Network & Internet

Networks ?  The need to share information and resources among different computers has lead to linked computer system, call “networks”

Network classifications  Local area network (LAN)  Metropolitan area network (MAN) Network for intermediate size  Wide area network (WAN) Neighboring cities Open, Closed, Proprietary network.

Network topology  The study of the arrangement or mapping of the elements (links, nodes, etc.) of a network, especially the physical (real) and logical (virtual) interconnections between nodes

Network topology

Industrial Ethernet

Network data transfer  In computing, a protocol is a convention or standard that controls or enables the connection, communication, and data transfer between two computing endpoints.

Ring: Token ring protocol  Possession of the token gives a machine the authority to transmit its own message. Without Token, a machine is only allowed to forward messages

Bus: CSMA/CD  Carrier Sense, Multiple Access with Collision Detection  The protocol dictates the each message be broadcast to all the machine on the bus.  Each machine monitors all the messages but keep only those addressed to itself  To transmit a msg, a machine waits until the bus is silent. Transmit a msg and continue to monitor the bus.

Bus: CSMA/CD  When the clash is detected, machines pause for a brief random period of time before trying to transmit again.

Combining Networks  Repeater: passes signals back and forth between two original buses w/o considering the meaning of the signals  Bridge: looks at the destination address that accompanies each msg and forwards a msg only for the area  Switch: essential a bridge with multiple connections

Communication issues  Incompatible characteristics Ring: Token ring  Bus: CSMA/CD  An internet (Not the Internet): original networks maintain their individuality and continue to function as independent networks.  Router: Switch + protocol conversion

Interprocess Communication  The various activities executing on the different computers within a network must often communicate with each other to coordinate the actions and perform the tasks.  Client/Server: involves one process communicating with numerous clients Client makes request of other processes Server satisfies the request made by clients Ex. Print Server, ATM, eShopping

Interprocess Communication  Peer to Peer (P2P) Involves two processes communicating as equals Communicates with a temporary basis Ex. MSN, Data sharing (BitTorrent)

The Internet  The Internet is a worldwide, publicly accessible network of interconnected computer networks that transmit data by packet switching using the standard Internet Protocol (IP).  It is a “network of networks”, carries various information and services, such as electronic mail, online chat, file transfer, and the interlinked Web pages and other documents of the World Wide Web.

Internet Architecture  A collection of domains  Domain: an autonomous system configured as the local authority desires (a single computer, LANs, MANs, and WANs.  Internet Corporation for Assigned Names and Numbers (ICANN)  Domain must first registered via one of the companies called registrars.

Connecting to the Internet  Internet service provider (ISP) allows customers to become a part of the domain to the Internet.  dial-up, cable, wireless connection

Internet addressing  IP (Protocol) address  IPv4  32 bits  IPv6  128 bits  Each 32-bit address consists of 2 parts Network identifier: identify in which the computer resides Host address: identify a particular computer within a domain

Internet addressing  Domain name: the Internet address in bit-pattern form (unique name) Ex. The domain name of CNN is cnn.comcnn.com  The com suffix (domain classification) called top-level domain (TLD)  Ex. com (commercial) gov (government) edu (educational purpose)

Internet addressing  To be more specific about the address, newsserver.cnn.comnewsserver.cnn.com : indicate the computer known as newsserver within cnn within the class (TLD) of the commercial domains com.

Internet addressing  domain name system (DNS): used to convert address in name form into their equivalent IP address.  DNS : name address  IP address (to be compatible with the Internet software)  The process of extracting information from DNS called “DNS lookup”

Internet Applications  Voice over Internet (VoIP): transmission of telephone data over the Internet rather than traditional telephone networks   File Transfer Protocol (FTP): client/server protocol for transfering files across the Internet anonymous FTP: to provide unrestricted access to files under FTP server auspices  Telnet

How messages are transferred over the Internet?  The Layered Approach to Internet Software A principle task of networking software is to provide the infrastructure required for transferring msg from one machine to another.

The Layered Approach to Internet Software  Internet has four layers for controlling communication over the Internet Application layer: original message Transport layer: prepare for transmission Network layer: prepare for transmission Link layer: start the transmission

OSI Model  The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model for short) is a layered, abstract description for communications and computer network protocol design, developed as part of Open Systems Interconnection initiative. It is also called the OSI seven layer model.

Layer 7: Application This is the layer that actually interacts with the operating system or application whenever the user chooses to transfer files, read messages or perform other network- related activities. Ex. HTTP, SMTP, SMPP, SNMP, FTP, Telnet, NFS, NTP, RTP,DHCP, DNS

Layer 6: Presentation Layer 6 takes the data provided by the Application layer and converts it into a standard format that the other layers can understand. Ex. MIME, XDR, SSL, TLS

Layer 5: Session Layer 5 establishes, maintains and ends communication with the receiving device. The Session layer controls the dialogues/connections (sessions) between computers. It establishes, manages and terminates the connections between the local and remote application. Ex. SIP

Layer 4: Transport This layer maintains flow control of data and provides for error checking and recovery of data between the devices. Flow control means that the Transport layer looks to see if data is coming from more than one application and integrates each application's data into a single stream for the physical network. Ex. TCP, UDP, SCTP

Layer 3: Network The way that the data will be sent to the recipient device is determined in this layer. Logical protocols, routing and addressing are handled here. Routers operate at this layer—sending data throughout the extended network and making the Internet possible. Ex. IP, ICMP, IPsec, ARP, RIP, OSPF

Layer 2: Data In this layer, the appropriate physical protocol is assigned to the data. Also, the type of network and the packet sequencing is defined. Ex. PPP, SLIP, PPTP, L2TP

Layer 1: Physical layer The Physical layer defines all the electrical and physical specifications for devices. This includes the layout of pins, voltages, and cable specifications.

Router  a computer networking device that buffers and forwards data packets across an internetwork toward their destinations, through a process known as routing. Routing occurs at layer 3 (the Network layer e.g. IP) of the OSI seven-layer protocol stack.

Routing protocols  Allow different computer networks to communicate. Routing protocols specify the set of rules that help layer 3(OSI model) devices pass information among themselves on the topology of the network. It helps the Layer 3 device decide on the best available path to send network traffic.

TCP  The Internet protocol suite is the set of communications protocols that implements the protocol stack on which the Internet and many commercial networks run.  It is part of the TCP/IP protocol suite, which is named after two of the most important protocols in it: the Transmission Control Protocol (TCP) and the Internet Protocol (IP), which were also the first two networking protocols defined.

TCP

 Using TCP, applications on networked hosts can create connections to one another, over which they can exchange streams of data using Stream Sockets.  The protocol guarantees reliable and in- order delivery of data from sender to receiver. TCP also distinguishes data for multiple connections by concurrent applications (e.g., Web server and server) running on the same host.

TCP service  reliable, in-order byte-stream data transfer loss: acknowledgements and retransmissions (Eat up part of the communication time)  flow control: sender won’t overwhelm receiver Disabling this part is the way some hackers bring down the receiving computer.  congestion control: senders “slow down sending rate” when network congested  Ex. HTTP (Web), FTP (file transfer), Telnet (remote login), SMTP ( )

User Datagram Protocol (UDP)  one of the core protocols of the Internet protocol suite. Using UDP, programs on networked computers can send short messages sometimes known as datagrams (using Datagram Sockets) to one another. UDP is sometimes called the Universal Datagram Protocol or Unreliable Datagram Protocol.

UDP  UDP does not provide the reliability and ordering that TCP does. Datagrams may arrive out of order, appear duplicated, or go missing without notice. Without the overhead of checking whether every packet actually arrived, UDP is faster and more efficient for many lightweight or time-sensitive purposes.

UDP

UDP service connectionless unreliable data transfer no flow control no congestion control Ex. Domain Name System (DNS), streaming media applications such as IPTV, Voice over IP (VoIP), Trivial File Transfer Protocol (TFTP) and online games.

TCP/IP

 IP (Internet Protocol) Locate sender and receiver location by using IP routing mechanism  ICMP (Internet Control Message Protocol) Control message transferring errors and send messages to IP  IGMP (Internet Group Management Protocol) Send UPD datagram to a group of hosts or multiple hosts simultaneously  ARP (Address Resolution Protocol) Convert IP address into MAC address  RARP : (Reverse ARP) Convert MAC address into IP address

ICMP: Error Report  ICMP Error report is sent back by a router to a target host identifying the target host is unreachable.

Trojan Port  31 : Master Paradise  121 : BO jammerkillahV  456 : HackersParadise  555 : Phase Zero  666 : Attack FTP  1001 : Silencer  1001 : WebEx  1010 : Doly Trojan 1.30 (Subm.Cronco)  1011 : Doly Trojan  1015 : Doly Trojan 1.5 (Subm.Cronco)  1033 : Netspy  1042 : Bla1.1  1170 : Streaming Audio Trojan  1207 : SoftWar  1243 : SubSeven  1245 : Vodoo  1269 : Maverick's Matrix  1492 : FTP99CMP  1509 : PsyberStreamingServer Nikhil G.  1600 : Shiva Burka  1807 : SpySender  1981 : ShockRave  1999 : Backdoor  1999 : Transcout  2001 : DerSpaeher 3  2001 : TrojanCow  2023 : Pass Ripper  2140 : The Invasor Nikhil G.  2283 : HVL Rat : Striker 2583 : Wincrash : Phineas Nikhil G : Total Eclypse (FTP) 4567 : FileNail Danny 4950 : IcqTrojan 4950 : IcqTrojen 5000 : Socket : OOTLT 5031 : NetMetro : BladeRunner 5400 : BackConstruction : IllusionMailer 5550 : XTCP : RoboHack 5742 : Wincrash 6400 : The tHing 6669 : Vampire : Deep Throat 6883 : DeltaSource (DarkStar) 6912 : Shitheep 6939 : Indoctrination 7306 : NetMonitor 7789 : iCkiller 9872 : PortalOfDoom 9875 : Portal of Doom 9989 : iNi-Killer 9989 : InIkiller : Coma Danny : SennaSpyTrojans : ProgenicTrojan : Gjamer : Hack ด 99 KeyLogger : NetBus 1.x (avoiding Netbuster) : Eclipse : Priotrity : Millenium : NetBus Pro : Logged! : Chupacabra : Bla : GirlFriend : GirlFriend : Prosiak : EvilFtp : Sub : The Unexplained : AOLTrojan : NetSphere : Socket : Kuang : Hack'a'tack : Trojan Spirit 2001 a : Tiny Telnet Server : BigGluck TN : TheSpy : Master Paradise : Fore : RemoteWindowsShutdown : Back Orifice 2000 (default port)