Internet
In a nutshell, the Internet is a whole bunch of cables running around the entire globe, connecting millions of computers to each other. Technically, it is called a Wide Area Network, or WAN. The Internet is often described as ‘a network of networks’ because all the smaller networks of organizations are linked together into a giant network called Internet. It is a conglomeration of thousands of computer networks using a common set of protocols to create a worldwide communication medium.
Origin of Internet
In 1970s, there was a project called APRANET (Advanced Research Projects Agency Network) by
OSI Reference Model Internet Protocol suite
FTP, Telnet SMTP, SNMP | NFS |
XDR | |
RPC | |
TCP, UDP | |
IP | |
ARP, RARP | |
NOT SPECIFIED |
Application |
Presentation |
Session |
Transport |
Network |
Data Link |
Physical |
Physical: Transform raw transmission into data frames and transmit the frames sequentially.
Network: Controls the operation of the network like routing of the packets to the destination.
Transport: Takes care of splitting of data into units, if required and ensures correct delivery if these units on other side.
Session: Supports sessions between users on different machines. Also supports remote logins and file sharing between systems.
Presentation: Takes care of syntax and semantics of the information transmitted.
Application: Contains a collection of protocols is that are commonly needed for application.
Conceptual overview of Internet
There are four basics types of entities on the Internet.
1) End users
2) Internet service providers.
3) Backbone providers and
4) Network Access point (NAP) operators.
End users access and send information either through the individual connections or through organizations. Internet service providers connect those end user to Internet backbone networks .The Backbone providers route data between ISPs and interconnect with other backbone providers. NAP operators maintain public peering points on the Internet through which data is routed between the major backbone providers. The NAP’s are equipped to handle large amounts of data to avoid bottlenecks.
Some ISPs are: BSNL, Satyam online.
Types of Internet access
Single user Access: This uses a Standard Computer, a Modem, a Telephone line, an Internet Account and few extra things such as Web Browser software and E-mail software may be required.
Multi User Access: Multi user Access means that two or more people can access the Internet from different computers at same time. This involves setting the computers that are at different points in the organization into Local Area Network (LAN). Once set up into LAN a router can be used to provide multiple accesses.
Types of accounts
Shell account: The shell account is UNIX based on a service provider’s computer. Using a shell account is usually a time consuming and monotonous task. A shell account will not support any of the Graphical browsers. When using a shell account the user is transported to the remote computer (the service provides computer), which is on the Internet. These accounts provide the user with a dial- in service to access providers network.
TCP/IP account: A TCP/IP account places the users machine directly on the Internet.
Internet tools & applications
Benefits of the Internet for Business: The usefulness of the Internet depends directly on the products and services of each business.
E-mail: Electronic mail is a messaging system, which allows you to send/receive messages and reports to/from user on the Internet. Some advantages of E-mail are
1.speed 2.cost effectiveness 3.audio and video clips
Features of E-mail:
1. Compose 2.Receive and Reply 3.Copies
4. Forward 5.Folders 6.Vacaion Replies.
7. Attach Signatures 8.Attach visiting Cards 9.Address Books.
10. Greetings 11.Filter Mails.
Mailing lists: Mailing lists are extension of E-mail. When you want to send information about a product should send messages to all your customers. Instead of typing all their address in the recipients address field you can create a mailing list with all these addresses called “customers”. Then when you send a message to this list it will send to all the customers.
Internet Newsgroup: Internet Newsgroup is a system to public worldwide conferencing and discussions somewhat in the manner of an electronic bulletin board. Internet Relay chat (IRC): IRC is a multi user chat system where people meet on channels to talk in groups or privately. There is no restriction to the number of people that can participate in a given discussion or the number of channels that can be formed on IRC. IRC uses a streaming technology that provides fast response how fast you type is how fast your messages are up.
Browsers: It provides a user interactive interface and a lot of functions that may customize the browser, as you like.
Secured Browsing:
Types of security Zones
Zone Level of Security
Local Intranet Medium (prompt)
Trusted sites Low (Accept)
Internet Zone Medium (prompt)
Restricted Sites Zone High (Reject)
Cookies: Cookies refer to information stored on system by a server for later reference.
Search Engine: They use automated software called web crawlers or spiders. These programs move from Website to Website, logging each site title, URL and at least some of its text content. The objective is to hit millions of websites and to stay as current with them as possible.
Gopher: Gopher is a networked information retrieval and publishing tool, based on concept if hierarchical menus. Gopher is a client/server system that allows the user to access many Internet resources simply by making selections from a sequence of menus. Gopher carries the request to the computer that contains information and server it up.
Archie: It is a public domain tool offering an electronic directory service for locating file in anonymous FTP sites.
Telnet: Telnet is the protocol used to establish a login session on a remote computer on the network. This will directly connect you to the machine you specify.
Internet protocols
Internet protocol (IP): It is a network layer protocol that contained addressing information and some control information that enables packets to be routed. Along with TCP IP represents the heart of Internet protocols.
IP PACKET FORMAT
Version | IHL | Typed of Service | Total Length |
Identification | | ||
Time to live | Protocol | Header check Sum | |
Source Address | |||
Destination Address | |||
Options (+ padding) | |||
Data (Variable) |
Address resolution protocol: The IP address what we assign to a computer is only logical and is assigned by network administrator. But each computer has unique physical address. This address is called MAC address corresponding to a particular IP network layer address.
Reverse address Resolution protocol: The RARP is used to map MAC layer address to IP Address. RARP is the logical inverse of ARP, might be used by diskless workstations that do not know their IP addresses when they boot.
TCP: The TCP provides reliable transmission of data in an IP environment. The major services provided by the TCP are stream data transfer, reliability, efficient flow control, full-duplex operation and multiplexing.
TCP PACKET FORMAT:
Source port | Destination port | ||
Sequence numbers | |||
Acknowledgement number | |||
Data offset | Reserved | Flags | Window |
Check sum | Urgent pointer | ||
Options (+ padding) | |||
Data (Variable) |
User datagram protocol (UDP): The UDP is a connectionless transport layer protocol that belongs to the Internet protocol family. UDP is basically an interface between IP and upper layer process.
UDP Packet:
Source port | Destination port |
Length | Check sum |
Others Applications
Hypertext transport HTML
File Transfer FTP
Terminal emulation Telnet
Electronic mail SMTP
Networking management SNMP
Distributed File Services NFS, XDR, RPC, XWINDOWS
COMPUTER SECURITY
Securing the data stored in the computer without misusing is called Computer Security.
Aspects of security
Data Integrity: Integrity refers to protection of unauthorized persons.
Data Availability: Availability refers to protection against disrupt of service.
Data Confidentiality and privacy: Confidentiality and privacy refer to protection against snooping or wire-tapping.
The issue of responsibility for information has several aspects to consider:
Accountability: Accountability refers to how an audit trail is kept. Which group is responsible for each item at data? How does this group keep records of access and change?
Authorization: Authorization refers to responsibility for each item of information and how such responsibility is delegated to others. Who is responsible for where information resides and how does a responsible person approve access and change.
Integrity mechanism
The techniques used to ensure the integrity of data against accidental damage are
Parity bits, checksum, and cyclic redundancy checks (CRCS).
A check sum or CRC cannot absolutely guarantee data integrity for two reasons. First is malfunctioning hardware, changes the value of a checksum as well as the value of the data. It is possible for the altered checksum to be valid for the altered data. Second if data changes result from a planned attack. The attacker can create a valid checksum for the altered data. Several mechanisms have been used to guarantee the integrity of message against intentional change. In general the methods encode transmitted data with a message authentication code (MAC) that attacker cannot break or forge. Typical encoding schemes uses cryptographic hashing mechanisms.
Access control and passwords
Many computer systems use password mechanism to control access to resources. A simple password scheme works well for a conventional computer system because the system does not reveal the passwords to others. In a network however a simple password mechanism is susceptible to eves dropping. If a user at one location sends a password across the network to a computer at another location, any one who wiretaps the network can obtain a copy of password. Wire-tapping is especially easy when packets travel across a LAN because many LAN technologies permit an attached station to capture a copy of all traffic.
Encryption and privacy
To ensure that the content of a message remains confidential despite wire-tapping. The message must be encrypted. In essence encryption scrambles bits of the message in such a way that only the intended recipient can unscramble them.
Several technologies exist for encryption key. In some technologies a sender and receiver must both have a copy of an encrypted key. The sender uses the key to produce an encrypted message. The receiver uses the key to decode the encrypted message i.e. the encrypt function used by the sender takes two arguments a key ‘k’ and message ‘m’ to be encrypted.
The function produces an encrypted version of message, E
E=encrypt (k, m)
The decrypt function reverses the mapping to produce the original message
M=decrypt (K, E)
Mathematically decrypt is the inverse of encrypt
M=decrypt (k, encrypt (K, M))
Public key encryption
In many encryption schemes, the key must be kept secret to avoid compromising security. One particular interesting encryption technique assigns each user a pair of keys. One of the user keys called the private key is kept secret, while the other, called the public key, is published along with the name of the user. The encryption function has the mathematical property that a message encrypted with the public key cannot be easily decrypt except with private key and a message encrypted with the private key cannot be decrypted except with the public key.
Let M denotes a message, pub-u1 denotes users public key and prv-ul denote user’s private key. Then
M=decrypt (pub-u1, encrypt (prv-u1, M))
And
M=decrypt (prv-u1, encrypt (pub-u1, M))
Public key encrypt encryption can be used to guarantee confidentiality. A sender who wishes a message to remain private uses the receiver’s public key to encrypt the message. The scheme ensures that data remains confidential because only the receiver can decrypt the message.
Authentication with digital signatures
An encryption mechanism can also be used to authenticate the sender of a message. The technique is known as digital signature. To sign a message the sender encrypts the message using a key known only to the sender. The recipient uses the inverse function to decrypt the message. The recipient knows who has sent the message because only the sender has the key needed to perform the encryption. To ensure the encrypted messages are not copied and resent later, the original message contains time and date that the message was created.
Consider how a public key system can be used to provide a digital signature. The message is signed by using the sender’s private key to encrypt it. Second the encrypted message is encrypted again using the recipient’s public key.
X=encrypt (pun-u2, encrypt (prv-u1, M))
The recipient uses his private key to decrypt the message and sender’s public key to decrypt the message again.
M=decrypt (pub-u1, encrypt (prv-u2, X))
Internet firewall concept
A packet filter is often used to protect an organizations computer and networks from unwanted Internet traffic.
packet filter configured to protect and organization against traffic from the rest of the Internet Fire wall
In particular by limiting access to a small set at computers. A firewall can prevent outsiders from probing all computers in an organization. Flooding the organizations network with unwanted traffic or attacking a computer by sending a sequence of IP data grams i.e. known to cause the computer system to misbehave. A firewall can lower the cost of providing security