Truba Institute of Engineering & Information Technology Bhopal
BE-205
UNIT IV









Computer Networking : Introduction, Goals
ISO-OSI Model
Functions of Different Layers
Internetworking Concepts
Devices
TCP/IP Model
Introduction to Internet
World Wide Web
Network Security & E-commerce
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
1. Introduction
A computer network can be two computers connected. The primary purpose of a computer network is
to share resources.
A computer network can also consist of, and is usually made for, more than two computers:
In connection with the information technology and computers a network is a way to connect computers
together so that they can communicate, exchange information and pool resources or a network is a
communicating system connecting two or more computers. Network connects people as close as the
next
office
and
as
for
as
halfway
around
the
world.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
In business networks have revolutionized the use of computer technology. Many businesses that used to
relay on a centralized system with mainframe and a collection of terminals now use computer networks
in which every employee who needs a computer has personal computer connected to the network. In
education, schools, colleges and universities have also shifted to strategies built around networked
personal computers.
1.1
Types
of
Networks
Communications differ in geographical size. Three important types are LANs, MANs, WANs.
Local
Area
Networks
(LANs)
Network with computers and peripherals devices in close proximity within the same building are called
local
area
networks
(LANs).
The figure shows an example of a LAN. This type of arrangement has two benefits:
1.
People
can
share
different
equipment,
which
lowers
the
cost
of
equipment.
2. LAN also features a network gateway. i.e. a LAN may be linked to other LANs or to large networks
in
this
manner.
Metropolitan
Area
Network
(MANs)
These network are used as links between office buildings in a city. Cellular phone systems expand the
flexibility of MANs by allowing links to car phones and portable phones.
Wide
Area
Network
(WANs)
Wide area networks are countrywide and worldwide networks. Among other kinds of channels they use
microwave relays and satellites to reach users over long distances. One of the most widely used WANs
is Internet. Which allows users to connect to other users and facilities worldwide.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Uses
The
of
most
common
uses
of
Internet
Internet
are
1.
Communicating
Sending and receiving e-mail is the most popular internet activity. You can send and receive email to and from you friends and family located almost anywhere in the world. You can join an
listen to discussions and debates on a wide variety of special interest topics.
2.
Shopping
One of the fastest growing applications of Interest is electronic commerce. You can visit a cyber
mall for making purchases.
3.
Researching
Internet provides you to have one of the world's largest libraries available from home.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
4.
Entertainment
Do you like music, the moves and reading or playing computer games? You can find them all
on
Internet
waiting
for
you
to
locate
and
enjoy.
1.2 Different types of links:
There are two types of links:
1. Point-to-Point or Direct Access Link:
Such links are used to connect two devices only. Such links provide a direct path between two devices,
thus forming a network that does not have any intermediate device. Such an approach cannot be used to
interconnect a large network since it's not feasible to have a direct point-to-point link between all
the nodes in a network. The drawback of such networks is that for large networks, it is not feasible to
have a direct point to point link between all nodes for cost reasons. A network in which there is a direct
point-to-point link between every node and all other nodes is called a fully connected network.
2. Multiple Access Link:
When multiple devices are connected to one another via a single link, such that each of the devices is
connected by the link to all other devices at the same time, the link is said to be a multiple-access link.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
1.3 Transmission modes
A given transmission on a communications channel between two machines can occur in several
different ways. The transmission is characterised by:



the direction of the exchanges
the transmission mode: the number of bits sent simultaneously
synchronisation between the transmitter and receiver
Simplex, half-duplex and full-duplex connections
There are 3 different transmission modes characterised according to the direction of the exchanges:

A simplex connection is a connection in which the data flows in only one direction, from the
transmitter to the receiver. This type of connection is useful if the data do not need to flow in
both directions (for example, from your computer to the printer or from the mouse to your
computer...).
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205

A half-duplex connection (sometimes called an alternating connection or semi-duplex) is a
connection in which the data flows in one direction or the other, but not both at the same time.
With this type of connection, each end of the connection transmits in turn. This type of
connection makes it possible to have bidirectional communications using the full capacity of the
line.

A full-duplex connection is a connection in which the data flow in both directions
simultaneously. Each end of the line can thus transmit and receive at the same time, which
means that the bandwidth is divided in two for each direction of data transmission if the same
transmission medium is used for both directions of transmission.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
1.4 Network Topologies
A network topology is the basic design of a computer network. Topology, in relation to networking,
describes the configuration of the network; including the location of the workstations and wiring
connections. Basically it provides a definition of the components of a Local Area Network (LAN). A
topology, which is a pattern of interconnections among nodes, influences a network's cost and
performance. There are three primary types of network topologies which refer to the physical and
logical layout of the Network cabling. They are:
1. Star Topology: All devices connected with a Star setup communicate through a central Hub by
cable segments. Signals are transmitted and received through the Hub. It is the simplest and the
oldest and all the telephone switches are based on this. In a star topology, each network device
has a home run of cabling back to a network hub, giving each device a separate connection to
the network. So, there can be multiple connections in parallel.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Advantages
o
o
o
o
Network administration and error detection is easier because problem is isolated to
central node .
Networks runs even if one host fails.
Expansion becomes easier and scalability of the network increases.
More suited for larger networks.
Disadvantages
o
o
o
Broadcasting and multicasting is not easy because some extra functionality needs to be
provided to the central hub.
If the central node fails, the whole network goes down; thus making the switch some
kind of a bottleneck.
Installation costs are high because each node needs to be connected to the central switch.
2. Bus Topology:
The simplest and one of the most common of all topologies, Bus consists of a single cable,
called a Backbone, that connects all workstations on the network using a single line. All
transmissions must pass through each of the connected devices to complete the desired request.
Each workstation has its own individual signal that identifies it and allows for the requested
data to be returned to the correct originator. In the Bus Network, messages are sent in both
directions from a single point and are read by the node (computer or peripheral on the network)
identified by the code with the message. Most Local Area Networks (LANs) are Bus Networks
because the network will continue to function even if one computer is down. This topology
works equally well for either peer to peer or client server.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
The purpose of the terminators at either end of the network is to stop the signal being reflected
back.
Advantages
o
o
o
o
Broadcasting and multicasting is much simpler.
Network is redundant in the sense that failure of one node doesn't effect the network.
The other part may still function properly.
Least expensive since less amount of cabling is required and no network switches are
required.
Good for smaller networks not requiring higher speeds .
Disadvantages
o
o
o
Trouble shooting and error detection becomes a problem because, logically, all nodes
are equal.
Less secure because sniffing is easier.
Limited in size and speed.
3. Ring Topology:
All the nodes in a Ring Network are connected in a closed circle of cable. Messages that are
transmitted travel around the ring until they reach the computer that they are addressed to, the
signal being refreshed by each node. In a ring topology, the network signal is passed through
each network card of each device and passed on to the next device. Each device processes and
retransmits the signal, so it is capable of supporting many devices in a somewhat slow but very
orderly fashion. There is a very nice feature that everybody gets a chance to send a packet and it
is guaranteed that every node gets to send a packet in a finite amount of time.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Advantages
o
o
o
o
o
Broadcasting and multicasting is simple since you just need to send out one message
Less expensive since less cable footage is required
It is guaranteed that each host will be able to transmit within a finite time interval
Very orderly network where every device has access to the token and the opportunity to
transmit
Performs better than a star network under heavy network load
Disadvantages
o
o
o
o
Failure of one node brings the whole network down
Error detection and network administration becomes difficult
Moves, adds and changes of devices can effect the network
It is slower than star topology under normal load
Generally, a BUS architecture is preferred over the other topologies - ofcourse, this is a very subjective
opinion and the final design depends on the requirements of the network more than anything else.
Lately, most networks are shifting towards the STAR topology. Ideally we would like to design
networks, which physically resemble the STAR topology, but behave like BUS or RING topology.
2. OSI MODEL:
First introduced in 1978, the OSI (Open Systems Interconnection) 7-layer model was developed by the
ISO (International Standards Organization) in the days when all communications protocols were
proprietary and inter-manufacturer communication almost impossible
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
The concept behind the Open Systems Interconnection model was to enable any device or system
operating with any protocol to communicate with another device or system using its own protocol. This
removed the restrictions on users of being forced to operate with a specific set of proprietary hardware
or software.
The OSI model defines seven distinct ‘layers’. Each layer has a set of specifications and functions that
it performs. What makes the open systems approach work is the ability for communications at a given
layer to be able to interface correctly, come-what-may, with both the higher and lower layers.
Layer 7 – Applications
Not, as you might expect, application programs like word processors or spreadsheets, but the protocols
they can use to communicate with remote systems. You may have heard of some such as HTTP, FTP,
and most famously WWW, there are many more. The application layer handles functions that the
programs need like;
• Resource sharing and device redirection
• Remote file access
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
• Inter process communication
• Network management
Layer 6 – Presentation
This layer converts the data format of the sending application into that of the receiving application.
Common functions here are;
• Data compression
• Encryption
• Conversion of bit order; CR to CR/LF; integer to floating point etc.
• Character code translation e.g. ASCII to EBCDIC.
At the presentation layer we’ve escaped from the reality of physical devices – everything is understood
by the systems in terms of ‘virtual’ or ‘logical’ devices. This is what gives the ISO model its ability to
seamlessly interconnect so many different hardware and software combinations.
Layer 5 – Session
Establishes and terminates communication sessions between hosts and handles naming translations. A
good analogy for the session layer is the boss’s secretary. The secretary responsible for co-ordinating
meetings, phone conversations, appointments, and preventing the bosses (higher layers) from
disturbance when they are busy. The session layer does the same job between processes running on two
different machines by establishing, maintaining and then terminating a ‘session’ to transfer messages.
Processes at this layer include;
• Connection and disconnection of any node from the network
• Authentication of user access
• Permitting multiple applications to share a virtual circuit
• Fault recovery if a break in service occurs
The session layer registers whether devices must send and receive data alternatively or concurrently,
the protocols to be used for the session, communications modes, error checking and recovery.
Layer 4 – Transport
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
The transport layer is responsible for the interfacing between the application software and the available
hardware – protecting the upper layers from errors, data losses and out of sequence data.
The transport layer provides:
• Message segmentation – splitting outgoing messages into smaller units (frames) that the network layer
can handle.
• Re-assembly of the frames of an incoming data stream into the larger message size (in the correct
order of course).
• Message acknowledgement
• Message traffic control – telling the far end to wait when buffers are full.
• Multiplexing of several sessions onto one logical or virtual link – and keeping track of which frames
belong to which session!
TCP and UDP are examples of Layer 4 protocols. The transport layer and the layers above are called
end-to-end layers. They are oblivious of the details of the underling communication facility. It is also
the last layer that deals with messages. The next three layers are very different.
Layer 3 – Network
This layer interfaces the higher end-to-end layers with the lower physical dependant layers. Whereas
the higher layers are only required on end point equipment, the network layer and lower layers are also
implemented on intermediate network equipment such as routers (Layers 1, 2 and 3), switches (Layer 1
and 2) and hubs (Layer 1). There is no knowledge of messages at this layer, only the message
fragments known as packets. The Network layer addresses and routes packets.
The addressing only specifies the destination, for example in TCP/IP networks this is where the IP
address is applied and read.
The network layer provides:
• Routing of frames among networks
• Traffic control
• Frame fragmentation
• Logical to physical address mapping (names to numbers)
• Usage accounting for statistics and billing
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Commonly known protocols at the network layer are ISDN, ATM and the most prevalent – the IP part
of TCP/IP.
Layer 2 – Data Link Control
The job of the data link control layer is twofold. To ‘shield’ the upper layers from any concerns about
the physical transmission channel and to provide error-free transfer of data frames from one node to the
next node over the physical layer. The data link layer receives raw bits (‘I’s and ‘0’s) from the physical
layer and assembles them into the logical groups or frames that the upper layers require. To do this, the
data link control layer has to:
• Establish and terminate the logical link between nodes.
• Control frame traffic
• Transmit and receive frames sequentially
• Acknowledge frames
• Detect and recover from errors in the physical layer by retransmitting non-acknowledged frames and
handling duplicate frame receipt.
• Create and recognize frame boundaries
The data link layer is actually split into two sub layers – the Media Access Control sub layer covering
address management (those well known MAC addresses) and the Logical Link Control sub layer,
which manages flow and error control, automatic requests for retransmission (ARQ) methods and
handshake processes.
Layer 1 –Physical
The physical layer describes the electrical, optical, mechanical and functional interfaces to the physical
transmission medium and carries the signals for all the higher layers. It has four facets:
• Data Encoding – modifying simple binary ‘1’s and ‘0’s into electrical or optical states that are best
carried by, and detected at the far end of, the physical medium. For example, what physical state
represents a ‘1’, how the receive station knows when a ‘bit-time” starts and how the receiving station
delineates a frame.
• Transmission techniques – for example whether the encoded bits will be transmitted by baseband
(digital) or broadband (analogue) signals.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
• Physical medium transmission – transmits bits as electrical or optical signals and determines factors
such as how many volts or dB (or what change in volts as dB) represents a given signal state on the
specific physical medium (STP, UTP, co-ax, fibre, radio, etc.).
• Physical medium attachment.
3. TCP/IP PROTOCOL SUIT:
The Internet protocol suite is the set of communications protocols used for the Internet and similar
networks, and generally the most popular protocol stack for wide area networks. It is commonly known
as TCP/IP, because of its most important protocols: Transmission Control Protocol (TCP) and Internet
Protocol (IP), which were the first networking protocols defined in this standard. TCP/IP provides endto-end connectivity specifying how data should be formatted, addressed, transmitted, routed and
received at the destination. It has four abstraction layers, each with its own protocols.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
TCP/IP PROTOCOL SUIT:
Layers 2 and 1 - Network Access
The combination of data link and physical layers deals with pure hardware (wires, satellite links,
network interface cards, etc.) and access methods such as CSMA/CD (carrier sensed multiple access
with collision detection). Ethernet exists at the network access layer - its hardware operates at the
physical layer and its medium access control method (CSMA/CD) operates at the data link layer.
Layer 3 - Internet
This layer is responsible for the routing and delivery of data across networks. It allows communication
across networks of the same and different types and carries out translations to deal with dissimilar data
addressing schemes. IP (Internet Protocol) and ARP (Address Resolution Protocol) are both to be
found at the Internet layer. \
Layer 3 - Internet
This layer is responsible for the routing and delivery of data across networks. It allows communication
across networks of the same and different types and carries out translations to deal with dissimilar data
addressing schemes. IP (Internet Protocol) and ARP (Address Resolution Protocol) are both to be
found at the Internet layer.
ARP- Address Resolution Protocol

Machine A wants to send a packet to B, but A only knows B’s IP address

Machine A broadcasts ARP request with B’s IP address

All machines on the local network receive the broadcast

Machine B replies with its physical address

Machine A adds B’s address information to its table

Machine A delivers packet directly to B
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
RARP- Reverse Address Resolution Protocol
RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local
area network can request to learn its IP address from a gateway server's Address Resolution Protocol
(ARP) table or cache. A network administrator creates a table in a local area network's gateway router
that maps the physical machine (or Media Access Control - MAC address) addresses to corresponding
Internet Protocol addresses. When a new machine is set up, its RARP client program requests from the
RARP server on the router to be sent its IP address. Assuming that an entry has been set up in the router
table, the RARP server will return the IP address to the machine which can store it for future use.
A reverse address resolution protocol (RARP) is used for diskless computers to determine their IP
address using the network. The RARP message format is very similar to the ARP format. When the
booting computer sends the broadcast ARP request, it places its own hardware address in both the
sending and receiving fields in the encapsulated ARP data packet. The RARP server will fill in the
correct sending and receiving IP addresses in its response to the message. This way, the booting
computer will know its IP address when it gets the message from the RARP server. RARP request
packet is usually generated during the booting sequence of a host. A host must determine its IP address
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
during the booting sequence. The IP address is needed to communicate with other hosts in the network.
When a RARP server receives a RARP request packet, it performs the following steps:
1. The MAC address in the request packet is looked up in the configuration file and mapped to the
corresponding IP address.
2. If the mapping is not found, the packet is discarded.
3. If the mapping is found, a RARP reply packet is generated with the MAC and IP address. This
packet is sent to the host, which originated the RARP request.
IP- Internetworking Protocol
IP is the connectionless network layer protocol that provides datagram protocol. IP takes care of the
communication with other computers. IP is responsible for the sending and receiving data packets over
the Internet.
LAYER-4:
TCP - Transmission Control Protocol
TCP is used for transmission of data from an application to the network.TCP is responsible for
breaking data down into IP packets before they are sent, and for assembling the packets when they
arrive.
UDP- User Datagram Protocol
UDP provides a minimal, unreliable, best-effort, message-passing transport to applications and upperlayer protocols. Compared to other transport protocols, UDP and its UDP-Lite variant are unique in that
they do not establish end-to-end connections between communicating end systems. UDP
communication consequently does not incur connection establishment and teardown overheads and
there is minimal associated end system state.
LAYER-5:
HTTP- Hyper Text Transmission Protocol
It is the protocol used to convey information of World Wide Web (WWW). HTTP protocol is a
stateless and connectionless protocol. HTTP is called as a stateless protocol because each command is
request is executed independently, without any knowledge of the requests that were executed before it.
It is the protocol used for the web. It is based on a request/request paradigm. In this protocol the
communication generally takes place over a TCP/IP protocol.
FTP- File Transfer Protocol
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
FTP stands for "File Transfer Protocol". It is an Internet service specially designed to establish a
connection to a particular Internet server (or computer), so that users are able to transfer files
(download) to their computer or to transfer (upload) their own files to the server (computer). The FTP
protocol also includes commands that can be used to execute operations on a remote computer; e.g., to
show folder contents, change directories, create folders or delete files.
FTP is based on the client/server model for communications between computers. In this model, a
computer called a server runs a program that "serves" data to other computers. The other computers run
client programs that request information and process the replies that the server sends. When using FTP,
the external computer (the external system) that is running the server program is called the FTP server
(host, remote system).
SMTP- Simple Mail Transfer Protocol
SMTP stands for Simple Mail Transfer Protocol. It's a set of communication guidelines that allow
software to transmit email over the Internet. Most email software is designed to use SMTP for
communication purposes when sending email and it only works for outgoing messages. When people
set up their email programs, they will typically have to give the address of their Internet service
provider's SMTP server for outgoing mail. There are two other protocols - POP3 and IMAP - that are
used for retrieving and storing email.
DNS- Domain name system
To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the connection of
a host to the Internet. However, people prefer to use names instead of numeric addresses. Therefore, we
need a system that can map a name to an address or an address to a name.
Difference between OSI model and TCP/IP model
The Internet Protocol Suite also known as TCP/IP is the set of communications protocols used for the
Internet and other similar networks. It is named from two of the most important protocols in it: the
Transmission Control Protocol (TCP) and the Internet Protocol (IP), which were the first two
networking protocols defined in this standard. IP networking represents a synthesis of several
developments that began to evolve in the 1960s and 1970s, namely the Internet and LANs (Local Area
Networks), which emerged in the mid- to late-1980s, together with the advent of the World Wide Web in
early 1990s. The Internet Protocol Suite, like many protocol suites, may be viewed as a set of layers.
Each layer solves a set of problems involving the transmission of data, and provides a well-defined
service to the upper layer protocols based on using services from some lower layers. Upper layers
are logically closer to the user and deal with more abstract data, relying on lower layer protocols to
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
translate data in to forms that can eventually be physically transmitted. The main differences between
the two models are as follows:
1. OSI is a reference model and TCP/IP is an implementation of OSI model.
2. TCP/IP Protocols are considered to be standards around which the internet has developed. The OSI
model however is a "generic, protocol-independent standard."
3. TCP/IP combines the presentation and session layer issues into its application layer.
4. TCP/IP combines the OSI data link and physical layers into the network access layer.
5. TCP/IP appears to be a simpler model and this is mainly due to the fact that it has fewer
layers.
6. TCP/IP is considered to be a more credible model- This is mainly due to the fact because
TCP/IP protocols are the standards around which the internet was developed therefore it mainly gains
creditability due to this reason. Where as in contrast networks are not usually built around the OSI
model as it is merely used as a guidance tool.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
7. The OSI model consists of 7 architectural layers whereas the TCP/IP only has 5 layers.
8. In the TCP/IP model of the Internet, protocols are deliberately not as rigidly designed
into strict layers as the OSI model. RFC 3439 contains a section entitled "Layering considered
harmful." However, TCP/IP does recognize four broad layers of functionality which are derived from
the operating scope of their contained protocols, namely the scope of the software application, the endto-end transport connection, the internetworking range, and lastly the scope of the direct links to other
nodes on the local network.9.The presumably strict consumer/producer layering of OSI as it
is usually described does not present contradictions in TCP/IP, as it is permissible that protocol usage does not
follow the hierarchy implied in a layered model. Such examples exist in some routing protocols (e.g.,
OSPF), or in the description of tunneling protocols, which provide a Link Layer for an application,
although the tunnel host protocol may well be a Transport or even an Application Layer protocol in its
own right.10.The TCP/IP design generally favors decisions based on simplicity, efficiency and ease
of implementation.
4.Connectivity Devices :
Connectivity devices are those devices used to make physical network connections. Connectivity
devices operate at the physical layer of the Open Systems Interconnection Reference Model (OSI)
model. The OSI model describes how computer services and procedures are standardized. This
standardization allows computers to share information and enables the interconnection of various
networking connectivity devices regardless of vendor. The OSI model uses the concept of seven
stacked layers to define a network communications system.
The lower three layers: Physical, Data Link, and Network, deal mostly with network-dependent
(hardware) functions.
Repeaters
As data travels through cabling systems, a certain amount of electrical interference and signal loss is
inevitable. As the need for larger networks that span greater distances developed, a solution was needed
to resolve signal loss over the network. Repeaters were created to regenerate and amplify weak signals,
thus extending the length o f the network. The basic function of a repeater is to retime, reshape, and reamplify the data signal to its original level.
Hubs
Hubs, sometimes called concentrators, reside in the core of the LAN cabling system. They are basically
multiport repeaters. The hub connects workstations and sends every transmission to all the connected
workstations. They work much like the old telephone party lines, where only one computer can “talk”
at a time.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Internetworking Devices
As networks became increasingly complex, the need for internetworking devices also increased.
Internetworking devices are active components rather than passive. They are considered active because
they do more than simply pass data across a network. They make “intelligent” decisions and may
interpret, reformat, and/or direct data as it passes through a network. Internetworking devices typically
operate at OSI model layers other than the physical layer.
Bridges
Bridges connect network segments typically using the same communication protocol, passing
information from one network to the other. A bridge may divide an overloaded network into smaller,
more efficient networks. Bridges break networks into separate segments and direct transmission to the
appropriate segment much like a police officer directs automobile traffic.
Switches
One way of relieving network congestion is to use a switch, either in place of a hub or bridge, or in
addition to a hub.
Routers
Routers link two or more different networks together, such as an Internet Protocol network. These
networks can consist of various types of LAN segments, for example, Ethernet, token ring, or Fiber
Distributed Data Interface (FDDI). A router receives packets and selects the optimum path to forward
the packet across the network. Routers build a table of all the device addresses (routing table) across the
networks. Using this table, the router forwards a transmission from the sending station to the receiving
station across the best path.
Gateways
Gateways are multi-purpose connection devices. They are able to convert the format of data in one
computing environment to a format that is usable in another computer environment (for example,
AppleTalk and DECnet). The term gateway is sometimes used when referring to a router. For the
purpose of this lesson, gateways are devices that link different network types and protocols. For
example, gateways translate different electronic mail protocols and convey email across the Internet.
5.NETWORK SECURITY
The networks are computer networks, both public and private, that are used every day to conduct
transactions and communications among businesses, government agencies and individuals. The
networks are comprised of "nodes", which are "client" terminals (individual user PCs) and one or more
"servers" and/or "host" computers. They are linked by communication systems, some of which might
be private, such as within a company and others which might be open to public access. The obvious
example of a network system that is open to public access is the Internet, but many private networks
also utilize publicly-accessible communications. Today, most companies' host computers can be
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
accessed by their employees whether in their offices over a private communications network, or from
their homes or hotel rooms while on the road through normal telephone lines.
Network security involves all activities that organizations, enterprises, and institutions undertake to
protect the value and ongoing usability of assets and the integrity and continuity of operations. An
effective network security strategy requires identifying threats and then choosing the most effective set
of tools to combat them.
Threats to network security include:
Viruses: Computer programs written by devious programmers and designed to replicate themselves
and infect computers when triggered by a specific event.
Trojan horse programs: Delivery vehicles for destructive code, which appear to be harmless or useful
software programs such as games
Vandals: Software applications or applets that cause destruction.
Attacks: Including reconnaissance attacks (information-gathering activities to collect data that is later
used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain
entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent
access to part or all of a computer system).
Data interception: Involves eavesdropping on communications or altering data packets being
transmitted.
Social engineering: Obtaining confidential network security information through nontechnical means,
such as posing as a technical support person and asking for people's passwords.
Network security tools include:
Antivirus software packages: These packages counter most virus threats if regularly updated and
correctly maintained.
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Secure network infrastructure: Switches and routers have hardware and software features that
support secure connectivity, perimeter security, intrusion protection, identity services, and security
management. Dedicated network security hardware and software-Tools such as firewalls and intrusion
detection systems provide protection for all areas of the network and enable secure connections.
Virtual private networks: These networks provide access control and data encryption between two
different computers on a network. This allows remote workers to connect to the network without the
risk of a hacker or thief intercepting data.
Identity services: These services help to identify users and control their activities and transactions on
the network. Services include passwords, digital certificates, and digital authentication keys.
Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other than the
authorized recipient.
Security management: This is the glue that holds together the other building blocks of a strong
security solution.
None of these approaches alone will be sufficient to protect a network, but when they are layered
together; they can be highly effective in keeping a network safe from attacks and other threats to
security. In addition, well-thought-out corporate policies are critical to determine and control access to
various parts of the network.
Network Security Goals:
Core Network Security Goals are




Confidentiality: Assurance that data is not read or accessed by unauthorized persons
Integrity: Assurance that the data has not been altered except by the people who are explicitly
intended to modify it.
Access Control
Authentication: The process of validating the claimed identity of an end user or a device such
as a host, server, switch, router, etc. Must be careful whether a technology is using:
– User authentication
– Device authentication
– Application authentication
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
Material beyond syllabus
Computer Malware
Malware is a general name for all programs that are harmful; viruses, trojan, worms and all
other
similar
programs.
Viruses
A computer virus is a program, a block of executable code, which attach itself to, overwrite or
otherwise replace another program in order to reproduce itself without a knowledge of a PC
user.
There are a couple of different types of computer viruses: boot sector viruses, parasitic viruses,
multi-partite viruses, companion viruses, link viruses and macro viruses. These classifications
take into account the different ways in which the virus can infect different parts of a system.
The manner in which each of these types operates has one thing in common: any virus has to be
executed in order to operate.
Most viruses are pretty harmless. The user might not even notice the virus for years. Sometimes
viruses might cause random damage to data files and over a long period they might destroy files
and disks. Even benign viruses cause damage by occupying disk space and main memory, by
using up CPU processing time. There is also the time and expense wasted in detecting and
removing
viruses.
Trojan
A Trojan Horse is a program that does something else that the user thought it would do. It is
mostly done to someone on purpose. The Trojan Horses are usually masked so that they look
interesting, for example a saxophone.wav file that interests a person collecting sound samples of
instruments. A Trojan Horse differs from a destructive virus in that it doesn't reproduce. There
has been a password trojan out in AOL land (the American On Line). Password30 and
Pasword50 which some people thought were wav. files, but they were disguised and people did
not know that they had the trojan in their systems until they tried to change their passwords.
According to an administrator of AOL, the Trojan steals passwords and sends an E-mail to the
hackers fake name and then the hacker has your account in his hands.
Worms
A worm is a program which spreads usually over network connections. Unlike a virus which
attach itself to a host program, worms always need a host program to spread. In practice, worms
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
are not normally associated with one person computer systems. They are mostly found in multiuser systems such as Unix environments.
Encryption
Encryption is the process of scrambling a message so that only the intended recipient can read it. The
actual cryptographic process is generally a complicated mathematical formulation, the more complex -the more difficult to break. A key is supplied to the recipient so that they can then decipher the
message. Keys for encryption algorithms are described in terms of the number of bits. The higher the
number of bits - the more difficult that cryptosystem would be to break.
Need of encryption
Encryption can provide a means of securing information. As more and more information is stored on
computers or communicated via computers, the need to insure that this information is invulnerable to
snooping and/or tampering becomes more relevant. Any thoughts with respect to your own personal
information (ie. medical records, tax records, credit history, employment history, etc.) may bring to
mind an area in which you DO want, need or expect privacy. As teachers, we are often called upon to
handle sensitive student information. We need to have access to student records, but maintain the
confidentiality of their information..
Encryption is seen by many people as a necessary step for commerce on the internet to succeed.
Without confidence that net transactions are secure, people are unwilling to trust a site enough to
transact any sort of business using it. Encryption may give consumers the confidence they need to do
internet business.
Encryption can also provide a means of "message authentication". The PGP User's Guide explains,
"The sender's own secret key can be used to encrypt a message thereby signing it. This creates a digital
signature of a message...This proves that the sender was the true originator of the message, and that the
message has not been subsequently altered by anyone else, because the sender alone possesses the
secret key that made that signature." This prevents forgery of that signed message, and prevents the
sender from denying the signature.
E-mail is certainly not secure. While you may believe that the use of a password makes your business
private, you should be aware that sending information without encryption has been likened to sending
postcards through the mail. Your message is totally open to interception by anyone along the way. You
may believe that your personal e-mail is not incriminating and does not contain content that you must
keep secret, and you may be right. But there are many common situations, where users have a
legitimate need for security both to protect that information and to insure that information is not
tampered with: Consumers placing orders with credit cards via the Internet, journalists protecting their
Submitted by: Sugan Patel Computer Science & Engineering Department
Truba Institute of Engineering & Information Technology Bhopal
BE-205
sources, therapists protecting client files, businesses communicating trade secrets to foreign branches,
ATM transactions, political dissenters, or whistle-blowers -- all are examples of why encryption may be
needed for e-mail or data files, and why it might be necessary to create a secure environment through
its use.
Submitted by: Sugan Patel Computer Science & Engineering Department