected feature, if not a requirement. The usage of current DDNS services or
new services hosted by the manufacturer are only two of the alternatives
available to manufacturers these days.
 A simple HTTP-based update API is nearly always utilised because it enables
straightforward integration of a DDNS client into a device's firmware.
  MintDNS, cURL, and Inadyn are just a few examples of pre-made tools to help
with server and client development.
 Most web-based DDNS providers use a common username and password
security scheme. A user must first create an account on the DDNS server
website, after which they must set up their device to submit updates to the DDNS
server anytime an IP address change is detected.

Benefits of Using a DDNS:

Following are some of the benefits of using a dynamic DNS

 You can visit your website or server from any location on the planet without
worrying about your IP address changing. A device on your network sends your
IP address to the DDNS service regularly.
 Your network administrators will save time by not having to update settings with
each IP address change, allowing them to focus on the health of your network.
 You won't have to manually update all of your records whenever your IP address
changes. In the long term, DDNS is less expensive than static DNS.

Difference between DNS and DDNS

Difference between DNS and DDNS:

• DNS is static which means it remains fixed for a particular domain whereas Dynamic DNS
changes is dynamic in nature which means it changes every time.

• Both the systems comprise of the TCP/IP protocol.

• Both DNS and DDNS are developed because users cannot remember the numeric IP addresses
of different websites.
Telnet
o The main task of the internet is to provide services to users. For example, users want to
run different application programs at the remote site and transfers a result to the local
site. This requires a client-server program such as FTP, SMTP. But this would not allow
us to create a specific program for each demand.
o The better solution is to provide a general client-server program that lets the user access
any application program on a remote computer. Therefore, a program that allows a user
to log on to a remote computer. A popular client-server program Telnet is used to meet
such demands. Telnet is an abbreviation for Terminal Network.
o Telnet provides a connection to the remote computer in such a way that a local terminal
appears to be at the remote side.

There are two types of login:

Local Login
 o When a user logs into a local computer, then it is known as local login.
o When the workstation running terminal emulator, the keystrokes entered by the
user are accepted by the terminal driver. The terminal driver then passes these
characters to the operating system which in turn, invokes the desired application
program.
o However, the operating system has special meaning to special characters. For
example, in UNIX some combination of characters have special meanings such
as control character with "z" means suspend. Such situations do not create any
problem as the terminal driver knows the meaning of such characters. But, it
can cause the problems in remote login.
Remote login

o When the user wants to access an application program on a remote computer,

then the user must perform remote login.

How remote login occurs

At the local site

The user sends the keystrokes to the terminal driver, the characters are then sent to the
TELNET client. The TELNET client which in turn, transforms the characters to a
universal character set known as network virtual terminal characters and delivers them
to the local TCP/IP stack

At the remote site

The commands in NVT forms are transmitted to the TCP/IP at the remote machine.
Here, the characters are delivered to the operating system and then pass to the TELNET
server. The TELNET server transforms the characters which can be understandable by
a remote computer. However, the characters cannot be directly passed to the operating
system as a remote operating system does not receive the characters from the TELNET
server. Therefore it requires some piece of software that can accept the characters from
the TELNET server. The operating system then passes these characters to the
appropriate application program.

Network Virtual Terminal (NVT)

o The network virtual terminal is an interface that defines how data and
commands are sent across the network.
o In today's world, systems are heterogeneous. For example, the operating system
accepts a special combination of characters such as end-of-file token running a
DOS operating system ctrl+z while the token running a UNIX operating system
is ctrl+d.
o TELNET solves this issue by defining a universal interface known as network
virtual interface.
o The TELNET client translates the characters that come from the local terminal
into NVT form and then delivers them to the network. The Telnet server then
translates the data from NVT form into a form which can be understandable by
a remote computer.
EMAIL:
E-mail is defined as the transmission of messages on the Internet. It is one of the most
commonly used features over communications networks that may contain text, files, images,
or other attachments. Generally, it is information that is stored on a computer sent through a
network to a specified individual or group of individuals.

Email messages are conveyed through email servers; it uses multiple protocols within
the TCP/IP

suite. For example, SMTP is a protocol

, stands for simple mail transfer protocol
and used to send messages whereas other protocols IMAP or POP are used to retrieve messages
from a mail server. If you want to login to your mail account, you just need to enter a valid
email address, password, and the mail servers used to send and receive messages.

Although most of the webmail servers automatically configure your mail account, therefore,
you only required to enter your email address and password. However, you may need to
manually configure each account if you use an email client like Microsoft Outlook or Apple
Mail. In addition, to enter the email address and password, you may also need to enter incoming
and outgoing mail servers and the correct port numbers for each one.

Email messages include three components, which are as follows:

C++ vs Java

o Message envelope: It depicts the email's electronic format.

o Message header: It contains email subject line and sender/recipient information.
o Message body: It comprises images, text, and other file attachments.

The email was developed to support rich text with custom formatting, and the original email
standard is only capable of supporting plain text messages. In modern times, email
supports HTML

(Hypertext markup language), which makes it capable of emails to support the same formatting
as websites
. The email that supports HTML can contain links, images, CSS layouts
, and also can send files or "email attachments" along with messages. Most of the mail servers
enable users to send several attachments with each message. The attachments were typically
limited to one megabyte in the early days of email. Still, nowadays, many mail servers are able
to support email attachments of 20 megabytes or more in size.

In 1971, as a test e-mail message, Ray Tomlinson sent the first e-mail to himself. This email
was contained the text "something like QWERTYUIOP." However, the e-mail message was
still transmitted through ARPANET, despite sending the e-mail to himself. Most of the
electronic mail was being sent as compared to postal mail till 1996.
Differences between email and webmail

The term email is commonly used to describe both browser-based electronic mail and non-
browser-based electronic mail today. The AOL and Gmail are browser-based electronic mails,
whereas Outlook for Office 365 is non-browser-based electronic mail. However, to define
email, a difference was earlier made as a non-browser program that needed a dedicated client
and email server. The non-browser emails offered some advantages, which are enhanced
security, integration with corporate software platforms, and lack of advertisements.

Uses of email

Email can be used in different ways: it can be used to communicate either within an
organization or personally, including between two people or a large group of people. Most
people get benefit from communicating by email with colleagues or friends or individuals or
small groups. It allows you to communicate with others around the world and send and receive
images, documents, links, and other attachments. Additionally, it offers benefit users to
communicate with the flexibility on their own schedule.

There is another benefit of using email; if you use it to communicate between two people or
small groups that will beneficial to remind participants of approaching due dates and time-
sensitive activities and send professional follow-up emails after appointments. Users can also
use the email to quickly remind all upcoming events or inform the group of a time change.
Furthermore, it can be used by companies or organizations to convey information to large
numbers of employees or customers. Mainly, email is used for newsletters, where mailing list
subscribers are sent email marketing campaigns directly and promoted content from a
company.

Email can also be used to move a latent sale into a completed purchase or turn leads into paying
customers. For example, a company may create an email that is used to send emails
automatically to online customers who contain products in their shopping cart. This email can
help to remind consumers that they have items in their cart and stimulate them to purchase
those items before the items run out of stock. Also, emails are used to get reviews by customers
after making a purchase. They can survey by including a question to review the quality of
service.

Advantages of Email

There are many advantages of email, which are as follows:

o Cost-effective: Email is a very cost-effective service to communicate with others as

there are several email services available to individuals and organizations for free of
cost. Once a user is online, it does not include any additional charge for the services.
o Email offers users the benefit of accessing email from anywhere at any time if they
have an Internet connection.
 o Email offers you an incurable communication process, which enables you to send a
response at a convenient time. Also, it offers users a better option to communicate easily
regardless of different schedules users.
o Speed and simplicity: Email can be composed very easily with the correct information
and contacts. Also, minimum lag time, it can be exchanged quickly.
o Mass sending: You can send a message easily to large numbers of people through
email.
o Email exchanges can be saved for future retrieval, which allows users to keep important
conversations or confirmations in their records and can be searched and retrieved when
they needed quickly.
o Email provides a simple user interface and enables users to categorize and filter their
messages. This can help you recognize unwanted emails like junk and spam mail. Also,
users can find specific messages easily when they are needed.
o As compared to traditional posts, emails are delivered extremely fast.
o Email is beneficial for the planet, as it is paperless. It reduces the cost of paper and
helps to save the environment by reducing paper usage.
o It also offers a benefit to attaching the original message at the time you reply to an
email. This is beneficial when you get hundreds of emails a day, and the recipient knows
what you are talking about.
o Furthermore, emails are beneficial for advertising products. As email is a form of
communication, organizations or companies can interact with a lot of people and inform
them in a short time.

Disadvantages of Email

o Impersonal: As compared to other forms of communication, emails are less personal.

For example, when you talk to anyone over the phone or meeting face to face is more
appropriate for communicating than email.
o Misunderstandings: As email includes only text, and there is no tone of voice or body
language to provide context. Therefore, misunderstandings can occur easily with email.
If someone sends a joke on email, it can be taken seriously. Also, well-meaning
information can be quickly typed as rude or aggressive that can impact wrong.
Additionally, if someone types with short abbreviations and descriptions to send
content on the email, it can easily be misinterpreted.
o Malicious Use: As email can be sent by anyone if they have an only email address.
Sometimes, an unauthorized person can send you mail, which can be harmful in terms
 of stealing your personal information. Thus, they can also use email to spread gossip or
false information.
o Accidents Will Happen: With email, you can make fatal mistakes by clicking the
wrong button in a hurry. For instance, instead of sending it to a single person, you can
accidentally send sensitive information to a large group of people. Thus, the
information can be disclosed, when you have clicked the wrong name in an address list.
Therefore, it can be harmful and generate big trouble in the workplace.
o Spam: Although in recent days, the features of email have been improved, there are
still big issues with unsolicited advertising arriving and spam through email. It can
easily become overwhelming and takes time and energy to control.
o Information Overload: As it is very easy to send email to many people at a time,
which can create information overload. In many modern workplaces, it is a major
problem where it is required to move a lot of information and impossible to tell if an
email is important. And, email needs organization and upkeep. The bad feeling is one
of the other problems with email when you returned from vacation and found hundreds
of unopened emails in your inbox.
o Viruses: Although there are many ways to travel viruses in the devices, email is one of
the common ways to enter viruses and infect devices. Sometimes when you get a mail,
it might be the virus come with an attached document. And, the virus can infect the
system when you click on the email and open the attached link. Furthermore, an
anonymous person or a trusted friend or contact can send infected emails.
o Pressure to Respond: If you get emails and you do not answer them, the sender can
get annoyed and think you are ignoring them. Thus, this can be a reason to make
pressure on your put to keep opening emails and then respond in some way.
o Time Consuming: When you get an email and read, write, and respond to emails that
can take up vast amounts of time and energy. Many modern workers spend their most
time with emails, which may be caused to take more time to complete work.
o Overlong Messages: Generally, email is a source of communication with the intention
of brief messages. There are some people who write overlong messages that can take
much time than required.
o Insecure: There are many hackers available that want to gain your important
information, so email is a common source to seek sensitive data, such as political,
financial, documents, or personal messages. In recent times, there have various high-
profile cases occurred that shown how email is insecure about information theft.
Different types of Email

There are many types of email; such are as follows:

Newsletters: It is studying by Clutch, the newsletter is the most common type of email that are
routinely sent to all mailing list subscribers, either daily, weekly, or monthly. These emails
often contain from the blog or website, links curated from other sources, and selected content
that the company has recently published. Typically, Newsletter emails are sent on a consistent
schedule, and they offer businesses the option to convey important information to their client
through a single source. Newsletters might also incorporate upcoming events or new, webinars
from the company, or other updates.

Lead Nurturing: Lead-nurturing emails are a series of related emails that marketers use to
take users on a journey that may impact their buying behavior. These emails are typically sent
over a period of several days or weeks. Lead-nurturing emails are also known as trigger
campaigns, which are used for solutions in an attempt to move any prospective sale into a
completed purchase and educate potential buyers on the services. These emails are not only
helpful for converting emails but also drive engagement. Furthermore, lead-nurturing emails
are initiated by a potential buyer taking initial action, such as clicking links on a promotional
email or downloading a free sample.

Promotional emails: It is the most common type of B2B (Business to Business) email, which
is used to inform the email list of your new or existing products or services. These types of
emails contain creating new or repeat customers, speeding up the buying process, or
encouraging contacts to take some type of action. It provides some critical benefits to buyers,
such as a free month of service, reduced or omitted fees for managed services, or percentage
off the purchase price.

Standalone Emails: These emails are popular like newsletters emails, but they contain a
limitation. If you want to send an email with multiple links or blurbs, your main call-to-action
can weaken. Your subscriber may skip your email and move on, as they may click on the first
link or two in your email but may not come back to the others.

Onboarding emails: An onboarding email is a message that is used to strengthen customer

loyalty, also known as post-sale emails. These emails receive users right after subscription. The
onboarding emails are sent to buyers to familiarize and educate them about how to use a product
effectively. Additionally, when clients faced with large-scale service deployments, these
emails help them facilitate user adoption.

Transactional: These emails are related to account activity or a commercial transaction and
sent from one sender to one recipient. Some examples of transactional email are purchase
confirmations, password reminder emails, and personalized product notifications. These emails
are used when you have any kind of e-commerce component to your business. As compared to
any other type of email, the transactional email messages have 8x the opens and clicks.

Plain-Text Emails: It is a simple email that does not include images or graphics and no
formatting; it only contains the text. These types of emails may worth it if you try to only ever
send fancy formatted emails, text-only messages. According to HubSpot, although people
prefer fully designed emails with various images, plain text emails with less HTML won out
in every A/B test. In fact, HTML
emails contain lower open and click-through rates, and plain text emails can be great for blog
content, event invitations, and survey or feedback requests. Even if you do not send plainer
emails, but you can boost your open and click through rates by simplifying your emails and
including fewer images.

Welcome emails: It is a type of B2B email and common parts of onboarding emails that help
users get acquainted with the brand. These emails can improve subscriber constancy as they
include additional information, which helps to the new subscriber in terms of a business
objective. Generally, welcome emails are sent buyers who got a subscription to a business's
opt-in activities, such as a blog, mailing list, or webinar. Also, these emails can help businesses
to build a better relationship between customers.

Examples of email attacks

Although there are many ways to travel viruses in the devices, email is one of the most common
vectors for cyberattacks. The methods include spoofing, spamming, spear-phishing, phishing,
ransomware, and business email compromise (BEC).

There are many organizations (around 7710) hit by a BEC attack every month, as one out of
every 412 emails contains a malware attack. According to the Symantec Internet Threat
Security Report, spear-phishing is the most widely used infection vector. Below is given a
complete description of these types of attacks:

o Phishing: A form of fraud in which the attacks are the practice of sending fraudulent
communications that appear to come from a reputable entity or person in email or other
communication channels. Usually, it is done through the email; phishing emails are
used by attackers to steal sensitive data like credit card and login information or to
install malware on the victim's machine. Additionally, everyone should learn about a
phishing attack in order to protect themselves, as it is a common type of cyberattack.
The common features of phishing emails are Sense of urgency, Hyperlinks, Too Good
to Be True, Unusual sender, Attachments.
o Spamming: Spam email is unsolicited bulk messages sent without explicit consent
from the recipient, which is also known as junk email. Since the 1990s, spam is a
problem faced by most email users and has been increasing in popularity. Obtained by
spambots, spam mail recipients have had their email addresses (automated programs),
which crawl the Internet to find email addresses. This is the dark side of email
marketing in which spammers use spambots to create email distribution lists. Typically,
an email is sent by a spammer to millions of email addresses with the expectation that
only a few numbers of an email address will respond or interact with the message.
o Spoofing: Email spoofing is an email message that could be obtained from someone or
somewhere other than the intended source. It is a popular strategy that is used in spam
and phishing campaigns as core email protocols do not have a built-in method of
 authentication. And, when people think the email has been sent by a legitimate or
familiar source, they are more likely to open an email. Thus, it is a common tactic used
for spam and phishing emails. The email spoofing is used with the purpose of getting
mail recipients to open emails and possibly respond to a solicitation.
o Business email compromise (BEC): A BEC is an exploit in which an authorized
person or attacker hacks to a business email account and spoofs the owner's identity to
defraud the company, its customers, partners of money. Often, an attacker simply
creates an account with an email address that is almost identical to one on the corporate
network, which creates trust between the victim and their email account. Sometimes, a
BEC is also known as a man-in-the-email attack. Some samples of BEC email messages
that contain the word in subject, such as urgent, transfer, request, payment, and more.
There are five types of BEC scams on the basis of the FBI, which are False Invoice
Scheme, CEO Fraud, Data Theft, Attorney Impersonation, Account Compromise.
o Spear-phishing: Email spoofing is an attack where hackers target an individual or
specific organization to gain sensitive information through unauthorized access. Spear
phishing is not initiated by random hackers but attempted by perpetrators to gain
financial benefits or secrets information. It is an attack in which attackers send emails
to specific and well-researched targets while purporting to be a trusted sender. The main
objective of spear phishing is to convince victims to hand over information or money
and infect devices with malware.
o Ransomware: It is a subset of malware that is used to encrypt a victim's files.
Typically, it locks data by encryption on the victim's system. Typically, it locks data by
encryption on the victim's system, and attackers demand payments before the ransomed
data is decrypted. Unlike other types of attacks, the primary goal of ransomware attacks
is just about always monetary. Usually, when the exploit occurs, a victim is notified
about the attack and is given instructions for how to recover from the attack.

Popular email sites

There are some free email website examples include the following:

o AOL
o Zoho
o Gmail
o ProtonMail
o Com
o Microsoft Outlook
 o Yahoo Mail

Email is a platform that allows users to communicate with people or groups of people around
the world. As email security is more important but consequent, it is not inherently secure.

What can be sent in an e-mail?

An email is a platform that enables users to communicate with each other. It allows users to
send text messages, including a file or other data on the e-mail all over the world. It is also
possible to attach a picture, word processor document, PDF, program, movie, or any file stored
on your computer in an e-mail. However, due to some security issues, it may not be possible
to send certain types of files on the email; they need some additional steps. For example, the
.exe file can be blocked by many companies from being sent over the email, and you will need
to compress the file into a .zip file format. Additionally, you may be unable to send any large
files or programs from being sent over e-mail as most e-mail providers have file size
restrictions.

What should be write e-mail or email?

You can use any word email or e-mail according to the style guide you are following as both
are valid and have the same meaning. However, the e-mail word has a hyphen and is a
compound noun that describes "electronic" and "mail."

How to send and receive e-mail

E-mail program

You can use an email program to send and receive an email. An email program is also known
as an e-mail client. There are many email programs available to send and receive an email,
including Mozilla Thunderbird and Microsoft Outlook. A server is used to store and deliver
your messages while you use an email client. Often, your ISP (Internet service provider) host
this server but can be another Internet company to host this server. To download the new
emails, an email client requires connecting a server, whereas online stored emails are always
available on Internet-connected devices.

Online e-mail

An online e-mail service or webmail is an alternative way and the popular solution for most
people in sending and receiving e-mail. Examples of online emails are Yahoo Mail, Gmail, and
Hotmail (now Outlook.com).

Some of the popular e-mail clients?

Today, there are different software-based e-mail clients available for users, but these are not
online. Below is given a list that contains the most popular clients.

o Microsoft Outlookv
o Mail for Windows 10
 o DreamMail
o Mozilla Thunderbird
o eM Client
o Mailbird

What makes a valid e-mail address?

Users need to follow the various rule that is given below to make valid email address:

o A username followed by @ (the at sign) is most important for an email address, which
is followed by the domain name with a domain suffix. Hence, an e-mail must have a
username.
o The domain name cannot be longer than 254 characters, and the username cannot be
longer than 64 characters long.
o An email must have only one @ sign.
o An email should not have space and special characters like \ [ ] ( ) , : ; < >. Sometimes,
few symbols such as backslash, space, and quotation mark work must be preceded with
a forward slash. But these characters are not allowed by some email providers.
o In the email, the email address and username cannot start or end with a period.
o The two or more successive periods are not allowed in the email.
FTP
o FTP stands for File transfer protocol.
o FTP is a standard internet protocol provided by TCP/IP used for transmitting the files
from one host to another.
o It is mainly used for transferring the web page files from their creator to the computer
that acts as a server for other computers on the internet.
o It is also used for downloading the files to computer from other servers.

Objectives of FTP

o It provides the sharing of files.

o It is used to encourage the use of remote computers.
o It transfers the data more reliably and efficiently.

Why FTP?

Although transferring files from one system to another is very simple and straightforward, but
sometimes it can cause problems. For example, two systems may have different file
conventions. Two systems may have different ways to represent text and data. Two systems
may have different directory structures. FTP protocol overcomes these problems by
establishing two connections between hosts. One connection is used for data transfer, and
another connection is used for the control connection.

Mechanism of FTP
The above figure shows the basic model of the FTP. The FTP client has three components: the
user interface, control process, and data transfer process. The server has two components: the
server control process and the server data transfer process.

There are two types of connections in FTP:

o Control Connection: The control connection uses very simple rules for
communication. Through control connection, we can transfer a line of command or line
of response at a time. The control connection is made between the control processes.
The control connection remains connected during the entire interactive FTP session.
o Data Connection: The Data Connection uses very complex rules as data types may
vary. The data connection is made between data transfer processes. The data connection
opens when a command comes for transferring the files and closes when the file is
transferred.

FTP Clients

o FTP client is a program that implements a file transfer protocol which allows you to
transfer files between two hosts on the internet.
o It allows a user to connect to a remote host and upload or download the files.
o It has a set of commands that we can use to connect to a host, transfer the files between
you and your host and close the connection.
o The FTP program is also available as a built-in component in a Web browser. This GUI
based FTP client makes the file transfer very easy and also does not require to remember
the FTP commands.

Advantages of FTP:
o Speed: One of the biggest advantages of FTP is speed. The FTP is one of the fastest
way to transfer the files from one computer to another computer.
 o Efficient: It is more efficient as we do not need to complete all the operations to get
the entire file.
o Security: To access the FTP server, we need to login with the username and password.
Therefore, we can say that FTP is more secure.
o Back & forth movement: FTP allows us to transfer the files back and forth. Suppose
you are a manager of the company, you send some information to all the employees,
and they all send information back on the same server.

Disadvantages of FTP:
o The standard requirement of the industry is that all the FTP transmissions should be
encrypted. However, not all the FTP providers are equal and not all the providers offer
encryption. So, we will have to look out for the FTP providers that provides encryption.
o FTP serves two operations, i.e., to send and receive large files on a network. However,
the size limit of the file is 2GB that can be sent. It also doesn't allow you to run
simultaneous transfers to multiple receivers.
o Passwords and file contents are sent in clear text that allows unwanted eavesdropping.
So, it is quite possible that attackers can carry out the brute force attack by trying to
guess the FTP password.
o It is not compatible with every system.
What is World Wide Web?

World Wide Web, which is also known as a Web, is a collection of websites or web pages
stored in web servers and connected to local computers through the internet. These websites
contain text pages, digital images, audios, videos, etc. Users can access the content of these
sites from any part of the world over the internet using their devices such as computers, laptops,
cell phones, etc. The WWW, along with internet, enables the retrieval and display of text and
media to your device.

The building blocks of the Web are web pages which are formatted in HTML and connected
by links called "hypertext" or hyperlinks and accessed by HTTP. These links are electronic
connections that link related pieces of information so that users can access the desired
information quickly. Hypertext offers the advantage to select a word or phrase from text and
thus to access other pages that provide additional information related to that word or phrase.

A web page is given an online address called a Uniform Resource Locator (URL). A particular
collection of web pages that belong to a specific URL is called a website,
e.g., www.facebook.com, www.google.com, etc. So, the World Wide Web is like a huge
electronic book whose pages are stored on multiple servers across the world.

Small websites store all of their WebPages on a single server, but big websites or organizations
place their WebPages on different servers in different countries so that when users of a country
search their site they could get the information quickly from the nearest server.

So, the web provides a communication platform for users to retrieve and exchange information
over the internet. Unlike a book, where we move from one page to another in a sequence, on
World Wide Web we follow a web of hypertext links to visit a web page and from that web
page to move to other web pages. You need a browser, which is installed on your computer, to
access the Web.
Difference between World Wide Web and Internet:

Some people use the terms 'internet' and 'World Wide Web' interchangeably. They think they
are the same thing, but it is not so. Internet is entirely different from WWW. It is a worldwide
network of devices like computers, laptops, tablets, etc. It enables users to send emails to other
users and chat with them online. For example, when you send an email or chatting with
someone online, you are using the internet.

But, when you have opened a website like google.com for information, you are using the World
Wide Web; a network of servers over the internet. You request a webpage from your computer
using a browser, and the server renders that page to your browser. Your computer is called a
client who runs a program (web browser), and asks the other computer (server) for the
information it needs.

History of the World Wide Web:

The World Wide Web was invented by a British scientist, Tim Berners-Lee in 1989. He was
working at CERN at that time. Originally, it was developed by him to fulfill the need of
automated information sharing between scientists across the world, so that they could easily
share the data and results of their experiments and studies with each other.

CERN, where Tim Berners worked, is a community of more than 1700 scientists from more
than 100 countries. These scientists spend some time on CERN site, and rest of the time they
work at their universities and national laboratories in their home countries, so there was a need
for reliable communication tools so that they can exchange information.

Internet and Hypertext were available at this time, but no one thought how to use the internet
to link or share one document to another. Tim focused on three main technologies that could
make computers understand each other, HTML, URL, and HTTP. So, the objective behind the
invention of WWW was to combine recent computer technologies, data networks, and
hypertext into a user-friendly and effective global information system.
How the Invention Started:

In March 1989, Tim Berners-Lee took the initiative towards the invention of WWW and wrote
the first proposal for the World Wide Web. Later, he wrote another proposal in May 1990.
After a few months, in November 1990, along with Robert Cailliau, it was formalized as a
management proposal. This proposal had outlined the key concepts and defined terminology
related to the Web. In this document, there was a description of "hypertext project" called
World Wide Web in which a web of hypertext documents could be viewed by browsers. His
proposal included the three main technologies (HTML, URL, and HTTP).

In 1990, Tim Berners-Lee was able to run the first Web server and browser at CERN to
demonstrate his ideas. He used a NeXT computer to develop the code for his Web server and
put a note on the computer "The machine is a server. Do Not Power It DOWN!!" So that it was
not switched off accidentally by someone.

In 1991, Tim created the world's first website and Web Server. Its address was info.cern.ch,
and it was running at CERN on the NeXT computer. Furthermore, the first web page address
was http://info.cern.ch/hypertext/WWW/TheProject.html. This page had links to the
information related to the WWW project, and also about the Web servers, hypertext
description, and information for creating a Web server.

The Web Grows:

NeXT computer platform was accessible by a few users. Later, the development of 'line-mode'
browser, which could run on any system, started. In 1991, Berners-Lee introduced his WWW
software with 'line-mode' browser, Web server software and a library for developers.

In March 1991, it was available to colleagues who were using CERN computers. After a few
months, in August 1991, he introduced the WWW software on internet newsgroups, and it
generated interest in the project across the world. Graphic interface for the internet, first
introduced to the public on 6 August 1991 by Tim Berners-Lee. On 23 August 1991, it was
available to everyone.

Becoming Global:

The first Web server came online in December 1991 in the United States. At this time, there
were only two types of browsers; the original development version which was available only
on NeXT machines and the 'line-mode' browser which was easy to install and run on any
platform but was less user-friendly and had limited power.

For further improvement, Berners-Lee asked other developers via the internet to contribute to
its development. Many developers wrote browsers for the X-Window System. The first web
server, outside Europe, was introduced at Standard University in the United States in 1991. In
the same year, there were only ten known web servers across the world.

Later at the beginning of 1993, the National Center for Supercomputing Applications (NCSA)
introduced the first version of its Mosaic browser. It ran in the X Window System environment.
Later, the NCSA released versions for the PC and Macintosh environments. With the
introduction of user-friendly browsers on these computers, the WWW started spreading
tremendously across the world.
Eventually, the European Commission approved its first web project in the same year with
CERN as one of its partners. In April 1993, CERN made the source code of WWW available
on a royalty-free basis and thus made it free software. Royalty-free means one has the right to
use copyright material or intellectual property without paying any royalty or license fee. Thus,
CERN allowed people to use the code and web protocol for free. The technologies that were
developed to make the WWW became an open source to allow people to use them for free.
Eventually, people started creating websites for online businesses, to provide information and
other similar purposes.

At the end of 1993, there were more than 500 web servers, and the WWW has 1% of the total
internet traffic. In May 1994, the First International World Wide Web conference was held at
CERN and was attended by around 400 users and developers and popularly known as the
"Woodstock of the Web." In the same year, the telecommunication companies started
providing internet access, and people have access to WWW available at their homes.

In the same year, one more conference was held in the United States, which was attended by
over 1000 people. It was organized by the NCSA and the newly-formed International WWW
Conference Committee (IW3C2). At the end of this year (1994), the World Wide Web had
around 10000 servers and 10 million users. The technology was continuously improved to
fulfill growing needs and security, and e-commerce tools were decided to be added soon.

Open standards:

The main objective was to keep the Web an open standard for all rather than a proprietary
system. Accordingly, CERN sent a proposal to the Commission of the European Union under
the ESPRIT program "WebCore." This project's objective was to form an international
consortium in collaboration with Massachusetts Institute of Technology (MIT), the US. In
1994, Berners-Lee left CERN and joined MIT and established the International World Wide
Web Consortium (W3C) and a new European partner was needed for W3C.

The European Commission approached the French National Institute for Research in Computer
Science and Controls (INRIA), to substitute the CERN's role. Eventually, in April 1995, INRIA
became the first European W3C host and in 1996 Keio University of Japan became another
host in Asia.

In 2003, ERCIM (European Research Consortium in Informatics and Mathematics) replaced

INRIA for the role of European W3C Host. Beihang University was announced as the fourth
Host by W3C in 2013. In September 2018, there were over 400 member organizations around
the world.

Since its inception, the Web has changed a lot and is still changing today. Search engines have
become more advanced at reading, understanding, and processing information. They can easily
find the information requested by users and can even provide other relevant information that
might interest users.

How the World Wide Web Works?

Now, we have understood that WWW is a collection of websites connected to the internet so
that people can search and share information. Now, let us understand how it works!
The Web works as per the internet's basic client-server format as shown in the following image.
The servers store and transfer web pages or information to user's computers on the network
when requested by the users. A web server is a software program which serves the web pages
requested by web users using a browser. The computer of a user who requests documents from
a server is known as a client. Browser, which is installed on the user' computer, allows users to
view the retrieved documents.

All the websites are stored in web servers. Just as someone lives on rent in a house, a website
occupies a space in a server and remains stored in it. The server hosts the website whenever a
user requests its WebPages, and the website owner has to pay the hosting price for the same.

The moment you open the browser and type a URL in the address bar or search something on
Google, the WWW starts working. There are three main technologies involved in transferring
information (web pages) from servers to clients (computers of users). These technologies
include Hypertext Markup Language (HTML), Hypertext Transfer Protocol (HTTP) and Web
browsers.

Hypertext Markup Language (HTML):

HTML is a standard markup language which is used for creating web pages. It describes the
structure of web pages through HTML elements or tags. These tags are used to organize the
pieces of content such as 'heading,' 'paragraph,' 'table,' 'Image,' and more. You don't see HTML
tags when you open a webpage as browsers don't display the tags and use them only to render
the content of a web page. In simple words, HTML is used to display text, images, and other
resources through a Web browser.

Web Browser:

A web browser, which is commonly known as a browser, is a program that displays text, data,
pictures, videos, animation, and more. It provides a software interface that allows you to click
hyperlinked resources on the World Wide Web. When you double click the Browser icon
installed on your computer to launch it, you get connected to the World Wide Web and can
search Google or type a URL into the address bar.

In the beginning, browsers were used only for browsing due to their limited potential. Today,
they are more advanced; along with browsing you can use them for e-mailing, transferring
multimedia files, using social media sites, and participating in online discussion groups and
more. Some of the commonly used browsers include Google Chrome, Mozilla Firefox, Internet
Explorer, Safari, and more.
Hypertext Transfer Protocol (HTTP):
HTTP
o HTTP stands for HyperText Transfer Protocol.
o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text, hypertext,
audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency that
allows us to use in a hypertext environment where there are rapid jumps from one
document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another host.
But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no control
connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to the
server and from server to the client. SMTP messages are stored and forwarded while
HTTP messages are delivered immediately.

Features of HTTP:

o Connectionless protocol: HTTP is a connectionless protocol. HTTP client initiates a

request and waits for a response from the server. When the server receives the request,
the server processes the request and sends back the response to the HTTP client after
which the client disconnects the connection. The connection between client and server
exist only during the current request and response time only.
o Media independent: HTTP protocol is a media independent as data can be sent as long
as both the client and server know how to handle the data content. It is required for both
the client and server to specify the content type in MIME-type header.
o Stateless: HTTP is a stateless protocol as both the client and server know each other
only during the current request. Due to this nature of the protocol, both the client and
server do not retain the information between various requests of the web pages.
HTTP Transactions

The above figure shows the HTTP transaction between client and server. The client initiates a
transaction by sending a request message to the server. The server replies to the request
message by sending a response message.

Messages

HTTP messages are of two types: request and response. Both the message types follow the
same message format.

Request Message: The request message is sent by the client that consists of a request line,
headers, and sometimes a body.
Response Message: The response message is sent by the server to the client that consists of a
status line, headers, and sometimes a body.

Uniform Resource Locator (URL)

o A client that wants to access the document in an internet needs an address and to
facilitate the access of documents, the HTTP uses the concept of Uniform Resource
Locator (URL).
o The Uniform Resource Locator (URL) is a standard way of specifying any kind of
information on the internet.
o The URL defines four parts: method, host computer, port, and path.

o Method: The method is the protocol used to retrieve the document from a server. For
example, HTTP.
o Host: The host is the computer where the information is stored, and the computer is
given an alias name. Web pages are mainly stored in the computers and the computers
 are given an alias name that begins with the characters "www". This field is not
mandatory.
o Port: The URL can also contain the port number of the server, but it's an optional field.
If the port number is included, then it must come between the host and path and it should
be separated from the host by a colon.
o Path: Path is the pathname of the file where the information is stored. The path itself
contain slashes that separate the directories from the subdirectories and files.
SMTP
o SMTP stands for Simple Mail Transfer Protocol.
o SMTP is a set of communication guidelines that allow software to transmit an electronic
mail over the internet is called Simple Mail Transfer Protocol.
o It is a program used for sending messages to other computer users based on e-mail
addresses.
o It provides a mail exchange between users on the same or different computers, and it
also supports:
o It can send a single message to one or more recipients.
o Sending message can include text, voice, video or graphics.
o It can also send the messages on networks outside the internet.
o The main purpose of SMTP is used to set up communication rules between servers. The
servers have a way of identifying themselves and announcing what kind of
communication they are trying to perform. They also have a way of handling the errors
such as incorrect email address. For example, if the recipient address is wrong, then
receiving server reply with an error message of some kind.

Components of SMTP

o First, we will break the SMTP client and SMTP server into two components such as
user agent (UA) and mail transfer agent (MTA). The user agent (UA) prepares the
message, creates the envelope and then puts the message in the envelope. The mail
transfer agent (MTA) transfers this mail across the internet.
o SMTP allows a more complex system by adding a relaying system. Instead of just
having one MTA at sending side and one at receiving side, more MTAs can be added,
acting either as a client or server to relay the email.

o The relaying system without TCP/IP protocol can also be used to send the emails to
users, and this is achieved by the use of the mail gateway. The mail gateway is a relay
MTA that can be used to receive an email.
Working of SMTP

1. Composition of Mail: A user sends an e-mail by composing an electronic mail

message using a Mail User Agent (MUA). Mail User Agent is a program which is used
to send and receive mail. The message contains two parts: body and header. The body
is the main part of the message while the header includes information such as the sender
and recipient address. The header also includes descriptive information such as the
subject of the message. In this case, the message body is like a letter and header is like
an envelope that contains the recipient's address.
2. Submission of Mail: After composing an email, the mail client then submits the
completed e-mail to the SMTP server by using SMTP on TCP port 25.
3. Delivery of Mail: E-mail addresses contain two parts: username of the recipient and
domain name. For example, [email protected], where "vivek" is the username of the
recipient and "gmail.com" is the domain name.
If the domain name of the recipient's email address is different from the sender's domain
name, then MSA will send the mail to the Mail Transfer Agent (MTA). To relay the
email, the MTA will find the target domain. It checks the MX record from Domain
Name System to obtain the target domain. The MX record contains the domain name
and IP address of the recipient's domain. Once the record is located, MTA connects to
the exchange server to relay the message.
4. Receipt and Processing of Mail: Once the incoming message is received, the
exchange server delivers it to the incoming server (Mail Delivery Agent) which stores
the e-mail where it waits for the user to retrieve it.
5. Access and Retrieval of Mail: The stored email in MDA can be retrieved by using
MUA (Mail User Agent). MUA can be accessed by using login and password
SNMP:
o SNMP stands for Simple Network Management Protocol.
o SNMP is a framework used for managing devices on the internet.
o It provides a set of operations for monitoring and managing the internet.

SNMP Concept

o SNMP has two components Manager and agent.

o The manager is a host that controls and monitors a set of agents such as routers.
o It is an application layer protocol in which a few manager stations can handle a set of
agents.
o The protocol designed at the application level can monitor the devices made by different
manufacturers and installed on different physical networks.
o It is used in a heterogeneous network made of different LANs and WANs connected by
routers or gateways.

Managers & Agents

o A manager is a host that runs the SNMP client program while the agent is a router that
runs the SNMP server program.
o Management of the internet is achieved through simple interaction between a manager
and agent.
 o The agent is used to keep the information in a database while the manager is used to
access the values in the database. For example, a router can store the appropriate
variables such as a number of packets received and forwarded while the manager can
compare these variables to determine whether the router is congested or not.
o Agents can also contribute to the management process. A server program on the agent
checks the environment, if something goes wrong, the agent sends a warning message
to the manager.

Management with SNMP has three basic ideas:

o A manager checks the agent by requesting the information that reflects the behavior of
the agent.
o A manager also forces the agent to perform a certain function by resetting values in the
agent database.
o An agent also contributes to the management process by warning the manager regarding
an unusual condition.

Management Components

o Management is not achieved only through the SNMP protocol but also the use of other
protocols that can cooperate with the SNMP protocol. Management is achieved through
the use of the other two protocols: SMI (Structure of management information) and
MIB(management information base).
o Management is a combination of SMI, MIB, and SNMP. All these three protocols such
as abstract syntax notation 1 (ASN.1) and basic encoding rules (BER).

SMI

The SMI (Structure of management information) is a component used in network management.

Its main function is to define the type of data that can be stored in an object and to show how
to encode the data for the transmission over a network.
MIB
o The MIB (Management information base) is a second component for the network
management.
o Each agent has its own MIB, which is a collection of all the objects that the manager
can manage. MIB is categorized into eight groups: system, interface, address
translation, ip, icmp, tcp, udp, and egp. These groups are under the mib object.

SNMP Messages:

SNMP defines five types of messages: GetRequest, GetNextRequest, SetRequest,

GetResponse, and Trap.

GetRequest: The GetRequest message is sent from a manager (client) to the agent (server) to
retrieve the value of a variable.
GetNextRequest: The GetNextRequest message is sent from the manager to agent to retrieve
the value of a variable. This type of message is used to retrieve the values of the entries in a
table. If the manager does not know the indexes of the entries, then it will not be able to retrieve
the values. In such situations, GetNextRequest message is used to define an object.

GetResponse: The GetResponse message is sent from an agent to the manager in response to
the GetRequest and GetNextRequest message. This message contains the value of a variable
requested by the manager.

SetRequest: The SetRequest message is sent from a manager to the agent to set a value in a
variable.

Trap: The Trap message is sent from an agent to the manager to report an event. For example,
if the agent is rebooted, then it informs the manager as well as sends the time of rebooting.
Bluetooth
It is a Wireless Personal Area Network (WPAN) technology and is used for exchanging data
over smaller distances. This technology was invented by Ericson in 1994. It operates in the
unlicensed, industrial, scientific and medical (ISM) band from 2.4 GHz to 2.485 GHz.
Maximum devices that can be connected at the same time are 7. Bluetooth ranges up to 10
meters. It provides data rates up to 1 Mbps or 3 Mbps depending upon the version. The
spreading technique that it uses is FHSS (Frequency-hopping spread spectrum). A Bluetooth
network is called a piconet and a collection of interconnected piconets is called scatternet.

Bluetooth Architecture:

The architecture of Bluetooth defines two types of networks:

1. Piconet
2. Scatternet

Piconet:

Piconet is a type of Bluetooth network that contains one primary node called the master
node and seven active secondary nodes called slave nodes. Thus, we can say that there is a
total of 8 active nodes which are present at a distance of 10 meters. The communication
between the primary and secondary nodes can be one-to-one or one-to-many. Possible
communication is only between the master and slave; Slave-slave communication is not
possible. It also has 255 parked nodes, these are secondary nodes and cannot take
participation in communication unless it gets converted to the active state.

Scatternet:

It is formed by using various piconets. A slave that is present in one piconet can act as master
or we can say primary in another piconet. This kind of node can receive a message from a
master in one piconet and deliver the message to its slave in the other piconet where it is
acting as a slave. This type of node is referred to as a bridge node. A station cannot be
mastered in two piconets.

Bluetooth protocol stack:

1. Radio (RF) layer: It performs modulation/demodulation of the data into RF

signals. It defines the physical characteristics of Bluetooth transceivers. It defines
two types of physical links: connection-less and connection-oriented.

2. Baseband Link layer: The baseband is the digital engine of a Bluetooth system
and is equivalent to the MAC sublayer in LANs. It performs the connection
establishment within a piconet.

3. Link Manager protocol layer: It performs the management of the already

established links which includes authentication and encryption processes. It is
responsible for creating the links, monitoring their health, and terminating them
gracefully upon command or failure.

4. Logical Link Control and Adaption Protocol layer: It is also known as the heart
of the Bluetooth protocol stack. It allows the communication between upper and
lower layers of the Bluetooth protocol stack. It packages the data packets received
from upper layers into the form expected by lower layers. It also performs
segmentation and multiplexing.
 5. SDP layer: It is short for Service Discovery Protocol. It allows discovering the
services available on another Bluetooth-enabled device.

6. RF comm layer: It is short for Radio Frontend Component. It provides a serial

interface with WAP and OBEX. It also provides emulation of serial ports over the
logical link control and adaption protocol(L2CAP). The protocol is based on the
ETSI standard TS 07.10.

7. OBEX: It is short for Object Exchange. It is a communication protocol to

exchange objects between 2 devices.

8. WAP: It is short for Wireless Access Protocol. It is used for internet access.

9. TCS: It is short for Telephony Control Protocol. It provides telephony

service. The basic function of this layer is call control (setup & release) and group
management for gateway serving multiple devices.

10. Application layer: It enables the user to interact with the application.

Advantage:

 Low cost.
 Easy to use.
 It can also penetrate through walls.
 It creates an Ad-hoc connection immediately without any wires.
 It is used for voice and data transfer.

Disadvantages:

 It can be hacked and hence, less secure.

 It has a slow data transfer rate: of 3 Mbps.
 It has a small range: 10 meters.
 Bluetooth communication does not support routing.
 The issues of handoffs have not been addressed.

Applications:

 Used in laptops, and in wireless PCs.

 In printers.
 In wireless headsets.
 Connecting digital camera wirelessly to a mobile phone.
 Data transfer from one cell phone to other cell phone or computer.
How does Bluetooth work?

As we stated that there is one master and up to 7 slaves may exist for a Bluetooth connection.
The master is the device that initiates communication with other devices. The master device
handles the communications link and traffic between itself and the slave devices associated
with it. The slave devices have to respond to the master device and synchronize their
transmit/receive timing with the master device's specified time.

Conditions for Successful Data transmission

Following is a list of some conditions that must be satisfied for a successful data transmission
in Bluetooth technology:

o Maximum number of Master Node - 1

o Maximum number of Slave Nodes - 7
o Maximum number of Nodes in a Piconet - 8
o Maximum number of devices that can be paired - 28 - 1 = 255
o Number of devices that can be parked → Infinite (∞)
Explanation

o The parked node is a type of node that is ready to be connected and stand by node is a
type of node that can either become a slave or parked node or remains idle or
disconnected.
o In Bluetooth technology, the data transmission can only occur between master and slave
nodes. It cannot be done between slave and slave nodes. However, two master nodes
can be connected.
o If the connection from the master node gets disconnected, the whole Piconet gets
disconnected.
o If there is a connection between two master nodes, then that network is called
as Scatter-net.
o It means scatter-nets are created when a device becomes an active member of more than
one Piconet and the adjoining device shares its time slots among the different piconets.
o If the number of slaves or devices is increased in a Piconet, then the data transmission
speed will be decreased, and if the number of slaves or devices is decreased in number,
then the data transmission speed will be increased.
Firewalls
Nowadays, it is a big challenge to protect our sensitive data from unwanted and unauthorized
sources. There are various tools and devices that can provide different security levels and help
keep our private data secure. One such tool is a 'firewall' that prevents unauthorized access and
keeps our computers and data safe and secure.

In this article, we have talked about firewalls as well as other related topics, such as why we
need firewalls, functions of firewalls, limitations of firewalls, working of firewalls, etc.

What is a Firewall?

A firewall can be defined as a special type of network security device or a software program
that monitors and filters incoming and outgoing network traffic based on a defined set of
security rules. It acts as a barrier between internal private networks and external sources (such
as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious or
unwanted data traffic for protecting the computer from viruses and attacks. A firewall is a
cybersecurity tool that filters network traffic and helps users block malicious software from
accessing the Internet in infected computers.

Firewall: Hardware or Software

This is one of the most problematic questions whether a firewall is a hardware or software. As
stated above, a firewall can be a network security device or a software program on a computer.
This means that the firewall comes at both levels, i.e., hardware and software , though it's best
to have both.
Each format (a firewall implemented as hardware or software) has different functionality but
the same purpose. A hardware firewall is a physical device that attaches between a computer
network

and a gateway. For example, a broadband router. On the other hand, a software firewall is a
simple program installed on a computer that works through port numbers and other installed
software.

Apart from that, there are cloud-based firewalls. They are commonly referred to as FaaS
(firewall as a service). A primary advantage of using cloud-based firewalls is that they can be
managed centrally. Like hardware firewalls, cloud-based firewalls are best known for
providing perimeter security.

Why Firewall

Firewalls are primarily used to prevent malware and network-based attacks. Additionally, they
can help in blocking application-layer attacks. These firewalls act as a gatekeeper or a barrier.
They monitor every attempt between our computer and another network. They do not allow
data packets to be transferred through them unless the data is coming or going from a user-
specified trusted source.

Firewalls are designed in such a way that they can react quickly to detect and counter-attacks
throughout the network. They can work with rules configured to protect the network and
perform quick assessments to find any suspicious activity. In short, we can point to the firewall
as a traffic controller.

Some of the important risks of not having a firewall are:

Open Access

If a computer is running without a firewall, it is giving open access to other networks. This
means that it is accepting every kind of connection that comes through someone. In this case,
it is not possible to detect threats or attacks coming through our network. Without a firewall,
we make our devices vulnerable to malicious users and other unwanted sources.

Lost or Comprised Data

Without a firewall, we are leaving our devices accessible to everyone. This means that anyone
can access our device and have complete control over it, including the network. In this case,
cybercriminals can easily delete our data or use our personal information for their benefit.

Network Crashes

In the absence of a firewall, anyone could access our network and shut it down. It may lead us
to invest our valuable time and money to get our network working again.

Therefore, it is essential to use firewalls and keep our network, computer, and data safe and
secure from unwanted sources.
Brief History of Firewall

Firewalls have been the first and most reliable component of defense in network security for
over 30 years. Firewalls first came into existence in the late 1980s. They were initially designed
as packet filters. These packet filters were nothing but a setup of networks between computers.
The primary function of these packet filtering firewalls was to check for packets or bytes
transferred between different computers.

Firewalls have become more advanced due to continuous development, although such packet
filtering firewalls are still in use in legacy systems.

As the technology emerged, Gil Shwed from Check Point Technologies introduced the first
stateful inspection firewall in 1993. It was named as FireWall-1. Back in
2000, Netscreen came up with its purpose-built firewall 'Appliance'. It gained popularity and
fast adoption within enterprises because of increased internet speed, less latency, and high
throughput at a lower cost.

The turn of the century saw a new approach to firewall implementation during the mid-2010.
The 'Next-Generation Firewalls' were introduced by the Palo Alto Networks. These
firewalls came up with a variety of built-in functions and capabilities, such as Hybrid Cloud
Support, Network Threat Prevention, Application and Identity-Based Control, and Scalable
Performance, etc. Firewalls are still getting new features as part of continuous development.
They are considered the first line of defense when it comes to network security.

How does a firewall work?

A firewall system analyzes network traffic based on pre-defined rules. It then filters the traffic
and prevents any such traffic coming from unreliable or suspicious sources. It only allows
incoming traffic that is configured to accept.

Typically, firewalls intercept network traffic at a computer's entry point, known as a port.
Firewalls perform this task by allowing or blocking specific data packets (units of
communication transferred over a digital network) based on pre-defined security rules.
Incoming traffic is allowed only through trusted IP addresses, or sources.
Functions of Firewall

As stated above, the firewall works as a gatekeeper. It analyzes every attempt coming to gain
access to our operating system and prevents traffic from unwanted or non-recognized sources.

Since the firewall acts as a barrier or filter between the computer system and other networks
(i.e., the public Internet), we can consider it as a traffic controller. Therefore, a firewall's
primary function is to secure our network and information by controlling network traffic,
preventing unwanted incoming network traffic, and validating access by assessing network
traffic for malicious things such as hackers and malware.

Generally, most operating systems (for example - Windows OS) and security software come
with built-in firewall support. Therefore, it is a good idea to ensure that those options are turned
on. Additionally, we can configure the security settings of the system to be automatically
updated whenever available.

Firewalls have become so powerful, and include a variety of functions and capabilities with
built-in features:

o Network Threat Prevention

o Application and Identity-Based Control
o Hybrid Cloud Support
o Scalable Performance
o Network Traffic Management and Control
o Access Validation
o Record and Report on Events

Limitations of Firewall

When it comes to network security, firewalls are considered the first line of defense. But the
question is whether these firewalls are strong enough to make our devices safe from cyber-
attacks. The answer may be "no". The best practice is to use a firewall system when using the
Internet. However, it is important to use other defense systems to help protect the network and
data stored on the computer. Because cyber threats are continually evolving, a firewall should
not be the only consideration for protecting the home network.

The importance of using firewalls as a security system is obvious; however, firewalls have
some limitations:

o Firewalls cannot stop users from accessing malicious websites, making it vulnerable to
internal threats or attacks.
o Firewalls cannot protect against the transfer of virus-infected files or software.
o Firewalls cannot prevent misuse of passwords.
 o Firewalls cannot protect if security rules are misconfigured.
o Firewalls cannot protect against non-technical security risks, such as social engineering.
o Firewalls cannot stop or prevent attackers with modems from dialing in to or out of the
internal network.
o Firewalls cannot secure the system which is already infected.

Therefore, it is recommended to keep all Internet-enabled devices updated. This includes the
latest operating systems, web browsers, applications, and other security software (such as anti-
virus). Besides, the security of wireless routers should be another practice. The process of
protecting a router may include options such as repeatedly changing the router's name and
password, reviewing security settings, and creating a guest network for visitors.

Types of Firewall

Depending on their structure and functionality, there are different types of firewalls. The
following is a list of some common types of firewalls:

o Proxy Firewall
o Packet-filtering firewalls
o Stateful Multi-layer Inspection (SMLI) Firewall
o Unified threat management (UTM) firewall
o Next-generation firewall (NGFW)
o Network address translation (NAT) firewalls

Difference between a Firewall and Anti-virus

Firewalls and anti-viruses are systems to protect devices from viruses and other types of
Trojans, but there are significant differences between them. Based on the vulnerabilities, the
main differences between firewalls and anti-viruses are tabulated below:

Attributes Firewall Anti-virus

Definition A firewall is defined as the system
which analyzes and filters
incoming or outgoing data packets
based on pre-defined rules.
Anti-virus is defined as the special type
of software that acts as a cyber-security
mechanism. The primary function of
Anti-virus is to monitor, detect, and
remove any apprehensive or distrustful
file or software from the device.
Structure Firewalls can be hardware and
software both. The router is an
example of a physical firewall, and
a simple firewall program on the
system is an example of a software
firewall.
Implementation Because firewalls come in the
form of hardware and software, a
firewall can be implemented either
way.
Responsibility A firewall is usually defined as a
network controlling system. It
means that firewalls are primarily
responsible for monitoring and
filtering network traffic.
Scalability Because the firewall supports both
types of implementations,
hardware, and software, therefore,
it is more scalable than anti-virus.
Threats A firewall is mainly used to
prevent network related attacks. It
mainly includes external network
threats?for example- Routing
attacks and IP Spoofing.
Anti-virus can only be used as
software. Anti-virus is a program that
is installed on the device, just like the
other programs.
Because Anti-virus comes in the form
of software, therefore, Anti-virus can
be implemented only at the software
level. There is no possibility of
implementing Anti-virus at the
hardware level.
Anti-viruses are primarily responsible
for detecting and removing viruses
from computer systems or other
devices. These viruses can be in the
form of infected files or software.
Anti-viruses are generally considered
less-scalable than firewalls. This is
because anti-virus can only be
implemented at the software level.
They don't support hardware-level
implementation.
Anti-virus is mainly used to scan, find,
and remove viruses, malware, and
Trojans, which can harm system files
and software and share personal
information (such as login credentials,
credit card details, etc.) with hackers.
Cryptography
Cryptography is technique of securing information and communications through use of codes
so that only those person for whom the information is intended can understand it and process
it. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden”
and suffix graphy means “writing”.
In Cryptography the techniques which are use to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert
messages in ways that make it hard to decode it. These algorithms are used for cryptographic
key generation, digital signing, verification to protect data privacy, web browsing on internet
and to protect confidential transactions such as credit card and debit card transactions.
Techniques used For Cryptography:
In today’s age of computers cryptography is often associated with the process where an
ordinary plain text is converted to cipher text which is the text made such that intended
receiver of the text can only decode it and hence this process is known as encryption. The
process of conversion of cipher text to plain text this is known as decryption.
Features Of Cryptography are as follows:
1. Confidentiality:
Information can only be accessed by the person for whom it is intended and no
other person except him can access it.
2. Integrity:
Information cannot be modified in storage or transition between sender and
intended receiver without any addition to information being detected.
3. Non-repudiation:
The creator/sender of information cannot deny his intention to send information
at later stage.
4. Authentication:
The identities of sender and receiver are confirmed. As well as destination/origin
of information is confirmed.
Types Of Cryptography: In general there are three types Of cryptography:
1. Symmetric Key Cryptography:

It is an encryption system where the sender and receiver of message use a single
common key to encrypt and decrypt messages. Symmetric Key Systems are faster
and simpler but the problem is that sender and receiver have to somehow exchange
key in a secure manner. The most popular symmetric key cryptography system is
Data Encryption System(DES).
2. Hash Functions:

There is no usage of any key in this algorithm. A hash value with fixed length is
calculated as per the plain text which makes it impossible for contents of plain
text to be recovered. Many operating systems use hash functions to encrypt
passwords.
3. Asymmetric Key Cryptography:

Under this system a pair of keys is used to encrypt and decrypt information. A
public key is used for encryption and a private key is used for decryption. Public
key and Private Key are different. Even if the public key is known by everyone
the intended receiver can only decode it because he alone knows the private key.