Truba Institute of Engineering & Information Technology Bhopal BE-205 UNIT IV Computer Networking : Introduction, Goals ISO-OSI Model Functions of Different Layers Internetworking Concepts Devices TCP/IP Model Introduction to Internet World Wide Web Network Security & E-commerce Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 1. Introduction A computer network can be two computers connected. The primary purpose of a computer network is to share resources. A computer network can also consist of, and is usually made for, more than two computers: In connection with the information technology and computers a network is a way to connect computers together so that they can communicate, exchange information and pool resources or a network is a communicating system connecting two or more computers. Network connects people as close as the next office and as for as halfway around the world. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 In business networks have revolutionized the use of computer technology. Many businesses that used to relay on a centralized system with mainframe and a collection of terminals now use computer networks in which every employee who needs a computer has personal computer connected to the network. In education, schools, colleges and universities have also shifted to strategies built around networked personal computers. 1.1 Types of Networks Communications differ in geographical size. Three important types are LANs, MANs, WANs. Local Area Networks (LANs) Network with computers and peripherals devices in close proximity within the same building are called local area networks (LANs). The figure shows an example of a LAN. This type of arrangement has two benefits: 1. People can share different equipment, which lowers the cost of equipment. 2. LAN also features a network gateway. i.e. a LAN may be linked to other LANs or to large networks in this manner. Metropolitan Area Network (MANs) These network are used as links between office buildings in a city. Cellular phone systems expand the flexibility of MANs by allowing links to car phones and portable phones. Wide Area Network (WANs) Wide area networks are countrywide and worldwide networks. Among other kinds of channels they use microwave relays and satellites to reach users over long distances. One of the most widely used WANs is Internet. Which allows users to connect to other users and facilities worldwide. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Uses The of most common uses of Internet Internet are 1. Communicating Sending and receiving e-mail is the most popular internet activity. You can send and receive email to and from you friends and family located almost anywhere in the world. You can join an listen to discussions and debates on a wide variety of special interest topics. 2. Shopping One of the fastest growing applications of Interest is electronic commerce. You can visit a cyber mall for making purchases. 3. Researching Internet provides you to have one of the world's largest libraries available from home. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 4. Entertainment Do you like music, the moves and reading or playing computer games? You can find them all on Internet waiting for you to locate and enjoy. 1.2 Different types of links: There are two types of links: 1. Point-to-Point or Direct Access Link: Such links are used to connect two devices only. Such links provide a direct path between two devices, thus forming a network that does not have any intermediate device. Such an approach cannot be used to interconnect a large network since it's not feasible to have a direct point-to-point link between all the nodes in a network. The drawback of such networks is that for large networks, it is not feasible to have a direct point to point link between all nodes for cost reasons. A network in which there is a direct point-to-point link between every node and all other nodes is called a fully connected network. 2. Multiple Access Link: When multiple devices are connected to one another via a single link, such that each of the devices is connected by the link to all other devices at the same time, the link is said to be a multiple-access link. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 1.3 Transmission modes A given transmission on a communications channel between two machines can occur in several different ways. The transmission is characterised by: the direction of the exchanges the transmission mode: the number of bits sent simultaneously synchronisation between the transmitter and receiver Simplex, half-duplex and full-duplex connections There are 3 different transmission modes characterised according to the direction of the exchanges: A simplex connection is a connection in which the data flows in only one direction, from the transmitter to the receiver. This type of connection is useful if the data do not need to flow in both directions (for example, from your computer to the printer or from the mouse to your computer...). Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 A half-duplex connection (sometimes called an alternating connection or semi-duplex) is a connection in which the data flows in one direction or the other, but not both at the same time. With this type of connection, each end of the connection transmits in turn. This type of connection makes it possible to have bidirectional communications using the full capacity of the line. A full-duplex connection is a connection in which the data flow in both directions simultaneously. Each end of the line can thus transmit and receive at the same time, which means that the bandwidth is divided in two for each direction of data transmission if the same transmission medium is used for both directions of transmission. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 1.4 Network Topologies A network topology is the basic design of a computer network. Topology, in relation to networking, describes the configuration of the network; including the location of the workstations and wiring connections. Basically it provides a definition of the components of a Local Area Network (LAN). A topology, which is a pattern of interconnections among nodes, influences a network's cost and performance. There are three primary types of network topologies which refer to the physical and logical layout of the Network cabling. They are: 1. Star Topology: All devices connected with a Star setup communicate through a central Hub by cable segments. Signals are transmitted and received through the Hub. It is the simplest and the oldest and all the telephone switches are based on this. In a star topology, each network device has a home run of cabling back to a network hub, giving each device a separate connection to the network. So, there can be multiple connections in parallel. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Advantages o o o o Network administration and error detection is easier because problem is isolated to central node . Networks runs even if one host fails. Expansion becomes easier and scalability of the network increases. More suited for larger networks. Disadvantages o o o Broadcasting and multicasting is not easy because some extra functionality needs to be provided to the central hub. If the central node fails, the whole network goes down; thus making the switch some kind of a bottleneck. Installation costs are high because each node needs to be connected to the central switch. 2. Bus Topology: The simplest and one of the most common of all topologies, Bus consists of a single cable, called a Backbone, that connects all workstations on the network using a single line. All transmissions must pass through each of the connected devices to complete the desired request. Each workstation has its own individual signal that identifies it and allows for the requested data to be returned to the correct originator. In the Bus Network, messages are sent in both directions from a single point and are read by the node (computer or peripheral on the network) identified by the code with the message. Most Local Area Networks (LANs) are Bus Networks because the network will continue to function even if one computer is down. This topology works equally well for either peer to peer or client server. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 The purpose of the terminators at either end of the network is to stop the signal being reflected back. Advantages o o o o Broadcasting and multicasting is much simpler. Network is redundant in the sense that failure of one node doesn't effect the network. The other part may still function properly. Least expensive since less amount of cabling is required and no network switches are required. Good for smaller networks not requiring higher speeds . Disadvantages o o o Trouble shooting and error detection becomes a problem because, logically, all nodes are equal. Less secure because sniffing is easier. Limited in size and speed. 3. Ring Topology: All the nodes in a Ring Network are connected in a closed circle of cable. Messages that are transmitted travel around the ring until they reach the computer that they are addressed to, the signal being refreshed by each node. In a ring topology, the network signal is passed through each network card of each device and passed on to the next device. Each device processes and retransmits the signal, so it is capable of supporting many devices in a somewhat slow but very orderly fashion. There is a very nice feature that everybody gets a chance to send a packet and it is guaranteed that every node gets to send a packet in a finite amount of time. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Advantages o o o o o Broadcasting and multicasting is simple since you just need to send out one message Less expensive since less cable footage is required It is guaranteed that each host will be able to transmit within a finite time interval Very orderly network where every device has access to the token and the opportunity to transmit Performs better than a star network under heavy network load Disadvantages o o o o Failure of one node brings the whole network down Error detection and network administration becomes difficult Moves, adds and changes of devices can effect the network It is slower than star topology under normal load Generally, a BUS architecture is preferred over the other topologies - ofcourse, this is a very subjective opinion and the final design depends on the requirements of the network more than anything else. Lately, most networks are shifting towards the STAR topology. Ideally we would like to design networks, which physically resemble the STAR topology, but behave like BUS or RING topology. 2. OSI MODEL: First introduced in 1978, the OSI (Open Systems Interconnection) 7-layer model was developed by the ISO (International Standards Organization) in the days when all communications protocols were proprietary and inter-manufacturer communication almost impossible Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 The concept behind the Open Systems Interconnection model was to enable any device or system operating with any protocol to communicate with another device or system using its own protocol. This removed the restrictions on users of being forced to operate with a specific set of proprietary hardware or software. The OSI model defines seven distinct ‘layers’. Each layer has a set of specifications and functions that it performs. What makes the open systems approach work is the ability for communications at a given layer to be able to interface correctly, come-what-may, with both the higher and lower layers. Layer 7 – Applications Not, as you might expect, application programs like word processors or spreadsheets, but the protocols they can use to communicate with remote systems. You may have heard of some such as HTTP, FTP, and most famously WWW, there are many more. The application layer handles functions that the programs need like; • Resource sharing and device redirection • Remote file access Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 • Inter process communication • Network management Layer 6 – Presentation This layer converts the data format of the sending application into that of the receiving application. Common functions here are; • Data compression • Encryption • Conversion of bit order; CR to CR/LF; integer to floating point etc. • Character code translation e.g. ASCII to EBCDIC. At the presentation layer we’ve escaped from the reality of physical devices – everything is understood by the systems in terms of ‘virtual’ or ‘logical’ devices. This is what gives the ISO model its ability to seamlessly interconnect so many different hardware and software combinations. Layer 5 – Session Establishes and terminates communication sessions between hosts and handles naming translations. A good analogy for the session layer is the boss’s secretary. The secretary responsible for co-ordinating meetings, phone conversations, appointments, and preventing the bosses (higher layers) from disturbance when they are busy. The session layer does the same job between processes running on two different machines by establishing, maintaining and then terminating a ‘session’ to transfer messages. Processes at this layer include; • Connection and disconnection of any node from the network • Authentication of user access • Permitting multiple applications to share a virtual circuit • Fault recovery if a break in service occurs The session layer registers whether devices must send and receive data alternatively or concurrently, the protocols to be used for the session, communications modes, error checking and recovery. Layer 4 – Transport Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 The transport layer is responsible for the interfacing between the application software and the available hardware – protecting the upper layers from errors, data losses and out of sequence data. The transport layer provides: • Message segmentation – splitting outgoing messages into smaller units (frames) that the network layer can handle. • Re-assembly of the frames of an incoming data stream into the larger message size (in the correct order of course). • Message acknowledgement • Message traffic control – telling the far end to wait when buffers are full. • Multiplexing of several sessions onto one logical or virtual link – and keeping track of which frames belong to which session! TCP and UDP are examples of Layer 4 protocols. The transport layer and the layers above are called end-to-end layers. They are oblivious of the details of the underling communication facility. It is also the last layer that deals with messages. The next three layers are very different. Layer 3 – Network This layer interfaces the higher end-to-end layers with the lower physical dependant layers. Whereas the higher layers are only required on end point equipment, the network layer and lower layers are also implemented on intermediate network equipment such as routers (Layers 1, 2 and 3), switches (Layer 1 and 2) and hubs (Layer 1). There is no knowledge of messages at this layer, only the message fragments known as packets. The Network layer addresses and routes packets. The addressing only specifies the destination, for example in TCP/IP networks this is where the IP address is applied and read. The network layer provides: • Routing of frames among networks • Traffic control • Frame fragmentation • Logical to physical address mapping (names to numbers) • Usage accounting for statistics and billing Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Commonly known protocols at the network layer are ISDN, ATM and the most prevalent – the IP part of TCP/IP. Layer 2 – Data Link Control The job of the data link control layer is twofold. To ‘shield’ the upper layers from any concerns about the physical transmission channel and to provide error-free transfer of data frames from one node to the next node over the physical layer. The data link layer receives raw bits (‘I’s and ‘0’s) from the physical layer and assembles them into the logical groups or frames that the upper layers require. To do this, the data link control layer has to: • Establish and terminate the logical link between nodes. • Control frame traffic • Transmit and receive frames sequentially • Acknowledge frames • Detect and recover from errors in the physical layer by retransmitting non-acknowledged frames and handling duplicate frame receipt. • Create and recognize frame boundaries The data link layer is actually split into two sub layers – the Media Access Control sub layer covering address management (those well known MAC addresses) and the Logical Link Control sub layer, which manages flow and error control, automatic requests for retransmission (ARQ) methods and handshake processes. Layer 1 –Physical The physical layer describes the electrical, optical, mechanical and functional interfaces to the physical transmission medium and carries the signals for all the higher layers. It has four facets: • Data Encoding – modifying simple binary ‘1’s and ‘0’s into electrical or optical states that are best carried by, and detected at the far end of, the physical medium. For example, what physical state represents a ‘1’, how the receive station knows when a ‘bit-time” starts and how the receiving station delineates a frame. • Transmission techniques – for example whether the encoded bits will be transmitted by baseband (digital) or broadband (analogue) signals. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 • Physical medium transmission – transmits bits as electrical or optical signals and determines factors such as how many volts or dB (or what change in volts as dB) represents a given signal state on the specific physical medium (STP, UTP, co-ax, fibre, radio, etc.). • Physical medium attachment. 3. TCP/IP PROTOCOL SUIT: The Internet protocol suite is the set of communications protocols used for the Internet and similar networks, and generally the most popular protocol stack for wide area networks. It is commonly known as TCP/IP, because of its most important protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP), which were the first networking protocols defined in this standard. TCP/IP provides endto-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination. It has four abstraction layers, each with its own protocols. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 TCP/IP PROTOCOL SUIT: Layers 2 and 1 - Network Access The combination of data link and physical layers deals with pure hardware (wires, satellite links, network interface cards, etc.) and access methods such as CSMA/CD (carrier sensed multiple access with collision detection). Ethernet exists at the network access layer - its hardware operates at the physical layer and its medium access control method (CSMA/CD) operates at the data link layer. Layer 3 - Internet This layer is responsible for the routing and delivery of data across networks. It allows communication across networks of the same and different types and carries out translations to deal with dissimilar data addressing schemes. IP (Internet Protocol) and ARP (Address Resolution Protocol) are both to be found at the Internet layer. \ Layer 3 - Internet This layer is responsible for the routing and delivery of data across networks. It allows communication across networks of the same and different types and carries out translations to deal with dissimilar data addressing schemes. IP (Internet Protocol) and ARP (Address Resolution Protocol) are both to be found at the Internet layer. ARP- Address Resolution Protocol Machine A wants to send a packet to B, but A only knows B’s IP address Machine A broadcasts ARP request with B’s IP address All machines on the local network receive the broadcast Machine B replies with its physical address Machine A adds B’s address information to its table Machine A delivers packet directly to B Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 RARP- Reverse Address Resolution Protocol RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server's Address Resolution Protocol (ARP) table or cache. A network administrator creates a table in a local area network's gateway router that maps the physical machine (or Media Access Control - MAC address) addresses to corresponding Internet Protocol addresses. When a new machine is set up, its RARP client program requests from the RARP server on the router to be sent its IP address. Assuming that an entry has been set up in the router table, the RARP server will return the IP address to the machine which can store it for future use. A reverse address resolution protocol (RARP) is used for diskless computers to determine their IP address using the network. The RARP message format is very similar to the ARP format. When the booting computer sends the broadcast ARP request, it places its own hardware address in both the sending and receiving fields in the encapsulated ARP data packet. The RARP server will fill in the correct sending and receiving IP addresses in its response to the message. This way, the booting computer will know its IP address when it gets the message from the RARP server. RARP request packet is usually generated during the booting sequence of a host. A host must determine its IP address Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 during the booting sequence. The IP address is needed to communicate with other hosts in the network. When a RARP server receives a RARP request packet, it performs the following steps: 1. The MAC address in the request packet is looked up in the configuration file and mapped to the corresponding IP address. 2. If the mapping is not found, the packet is discarded. 3. If the mapping is found, a RARP reply packet is generated with the MAC and IP address. This packet is sent to the host, which originated the RARP request. IP- Internetworking Protocol IP is the connectionless network layer protocol that provides datagram protocol. IP takes care of the communication with other computers. IP is responsible for the sending and receiving data packets over the Internet. LAYER-4: TCP - Transmission Control Protocol TCP is used for transmission of data from an application to the network.TCP is responsible for breaking data down into IP packets before they are sent, and for assembling the packets when they arrive. UDP- User Datagram Protocol UDP provides a minimal, unreliable, best-effort, message-passing transport to applications and upperlayer protocols. Compared to other transport protocols, UDP and its UDP-Lite variant are unique in that they do not establish end-to-end connections between communicating end systems. UDP communication consequently does not incur connection establishment and teardown overheads and there is minimal associated end system state. LAYER-5: HTTP- Hyper Text Transmission Protocol It is the protocol used to convey information of World Wide Web (WWW). HTTP protocol is a stateless and connectionless protocol. HTTP is called as a stateless protocol because each command is request is executed independently, without any knowledge of the requests that were executed before it. It is the protocol used for the web. It is based on a request/request paradigm. In this protocol the communication generally takes place over a TCP/IP protocol. FTP- File Transfer Protocol Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 FTP stands for "File Transfer Protocol". It is an Internet service specially designed to establish a connection to a particular Internet server (or computer), so that users are able to transfer files (download) to their computer or to transfer (upload) their own files to the server (computer). The FTP protocol also includes commands that can be used to execute operations on a remote computer; e.g., to show folder contents, change directories, create folders or delete files. FTP is based on the client/server model for communications between computers. In this model, a computer called a server runs a program that "serves" data to other computers. The other computers run client programs that request information and process the replies that the server sends. When using FTP, the external computer (the external system) that is running the server program is called the FTP server (host, remote system). SMTP- Simple Mail Transfer Protocol SMTP stands for Simple Mail Transfer Protocol. It's a set of communication guidelines that allow software to transmit email over the Internet. Most email software is designed to use SMTP for communication purposes when sending email and it only works for outgoing messages. When people set up their email programs, they will typically have to give the address of their Internet service provider's SMTP server for outgoing mail. There are two other protocols - POP3 and IMAP - that are used for retrieving and storing email. DNS- Domain name system To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the connection of a host to the Internet. However, people prefer to use names instead of numeric addresses. Therefore, we need a system that can map a name to an address or an address to a name. Difference between OSI model and TCP/IP model The Internet Protocol Suite also known as TCP/IP is the set of communications protocols used for the Internet and other similar networks. It is named from two of the most important protocols in it: the Transmission Control Protocol (TCP) and the Internet Protocol (IP), which were the first two networking protocols defined in this standard. IP networking represents a synthesis of several developments that began to evolve in the 1960s and 1970s, namely the Internet and LANs (Local Area Networks), which emerged in the mid- to late-1980s, together with the advent of the World Wide Web in early 1990s. The Internet Protocol Suite, like many protocol suites, may be viewed as a set of layers. Each layer solves a set of problems involving the transmission of data, and provides a well-defined service to the upper layer protocols based on using services from some lower layers. Upper layers are logically closer to the user and deal with more abstract data, relying on lower layer protocols to Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 translate data in to forms that can eventually be physically transmitted. The main differences between the two models are as follows: 1. OSI is a reference model and TCP/IP is an implementation of OSI model. 2. TCP/IP Protocols are considered to be standards around which the internet has developed. The OSI model however is a "generic, protocol-independent standard." 3. TCP/IP combines the presentation and session layer issues into its application layer. 4. TCP/IP combines the OSI data link and physical layers into the network access layer. 5. TCP/IP appears to be a simpler model and this is mainly due to the fact that it has fewer layers. 6. TCP/IP is considered to be a more credible model- This is mainly due to the fact because TCP/IP protocols are the standards around which the internet was developed therefore it mainly gains creditability due to this reason. Where as in contrast networks are not usually built around the OSI model as it is merely used as a guidance tool. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 7. The OSI model consists of 7 architectural layers whereas the TCP/IP only has 5 layers. 8. In the TCP/IP model of the Internet, protocols are deliberately not as rigidly designed into strict layers as the OSI model. RFC 3439 contains a section entitled "Layering considered harmful." However, TCP/IP does recognize four broad layers of functionality which are derived from the operating scope of their contained protocols, namely the scope of the software application, the endto-end transport connection, the internetworking range, and lastly the scope of the direct links to other nodes on the local network.9.The presumably strict consumer/producer layering of OSI as it is usually described does not present contradictions in TCP/IP, as it is permissible that protocol usage does not follow the hierarchy implied in a layered model. Such examples exist in some routing protocols (e.g., OSPF), or in the description of tunneling protocols, which provide a Link Layer for an application, although the tunnel host protocol may well be a Transport or even an Application Layer protocol in its own right.10.The TCP/IP design generally favors decisions based on simplicity, efficiency and ease of implementation. 4.Connectivity Devices : Connectivity devices are those devices used to make physical network connections. Connectivity devices operate at the physical layer of the Open Systems Interconnection Reference Model (OSI) model. The OSI model describes how computer services and procedures are standardized. This standardization allows computers to share information and enables the interconnection of various networking connectivity devices regardless of vendor. The OSI model uses the concept of seven stacked layers to define a network communications system. The lower three layers: Physical, Data Link, and Network, deal mostly with network-dependent (hardware) functions. Repeaters As data travels through cabling systems, a certain amount of electrical interference and signal loss is inevitable. As the need for larger networks that span greater distances developed, a solution was needed to resolve signal loss over the network. Repeaters were created to regenerate and amplify weak signals, thus extending the length o f the network. The basic function of a repeater is to retime, reshape, and reamplify the data signal to its original level. Hubs Hubs, sometimes called concentrators, reside in the core of the LAN cabling system. They are basically multiport repeaters. The hub connects workstations and sends every transmission to all the connected workstations. They work much like the old telephone party lines, where only one computer can “talk” at a time. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Internetworking Devices As networks became increasingly complex, the need for internetworking devices also increased. Internetworking devices are active components rather than passive. They are considered active because they do more than simply pass data across a network. They make “intelligent” decisions and may interpret, reformat, and/or direct data as it passes through a network. Internetworking devices typically operate at OSI model layers other than the physical layer. Bridges Bridges connect network segments typically using the same communication protocol, passing information from one network to the other. A bridge may divide an overloaded network into smaller, more efficient networks. Bridges break networks into separate segments and direct transmission to the appropriate segment much like a police officer directs automobile traffic. Switches One way of relieving network congestion is to use a switch, either in place of a hub or bridge, or in addition to a hub. Routers Routers link two or more different networks together, such as an Internet Protocol network. These networks can consist of various types of LAN segments, for example, Ethernet, token ring, or Fiber Distributed Data Interface (FDDI). A router receives packets and selects the optimum path to forward the packet across the network. Routers build a table of all the device addresses (routing table) across the networks. Using this table, the router forwards a transmission from the sending station to the receiving station across the best path. Gateways Gateways are multi-purpose connection devices. They are able to convert the format of data in one computing environment to a format that is usable in another computer environment (for example, AppleTalk and DECnet). The term gateway is sometimes used when referring to a router. For the purpose of this lesson, gateways are devices that link different network types and protocols. For example, gateways translate different electronic mail protocols and convey email across the Internet. 5.NETWORK SECURITY The networks are computer networks, both public and private, that are used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks are comprised of "nodes", which are "client" terminals (individual user PCs) and one or more "servers" and/or "host" computers. They are linked by communication systems, some of which might be private, such as within a company and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publicly-accessible communications. Today, most companies' host computers can be Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines. Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then choosing the most effective set of tools to combat them. Threats to network security include: Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event. Trojan horse programs: Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games Vandals: Software applications or applets that cause destruction. Attacks: Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system). Data interception: Involves eavesdropping on communications or altering data packets being transmitted. Social engineering: Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people's passwords. Network security tools include: Antivirus software packages: These packages counter most virus threats if regularly updated and correctly maintained. Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Secure network infrastructure: Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management. Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections. Virtual private networks: These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data. Identity services: These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys. Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient. Security management: This is the glue that holds together the other building blocks of a strong security solution. None of these approaches alone will be sufficient to protect a network, but when they are layered together; they can be highly effective in keeping a network safe from attacks and other threats to security. In addition, well-thought-out corporate policies are critical to determine and control access to various parts of the network. Network Security Goals: Core Network Security Goals are Confidentiality: Assurance that data is not read or accessed by unauthorized persons Integrity: Assurance that the data has not been altered except by the people who are explicitly intended to modify it. Access Control Authentication: The process of validating the claimed identity of an end user or a device such as a host, server, switch, router, etc. Must be careful whether a technology is using: – User authentication – Device authentication – Application authentication Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 Material beyond syllabus Computer Malware Malware is a general name for all programs that are harmful; viruses, trojan, worms and all other similar programs. Viruses A computer virus is a program, a block of executable code, which attach itself to, overwrite or otherwise replace another program in order to reproduce itself without a knowledge of a PC user. There are a couple of different types of computer viruses: boot sector viruses, parasitic viruses, multi-partite viruses, companion viruses, link viruses and macro viruses. These classifications take into account the different ways in which the virus can infect different parts of a system. The manner in which each of these types operates has one thing in common: any virus has to be executed in order to operate. Most viruses are pretty harmless. The user might not even notice the virus for years. Sometimes viruses might cause random damage to data files and over a long period they might destroy files and disks. Even benign viruses cause damage by occupying disk space and main memory, by using up CPU processing time. There is also the time and expense wasted in detecting and removing viruses. Trojan A Trojan Horse is a program that does something else that the user thought it would do. It is mostly done to someone on purpose. The Trojan Horses are usually masked so that they look interesting, for example a saxophone.wav file that interests a person collecting sound samples of instruments. A Trojan Horse differs from a destructive virus in that it doesn't reproduce. There has been a password trojan out in AOL land (the American On Line). Password30 and Pasword50 which some people thought were wav. files, but they were disguised and people did not know that they had the trojan in their systems until they tried to change their passwords. According to an administrator of AOL, the Trojan steals passwords and sends an E-mail to the hackers fake name and then the hacker has your account in his hands. Worms A worm is a program which spreads usually over network connections. Unlike a virus which attach itself to a host program, worms always need a host program to spread. In practice, worms Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 are not normally associated with one person computer systems. They are mostly found in multiuser systems such as Unix environments. Encryption Encryption is the process of scrambling a message so that only the intended recipient can read it. The actual cryptographic process is generally a complicated mathematical formulation, the more complex -the more difficult to break. A key is supplied to the recipient so that they can then decipher the message. Keys for encryption algorithms are described in terms of the number of bits. The higher the number of bits - the more difficult that cryptosystem would be to break. Need of encryption Encryption can provide a means of securing information. As more and more information is stored on computers or communicated via computers, the need to insure that this information is invulnerable to snooping and/or tampering becomes more relevant. Any thoughts with respect to your own personal information (ie. medical records, tax records, credit history, employment history, etc.) may bring to mind an area in which you DO want, need or expect privacy. As teachers, we are often called upon to handle sensitive student information. We need to have access to student records, but maintain the confidentiality of their information.. Encryption is seen by many people as a necessary step for commerce on the internet to succeed. Without confidence that net transactions are secure, people are unwilling to trust a site enough to transact any sort of business using it. Encryption may give consumers the confidence they need to do internet business. Encryption can also provide a means of "message authentication". The PGP User's Guide explains, "The sender's own secret key can be used to encrypt a message thereby signing it. This creates a digital signature of a message...This proves that the sender was the true originator of the message, and that the message has not been subsequently altered by anyone else, because the sender alone possesses the secret key that made that signature." This prevents forgery of that signed message, and prevents the sender from denying the signature. E-mail is certainly not secure. While you may believe that the use of a password makes your business private, you should be aware that sending information without encryption has been likened to sending postcards through the mail. Your message is totally open to interception by anyone along the way. You may believe that your personal e-mail is not incriminating and does not contain content that you must keep secret, and you may be right. But there are many common situations, where users have a legitimate need for security both to protect that information and to insure that information is not tampered with: Consumers placing orders with credit cards via the Internet, journalists protecting their Submitted by: Sugan Patel Computer Science & Engineering Department Truba Institute of Engineering & Information Technology Bhopal BE-205 sources, therapists protecting client files, businesses communicating trade secrets to foreign branches, ATM transactions, political dissenters, or whistle-blowers -- all are examples of why encryption may be needed for e-mail or data files, and why it might be necessary to create a secure environment through its use. Submitted by: Sugan Patel Computer Science & Engineering Department