Ethical Hacking &

Penetration Testing Course

Chapter#3 – Network Fundamentals
Content

1. How the Internet Works?

2. IP Addresses

3. MAC Addresses

4. DHCP, TCP, UDP, and the Three-Way Handshake

5. Common Ports and Protocols

6. The OSI Model

7. Subnetting

8. SNMP (Simple Network Management Protocol)

9. SMB (Server Message Block) and Samba

1. How Internet Works?

The Internet is a global system of interconnected

computer networks that use the Internet protocol suite
(TCP/IP) to link several billion devices worldwide. It is
a network of networks that consists of millions of
private, public, academic, business, and government
networks of local to global scope, linked by a broad
array of electronic, wireless, and optical networking
technologies. The Internet carries an extensive range of
information resources and services, such as the inter-
linked hypertext documents and applications of the
World Wide Web (WWW), electronic mail, telephony,
and peer-to-peer networks for file sharing.
— Wikipedia
 1. How Internet Works / DNS working
DNS (Domain Name System):
Imagine DNS as a phone book for the internet. When you type a
domain name (like "google.com") into your browser, DNS helps
find the corresponding IP address, so your request reaches the
right place.
DNS Server:
•DNS servers are like super-smart phone book managers. They
store records of domain names and their corresponding IP
addresses. When you search for a domain, these servers provide
the correct IP address.
DNS Query:
•When you type a domain into your browser, your device sends a
question (query) to a DNS server, asking, "What's the IP address
for this domain?“
Authoritative DNS Server:
•Think of this as the ultimate source. Authoritative DNS servers
hold the official records for specific domains. They provide the
final answer when your device asks, "What's the IP for this
domain?"
DNS Cache:
•Just like your browser stores recently visited websites, DNS
servers keep a cache of recent lookups. It helps speed up the
process, as the server might already know the answer without
asking others.

Execute Command : nslookup google.com

 1.1 How Internet Works / DNS working

1.You Type a Website Address (URL):

1. You want to visit a website, like "www.google.com", so you type this address
into your web browser.
2.Your Computer Checks its Cache:
1. Your computer first checks its local cache to see if it already knows the IP
address associated with "www.google.com" .
3.Asking the DNS Resolver:
1. If the IP address isn't in the cache, your computer asks a DNS resolver for
help.
2. The DNS resolver is like a phone book. It knows where to find the IP
addresses for different domain names.
4.Contacting the DNS Root Servers:
1. The DNS resolver, if it doesn't have the IP address in its cache, contacts the
DNS root servers.
2. These root servers are like the top-level directory for the entire DNS system.
They provide information about the authoritative DNS servers for each top-
level domain (like ".com", ".net", ”.org”, ”.gov” etc.).
5.Getting the IP Addresses of Authoritative DNS Servers:
1. The root servers respond to the DNS resolver with the IP addresses of the
authoritative DNS servers responsible for the top-level domain of the
requested website, in this case, the ".com" domain.
 1.2 How Internet Works / DNS working
6.Contacting Authoritative DNS Servers for the Top-Level Domain:
1. The DNS resolver contacts one of the authoritative DNS servers for the ".com"
domain, as provided by the root servers.
2. The authoritative DNS server for the ".com" domain provides the IP address of the
DNS server responsible for the "www.google.com" domain.

7.Contacting Authoritative DNS Servers for the Specific Domain:

3. The DNS resolver contacts the authoritative DNS server for the ”google.com”
domain to find the IP address of "www.google.com" .

8.Returning the IP Address to Your Computer:

4. The authoritative DNS server for "example.com" responds to the DNS resolver with
the IP address of "www.google.com" .
9.Your Computer Connects to the Website:
5. Armed with the IP address, the DNS resolver sends it back to your computer.
6. Your computer can now connect to the website by sending a request to the web server
at that IP address, asking for the web page associated with "www.google.com" .
7. The web server responds by sending the requested web page back to your computer.
 2. IP Addresses

An IP (Internet Protocol) address is a

numerical label assigned to each device
connected to a computer network that uses
the Internet Protocol for communication.

IP addresses serve two primary purposes:

host or network interface identification and
location addressing.
IPv6 (Internet Protocol version 6)

Types of IP Addresses:

IPv4 (Internet Protocol version 4):

IPv6 (Internet Protocol version 6):

2. IP Addresses

IPv4 IPv6
 2. IP Addresses
Classes of IP Addresses : IP addresses are generally put into three classes, and the ranges are:
​
•Class A: 0.0.0.0 - 127.255.255.255
•Class B: 128.0.0.0 - 191.255.255.255
•Class C: 192.0.0.0 - 223.255.255.255
​
​Public vs. Private IP Addresses
​
It's important to note that our IP address system has its limitations. The biggest limitation is that there are not enough IP addresses to cover all of the devices
that need to connect to the internet.
The IPv4 system that we are working with now has only 4.3 billion IP addresses.

​ s a result, a system was developed to reuse a group of IP addresses to be used within a LAN—and are not usable over the internet.
A
These addresses can be used over and over again within each local area network, but not over the internet, thereby conserving the number of IP addresses
necessary to keep the world going 'round.
​
These private addresses include:
​
•192.168.0.0 - 192.168.255.255
•10.0.0.0 - 10.255.255.255
•172.16.0.0 - 172.16.255.255
​
 3. MAC Addresses

A MAC (Media Access Control) address, sometimes referred to

as a hardware address or physical address, is a unique identifier
assigned to the network interface of a device for communication
on a network. This address is embedded in the device's network
interface card (NIC)

Uses of MAC Addresses:

1.Device Identification
2.Address Resolution Protocol (ARP)
3.Network Security
4.Network Management
5.Device Tracking
 4. DHCP

Dynamic Host Configuration Protocol (DHCP) assigns IP addresses

dynamically. This means that you do not have the same IP address all of
the time. Most of the time, these IP address assignments are on a local
area network.

Remember, on LANs we use private IP addresses. When each device is

connected to the LAN, it must request an IP address. That device sends
that request to the DHCP server that then assigns an IP address to that
system for a fixed length of time known as a "lease."

Each time you connect to the LAN, you are likely to receive a different
(dynamic) IP address, but usually in the same range. For instance,
192.168.0.0 - 192.168.255.255.
​
 4. NAT
Network Address Translation (NAT) is protocol whereby internal private IP addresses
are "translated" to an external public IP address that can be routed through the internet
to its destination.
Remember, private IP addresses of the systems inside the LAN cannot use their IP
addresses on the internet because they are not unique (every LAN uses basically the
same IP addresses inside their network).
​
The NAT device accepts requests to traverse the internet from an internal machine. It
then records that machine's IP address in a table and converts the IP address to the
external IP address of the router.

When the packet returns from its destination, the NAT device looks into its saved table
of the original request and forwards on the packet to the internal IP address of the
system that made the original request within the LAN. When working properly, the
individual systems and users don't even realize this translation is taking place.
 4. The Three-Way Handshake

• Step 1 (SYN): In the first step, the client wants to establish a

connection with a server, so it sends a segment with
SYN(Synchronize Sequence Number) which informs the
server that the client is likely to start communication and with
what sequence number it starts segments with

• Step 2 (SYN + ACK): Server responds to the client request

with SYN-ACK signal bits set. Acknowledgement(ACK)
signifies the response of the segment it received and SYN
signifies with what sequence number it is likely to start the
segments with

• Step 3 (ACK): In the final part client acknowledges the

response of the server and they both establish a reliable
connection with which they will start the actual data transfer
 4. TCP, UDP

TCP (Transmission Control Protocol) lies between the Application and Network Layers which are used in providing reliable delivery
services. It is a connection-oriented protocol for communications that helps in the exchange of messages between different devices
over a network. The Internet Protocol (IP), which establishes the technique for sending data packets between computers, works with
TCP.

Features of TCP
•TCP keeps track of the segments being transmitted or received by
assigning numbers to every single one of them.
•Flow control limits the rate at which a sender transfers data. This
is done to ensure reliable delivery.
•TCP implements an error control mechanism for reliable data
transfer.
•TCP takes into account the level of congestion in the network.
4. TCP, UDP
User Datagram Protocol (UDP) is a Transport Layer protocol. UDP is a part of the Internet Protocol suite, referred to as the UDP/IP suite. Unlike TCP,
it is an unreliable and connectionless protocol. So, there is no need to establish a connection before data transfer. The UDP helps to establish low-
latency and loss-tolerating connections establish over the network. The UDP enables process-to-process communication.

Features of UDP
• Used for simple request-response communication when the size of data is less and hence there is lesser concern about flow and error control.
• It is a suitable protocol for multicasting as UDP supports packet switching.
• Normally used for real-time applications which can not tolerate uneven delays between sections of a received message.
 5. Common Ports and Protocols
A port is a logical form to identify system activities or various network services used to create local or network-based communications.

Port number is a 16-bit numerical value that ranges from 0 to 65535. Well-known port (0-1023), registered port (1024-49151), and
dynamic port is three types of port number space. (49152-65535).

These ports can be opened and used by software applications and operating system services to send and receive data over networks (LAN
or WAN) that employ certain protocols (eg TCP, UDP).

For example, we use 80 for HTTP-web-based plain-text surfing and 443 for HTTPS-web-based encrypted websites in our daily work.

TCP and UDP ports are in one of these three states:

Open — The port responds to connection requests.

Closed — The port is unreachable, indicating that there is no corresponding service running.
Filtered — The firewall is monitoring traffic and blocking certain connection requests to the port.
 5. Common Ports and Protocols
•Ports 20 and 21: File Transfer Protocol (FTP). FTP is for transferring files between a client and a server. • 15 Netstat
• 20/21 FTP
•Port 22: Secure Shell (SSH). SSH is one of many tunneling protocols that create secure network connections.
• 22 SSH
•Port 25: Historically, Simple Mail Transfer Protocol (SMTP). SMTP is used for email. • 23 Telnet
• 25 SMTP
•Port 53: Domain Name System DNS is an essential process for the modern Internet;
• 50/51 IPSec
•Port 80: Hypertext Transfer Protocol (HTTP). HTTP is the protocol that makes the World Wide Web possible. • 53 DNS
• 67/68 BOOTP
•Port 123: Network Time Protocol (NTP) NTP allows computer clocks to sync with each other, a process that is
• 69 TFTP
essential for encryption. • 79/49 TACACS+
• 80 HTTP
•Port 443: HTTP Secure (HTTPS). HTTPS is the secure and encrypted version of HTTP. All HTTPS web traffic
• 88 Kerberos
goes to port 443. Network services that use HTTPS for encryption, such as DNS over HTTPS, also connect at • 110 POP3
• 111 Port Map
this port.
• 119 NNTP
•Port 587: Modern, secure SMTP that uses encryption. • 123 NTP
• 137-139 NetBIOS
•Port 3389: Remote Desktop Protocol (RDP). RDP enables users to remotely connect to their desktop computers
• 143 IMAP
from another device. • 161 SNMP
• 389 LDAP
• 443 SSL
• 445 SMB
• 500 IPSec/ISAKMP
• 520 RIP
• 546/547 DHCP
•
 6. The OSI Model

•OSI stands for Open System Interconnection is a reference model that describes
how information from a software application in one computer moves through a
physical medium to the software application in another computer.

•OSI consists of seven layers, and each layer performs a particular network
function.

•OSI model divides the whole task into seven smaller and manageable tasks. Each
layer is assigned a particular task.
 6. The OSI Model
7. Application Layer
The application layer is used by end-user software such as web browsers and email clients. It provides protocols that
allow software to send and receive information and present meaningful data to users.
Application layer protocols are the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office
Protocol (POP), Simple Mail Transfer Protocol (SMTP),Domain Name System (DNS).

6. Presentation Layer
The presentation layer prepares data for the application layer.
It defines how two devices should encode, encrypt, and compress data so it is received correctly on the other end. The
presentation layer takes any data transmitted by the application layer and prepares it for transmission over the session
layer.

5. Session Layer
The session layer creates communication channels, called sessions, between devices.
It is responsible for opening sessions, ensuring they remain open and functional while data is being transferred, and
closing them when communication ends. The session layer can also set checkpoints during a data transfer—if the
session is interrupted, devices can resume data transfer from the last checkpoint.

4. Transport Layer
The transport layer takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is
responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session
layer.
The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving
device, and error control, checking if data was received incorrectly and if not, requesting it again.
 6. The OSI Model
3. Network Layer
The network layer has two main functions. One is breaking up segments into network packets, and
reassembling the packets on the receiving end. The other is routing packets by discovering the best path
across a physical network.
The network layer uses network addresses (Internet Protocol addresses) to route packets to a destination
node.

2. Data Link Layer

The data link layer establishes and terminates a connection between two physically-connected nodes on a
network. It breaks up packets into frames and sends them from source to destination. This layer is
composed of two parts—Logical Link Control (LLC), which identifies network protocols, performs error
checking and synchronizes frames, and Media Access Control (MAC) which uses MAC addresses to
connect devices and define permissions to transmit and receive data.

1. Physical Layer
The physical layer is responsible for the physical cable or wireless connection between network nodes. It
defines the connector, the electrical cable or wireless technology connecting the devices, and is
responsible for transmission of the raw data, which is simply a series of 0s and 1s, while taking care of bit
rate control.

•The “Three-way handshake" happens at the Network Layer (Layer

3).
•TLS connections occur at the Transport Layer (Layer 4).
•Authentication typically happens at the Application Layer (Layer 7)
 7. Subnetting

Subnet:
•In a large network, like a company's or an internet service provider's, there are
many devices (computers, printers, etc.).
• Subnetting is like dividing this vast network into smaller, more manageable
chunks. Each chunk, or subnet, can be treated as a mini-network on its own.

•Why we need it: It enhances organization, security, and efficiency. Devices

within a subnet can communicate more easily, and administrators can apply
specific rules and permissions to each subnet independently.

Execute Command :
netsh interface ipv4 show config
 8. SNMP (Simple Network Management Protocol)
SNMP is a protocol used for managing and monitoring devices on a
computer network. It's like a language that network devices (routers,
switches, servers, etc.) use to communicate their status and performance
metrics.

Components of SNMP:

•SNMP Manager:
• This is the "manager" or the system that collects and analyzes
information from network devices. It could be a software
application or a dedicated device.
•SNMP Agents:
• These are programs or components embedded in network
devices that collect and store information about the device.
Agents respond to requests from the SNMP manager and send
alerts when predefined thresholds are crossed.
 8. SNMP (Simple Network Management Protocol)
How SNMP Works:

•GET Requests:
• The SNMP manager sends a GET request to an SNMP agent,
asking for specific information about a device. For example, it
might request the current CPU usage of a server.

•SET Requests:
• The manager can also send SET requests to agents, instructing
them to change certain settings on a device. For instance,
adjusting the temperature threshold on a network switch.

•TRAPs (Alerts):
• SNMP agents can independently send TRAPs to the SNMP
manager. These are alerts triggered by predefined events like a
sudden increase in network traffic or a device reaching its
storage capacity.
 9. SMB (Server Message Block) and Samba
SMB is a network protocol that enables shared access to files, printers,
and other resources between computers on a network. It's a common
protocol used in Windows environments.

Key Features:

•File and Printer Sharing:

• SMB allows users to share files and printers across a network.
For example, it facilitates access to documents stored on one
computer from another computer within the same network.
•Communication:
• Computers using SMB can communicate and request services
from file servers, print servers, and other network resources. It
operates as a client-server protocol.

•Authentication:
• SMB provides a mechanism for user authentication, ensuring
that only authorized users can access shared resources. This
helps in maintaining the security and privacy of files and data.
 9.1 SMB (Server Message Block)

Use Cases:

•File Sharing:
• In an office network, employees can use SMB to share
documents and collaborate on projects. It simplifies the process
of accessing shared files on a centralized server.
•Printer Sharing:
• SMB allows multiple users to print documents on a shared
printer. This is common in office environments where several
users need access to a single printer.
•Access to Network Resources:
• SMB enables users to access not only files and printers but also
other network resources, fostering efficient communication and
collaboration.
 9.2 SAMBA
Samba is an open-source implementation of the SMB protocol. It allows
non-Windows operating systems, like Linux and Unix, to communicate
seamlessly with Windows-based systems using SMB.

Key Features:

•Cross-Platform Compatibility:
• Samba enables interoperability between different operating
systems, making it possible for non-Windows systems to share
files and resources with Windows systems.

•File and Print Services:

• Like SMB, Samba provides file and print services. It allows a
Linux server, for example, to act as a file server for Windows
clients, and vice versa.

•Authentication:
• Samba includes its own authentication system, allowing non-
Windows systems to participate in a network where user
authentication is required.
9.4 SAMBA

Why Samba is Needed:

•Cross-Platform Integration:
• Samba bridges the gap between Windows and non-Windows systems. It is crucial for organizations or
networks where both Windows and non-Windows systems coexist, providing seamless communication.

•Cost-Efficiency:
• As an open-source solution, Samba is cost-effective and provides a way for organizations to integrate
different systems without the need for expensive proprietary solutions.

•Flexible Deployment:
• Samba allows for the deployment of file and print services on a variety of platforms, offering flexibility in
choosing the underlying operating system for servers.
 10. Tracerouting
A traceroute provides a map of how data on the internet travels from its source to its
destination. When you connect with a website, the data you get must travel across multiple
devices and networks along the way, particularly routers.

How Tracerouting Works:

•Packet Hopping:
• Traceroute works by sending a series of packets toward the target destination with each packet carrying a Time-to-
Live (TTL) value. The TTL value is decremented at each hop, and when it reaches zero, the packet is discarded.

•ICMP Echo Requests:

• Traceroute primarily uses ICMP (Internet Control Message Protocol) Echo Requests. The packets are sent to the
target, and as they traverse the network, routers along the path respond with ICMP Time Exceeded messages when
the TTL expires.

•Round-Trip Time (RTT):

• Traceroute measures the round-trip time for each packet to reach the target and come back. This helps in determining
the latency or delay at each hop.

C:\Users\adity>tracert google.com
 10. Tracerouting
Why Tracerouting is Needed:

•Network Troubleshooting:
• Traceroute is an essential tool for troubleshooting network issues. By showing the path a packet takes, network administrators
can identify where problems, such as delays or outages, might be occurring.

•Performance Analysis:
• It helps in analyzing the performance of a network by providing information on the time it takes for data to travel between
different points. This is crucial for optimizing network efficiency.

•Path Verification:
• Traceroute verifies the actual route that data takes, which may not always be the most direct path. This information is valuable
for understanding the topology of a network and ensuring that data is flowing as intended.

•Security Analysis:
• Tracerouting can be used to analyze the security of a network. It helps identify potential points of vulnerability or unauthorized
diversions in the data path.

Use case :
•Imagine you're sending an email from your computer to a server across the globe. Traceroute would show you each intermediate step
(or hop) the email takes, including routers, switches, and servers. If there's a delay or if the email isn't reaching its destination, traceroute
would highlight where the issue might be occurring.
11. Analyzing Network Traffic – Wireshark, Tcpdump

Wireshark is an open-source packet analyzer, which is used

for education, analysis, software development,
communication protocol development, and network
troubleshooting.

It is used to track the packets so that each one is filtered to meet

our specific needs. It is commonly called as a sniffer, network
protocol analyzer, and network analyzer. It is also used by
network security engineers to examine security problems.
 11. Analyzing Network Traffic – Wireshark, Tcpdump
List Interfaces :
sudo tcpdump -D
sudo tcpdump --list-interfaces
Capturing packets with tcpdump :
sudo tcpdump -i any

Sudo tcpdump -i any –c 5 # Capture 5 packets

Filtering :
sudo tcpdump -i any -c5 icmp #get only ICMP
packets
sudo tcpdump -i any -c5 -nn port 80 #get port 80
packets
sudo tcpdump -i any -c5 -nn src 192.168.122.98 #get packets with source ip = 192.168.122.98

In a different terminal, try to ping another machine: ping google.com

sudo tcpdump -i any -c5 -nn host IP

 12. Proxy & Proxy Servers
Proxy servers work by facilitating web requests and responses
between a user and web server.

A proxy server acts as an intermediary between the user and the

web server. Proxy servers use a different IP address on behalf of the
user, concealing the user's real address from web servers.

A standard proxy server configuration works as follows:

1.A user enters a website's URL into their browser.

2.The proxy server receives the user's request.
3.The proxy server forwards the request to the web server.
4.The web server sends a response (website data) back to the proxy
server.
5.The proxy server forwards the response to the user.

Commonly used Proxy Server

1. Forward Proxy Server
2. Reverse Proxy Server
 12. Proxy & Proxy Servers
1. Forward Proxy Server
A forward proxy (commonly known as a ‘proxy') is a type of proxy server that
typically passes requests from users in an internal network to the Internet via a
firewall.
Forward proxies are configured to either ‘allow' or ‘deny' the user's request to
pass through the firewall to access content on the Internet.
If the proxy allows the user's request, it forwards it to the web server through the
firewall. The web server sends its response to the proxy. The proxy then sends this
response back to the user.

A forward proxy will first check if the user's requested information is cached
before retrieving it from the server. The proxy stores cached information itself,
eliminating the need to request it from the server. If the requested information is
cached, the proxy will send it directly to the user.

If the proxy denies the user's request, it sends the user an error or redirect
message.
 12. Proxy & Proxy Servers
2. Reverse Proxy Server
A reverse proxy is a type of proxy server that typically passes requests
from the Internet through to users in an internal network via a
firewall; essentially, a forward proxy in ‘reverse'.

Reverse proxies are configured to restrict and monitor users' access to

web servers containing sensitive data. User requests are passed
through the Internet via a firewall to the reverse proxy.

If the proxy allows the user's request, it retrieves this information from
the web server and responds to the user.

A reverse proxy will first check if the user's requested information is

cached before retrieving it from the server. The proxy stores any
cached information, eliminating the need to request it from the server.
If the requested information is cached, the proxy will send it directly
to the user.

If the proxy denies the user's request, it sends the user an error or
redirect message.
 12. Proxy & Proxy Servers
To check if you're using a forward proxy:

Open a terminal window

Use the env command to display environment variables. Look for variables like http_proxy, https_proxy, or ftp_proxy. If
any of these variables are set, it indicates that you're using a forward proxy

Linux : env | grep -i proxy

If you see output like http_proxy=http://proxy.example.com:port, it means you're configured to use a forward proxy.

Windows : netsh winhttp show proxy

If you see a proxy server listed, it indicates that you're using a forward proxy.

To check if you're going through a reverse proxy:

Use curl or wget to make an HTTP request to a website and examine the response headers.

curl -I https://example.com
curl –I https://nasa.gov

Look for headers like X-Forwarded-For, Via, or Server.

If you see these headers in the response, it suggests that you're going through a reverse proxy.
13. Introduction to TOR

Tor, short for The Onion Router project, is an open-source

network for browsing the web with more privacy.

The Tor network protects your online traffic with layers of

encryption resembling layers of an onion.

It routes your web traffic through a series of nodes (relays and

servers) which hide your real IP address, online data, and
browsing activity from internet service providers and snoopers,
while Tor’s browser provides access to websites and services
that are only accessible within the Tor network and have
addresses ending in “.onion.”

https://example.onion
 13.1 TOR : What is the Tor browser?

The Tor browser (or the onion browser) is a web browser

designed to access the Tor network.

It enhances your online privacy by encrypting your web

traffic and routing it through the network’s layered nodes,
which is known as the onion routing technique.

You can only access Tor — the websites and services

hosted within the Tor network — through the Tor browser.
This browser keeps your internet activity private by
concealing it from your internet service provider.
13.2 TOR : Use cases

The primary uses of TOR include:

1.Bypassing Censorship: TOR can help users in countries with strict

internet censorship policies to access blocked websites and services.

2.Protecting Online Privacy: TOR can be used by individuals who

want to maintain their online privacy and anonymity, such as journalists,
whistleblowers, activists, or anyone concerned about surveillance.

3.Accessing the Dark Web: The TOR network also hosts websites and
services that are not indexed by traditional search engines and are only
accessible through TOR. This part of the internet is known as the Dark
Web.
14 Introduction to VPN
VPN (Virtual Private Network): A Virtual Private Network, or VPN, is a
service that encrypts your internet connection and routes it through a
server operated by the VPN provider. This server can be located in a
different country or region from where you are, effectively masking your
IP address and making it appear as if you're accessing the internet from
the location of the VPN server.
Here's a brief overview of VPN and its functionality:

1.Privacy and Security: VPNs encrypt your internet traffic, protecting it

from interception by hackers, ISPs, or government agencies. This
encryption ensures that your online activities remain private and secure.

2.Bypassing Restrictions: VPNs allow you to bypass geographical

restrictions or censorship by masking your IP address and making it
appear as if you're accessing the internet from a different location.

3.Secure Remote Access: VPNs are commonly used by businesses to

provide secure remote access to their internal networks for employees
working from home or traveling.
Now, let's compare T
Difference : TOR & VPN

TOR is about anonymity by bouncing your traffic through

various layers of encryption and servers, while a VPN is about
privacy and security by encrypting your traffic and routing it
through a secure server.
 15.Remote Login – SSH and Telnet
Remote login protocols like SSH (Secure Shell) and Telnet are used to access and control a
computer or server remotely over a network.

1.Telnet (Telecommunication Network):

1. Telnet transmits data, including login credentials and commands, in plain text,
making it highly vulnerable to interception by malicious actors. This lack of
encryption means that sensitive information, such as passwords, can be easily
captured if transmitted over an unsecured network.

2. Due to its lack of security, Telnet is rarely used for remote access over the
internet today. However, it may still be used in some local network environments
where security concerns are minimal.
2.SSH (Secure Shell):
1. SSH is a secure remote login protocol designed to address the security
vulnerabilities of Telnet. It provides a secure encrypted connection between the
client and the server, protecting the confidentiality and integrity of the data
transmitted.

2. SSH encrypts all data, including login credentials, commands, and data
exchanged between the client and server. This encryption ensures that even if the
data is intercepted, it cannot be read by unauthorized parties.

3. SSH is widely used for remote administration, file transfer, and tunneling over
untrusted networks such as the internet. It has become the standard for secure
remote access to servers and network devices.
16. HTTP and Web Technologies

•HTTP stands for HyperText Transfer Protocol.

•It is a protocol used to access the data on the World Wide Web (www).

•The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.

•This protocol is known as HyperText Transfer Protocol because of its efficiency

that allows us to use in a hypertext environment where there are rapid jumps from
one document to another document.
16. HTTP and Web Technologies
HTTP messages are of two types: request and response. Both
the message types follow the same message format.

HTTP transaction between client and server.

The client initiates a transaction by sending a request

message to the server.

The server replies to the request message by sending a

response message.
16. HTTP and Web Technologies

Request Message: The request message is sent by the client that

consists of a request line, headers, and sometimes a body.

Response Message: The response message is sent by the server to the

client that consists of a status line, headers, and sometimes a body.
16. HTTP and Web Technologies

Uniform Resource Locator (URL)

•A client that wants to access the document in an internet needs
an address and to facilitate the access of documents, the HTTP
uses the concept of Uniform Resource Locator (URL).

•The Uniform Resource Locator (URL) is a standard way of

specifying any kind of information on the internet.

•The URL defines four parts: method, host computer, port, and
path. Port part is optional

Example : https :// google.com/images

16. Web Technologies
Web Development can be Classified into Two Ways:

Frontend Development: The part of a website that the user interacts

directly is termed as front end. It is also referred to as the ‘client side’ of
the application.

1.HTML (Hypertext Markup Language):

HTML is like the skeleton of a webpage. It defines the structure and content of the
page, such as paragraphs, headings, images, and links. When you visit a website, HTML tells
your browser how to display everything on the page.
2.CSS (Cascading Style Sheets):
CSS is like the stylist of a webpage. It determines how the HTML elements look,
such as their colors, fonts, sizes, and layout. CSS makes the webpage visually appealing and
organized, similar to how a stylist helps you look your best.
3.JavaScript:
JavaScript is the magician of a webpage. It adds interactivity and dynamic behavior
to the page, allowing things like animations, pop-ups, form validation, and interactive elements.
JavaScript makes the webpage come alive and respond to your actions, just like magic!
4.AJAX: (Asynchronous Javascript and XML)
It is used to communicate with the server without refreshing the web page and thus increasing
the user experience and better performance
16. Web Technologies

Backend Development: Backend is the server side of a

website. It is the part of the website that users cannot see and
interact. It is the portion of software that does not come in direct
contact with the users. It is used to store and arrange data.

The back end portion is built by using some languages which are discussed below:
• PHP
• Python
• Java
• JavaScript
• Node.js
• C#
• DBMS : The software which is used to manage database is called
Database Management System (DBMS). Eg : SQL , NOSQL ,
Postgresql .
16. Web Server Structure
/
Root Folder

Index.html Pages Scripts Public Data

CSS Files Images
(website HomePage) (HTML Files) (JavaScript Files)

style.css Page1.js Image1.PNG

grid.css Page2.js Image2.PNG

Functionality 1 Functionality 1
(HTML Files) (HTML Files)
Private Data

Page1.html Page1.html

Page2.html Page2.html
Page3.html