Introduction to computer networks and cybersecurity pdf download

The software interface, through which a process sends and receives messages through the network, is called a socket. A process sends a message by passing it through its socket as if it were writing to a local memory. At the output of its socket is a communica- tion infrastructure that transports the message to the socket of the receiving process.

This latter socket passes the message on to the receiving process for the appropriate action. As Figure 1. Because it resides in this position within the stack, it is referred to as the Application Programming Interface API for programmers. The socket is essentially a boundary separating levels of control. While control of the entire process exists on the application layer side of this boundary, very little control exists on the transport layer and bottom three layers of the stack.

Developers are typically able to select only the transport protocol and some select parameters, such as the IP address and port number. Given the communication process infrastructure, we now need to address the manner in which a process running on host A indicates that it wants to communicate with another process run- ning on host B.

In order to perform this operation, information on both the receiving host and the process are needed. In the Internet, the host is uniquely identified by a bit IP address.

Within the host, the process itself has a specific identifier. Since numerous processes, e. Some port numbers have been previously assigned to some of the more useful applications. So, to send an HTTP message to the cnn. With TCP, the two sockets are essentially connected by a virtual highway, and it is through this connections-oriented service that communication is established.

The handshake that takes place while establishing the con- nection allows the client and server to agree upon the sequence number to be used. A sequence number is used for each TCP segment in order to achieve reliable transport.

This so-called connectionless operation is a best effort arrangement and therefore generally unreliable. While we have found that processes communicate through sockets, and we have briefly men- tioned the mechanisms by which this communication is accomplished, a number of important issues remain unanswered.

The details that codify the manner in which processes, running on different hosts, pass messages back and forth is defined by the application-layer protocol. This protocol defines such things as the types of messages that can be exchanged, i. It is important to note that while many application-layer protocols are in the public domain, some are not. Protocols that are intentionally unavailable are typically proprietary.

One such example is Skype. When the Internet was first introduced, it supported the interaction of a small number of individuals composed primarily of academics and researchers, and it was almost totally unknown to people outside these two groups. Then along came the World Wide Web WWW and with it essentially a revolution in the manner in which people interacted in both personal and business environments. WWW turned the Internet into a data network with enormous potential, which led to the development of Web browsers.

While the Web as we know it today contains an absolutely staggering amount of information, the problem is of course one of trying to effectively find what you need. The first search engine was WAIS, and it started a development that has led to our ability to use the Web in ways we had never dreamed.

Timing is also an issue. The data loss, timing and bandwidth requirements for a variety of applications are shown in Table 1. Each protocol has some distinctive services and the applica- tion developer must choose the one that best fits the application.

In order to aid the developer in this selection process, a listing of the comparative services is outlined in Table 1. TABLE 1. In addition, it is too late for the sender to retransmit the packet using TCP for the required low delay jitter. Table 1. For example, a Web page consists of objects, which are nothing more than files. These Irwin, J.

The base HTML file includes several referenced objects, such as links and images. Each object is addressable by a Uniform Resource Locator URL , and the following is a typical example of a URL in which the host name and path name are specified as shown. As such, it controls the manner in which Web pages are transferred back and forth between the Web server and its various clients. As illustrated in Figure 1.

There are two versions of HTTP. Recall from Table 1. When the client initiates a TCP connection to the server and the server accepts the connection, sockets are created at both ends and port number 80 is used. Then, HTTP messages are exchanged between the browser, i. Since TCP is employed, the data transfer is reliable. Once the request has been answered, the TCP connection is closed. Keep in mind that HTTP is stateless, meaning that the server maintains no information about past client requests.

Protocols that maintain state are complex because the past history must be maintained in some manner. Request is sent by a client to a web server and response is sent from a web server to a client.

As shown in Figure 1. These header lines are followed by a blank line representing the carriage return, and the line feed indicating the end of the Header lines [6]. Once again, it is infor- mative to compare this format to the screen capture shown in Figure 1. Wireshark is a network analyzer software or network sniffer that supports every OS. It is a free download from www. Line 10 [SYN], i. Lines represent the file transfer from a HTTP server. Line 17 acknowledges that the correct file has been received by the client host.

Clearly, a format that is understood by every host will make this task easy. For example, mailto:xyzt auburn. The format and interpretation of fragment iden- tifiers are dependent on the media type of the resulting retrieval, as defined in RFC [6]. One example is shown in Figure 1. A URI can be further classified as a locator, a name, or both. This URL specifies where an identified resource is available and the mechanism for retrieving it.

For example, Irwin, J. The information that is sent from a form with the POST method is invisible in the header lines and there are no limits on the amount of information sent. The GET information, i. A service is being requested and that service is a search. Figure 1. Note that the information specifies that the GET method is requested, the ver- sion number is given and the host identified. The informa- tion requested is a name search, in particular the name of John Smith.

However, in this case there is an entity body that contains the query. Once again, a search is specified, and in this case the search is conducted in order to find people. The input param- eters are the first and last name, which must be given in the entity body.

It is important to note that the information in the body can be encrypted to provide better security, whereas the header lines can be sniffed easily. While these two versions have some things in common, there are some distinct differences.

The requested HTML file completes the response message. As the example HTTP response message indicates, the first line specifies the status code.

Some of the more typical status codes, and their description, are listed in Table 1. In the former case, at most one object is sent over a separate and distinct TCP connection. In the latter case, multiple objects are sent over the same TCP connec- tion.

Tower image 2. Motorbike image 3. The client browser can request image files while interpreting HTML tags in the manner indicated in Figure 1. We further assume the client browser wants to download this page. Let us first consider the non-persistent HTTP case by examining in detail the manner in which a Web page is transferred from server to client. Step 3: The TCP handshake is sent from server to client to confirm the connection is established.

These first three steps are illustrated in Figure 1. The message sent indicates that the client requests a base HTML file. As the figure illustrates, this process is repeated for each of the three JPEG objects.

The fact that there are several steps involved in this process leads one to question the amount of time this process will actually take. To aid us in quantifying the time involved, we define the round-trip time RTT as the time required for a small packet to travel from client to server and back again. With reference to Figure 1. For simplic- ity, we have deliberately ignored such things as propagation delays and delays in routers and other intermediate devices.

In the situation outlined in Figure 1. In summary, the non-persistent client-server interaction over TCP has the following charac- teristics. One connection is established for each object, and the server closes the connection after sending an object. Two RTTs are required per object. Finally, after the base HTML file is processed by the client browser, the browser opens parallel TCP connections in order to fetch the referenced objects.

In the former Irwin, J. Request connection Request connection Accept connection Accept connection Request bike image Request index. In the latter mode, multiple active con- nections are employed at the same time. In fact, most browsers will open multiple parallel TCP connections. In order to facilitate the visualization of these two types of connections, we assume infinite bandwidth. This is clearly a process which operates in tandem and thus by its very nature is time consuming.

On the other hand, Figure 1. There is however an underlying assumption in this case that the pipe has an infinite bandwidth. For a low data rate link, there is essentially no difference between parallel and serial connections; however, a high data rate link can benefit from parallel connections. Let us next consider the persistent HTTP case. It also encounters operating system over- head for each TCP connection, and the browsers typically open parallel TCP connections in order to fetch the referenced objects.

Persistent HTTP connections can be in one of two forms: with and without pipelining. Without pipelining, the client issues a new request only when the previous response has been received, and only one RTT is required for each referenced object. The client issues the three HTTP requests, one after the other, without waiting for the arrival of previously requested files as shown in Figure 1.

In contrast to pipelining, the persistent connection without pipelining issues a request and then waits until the complete file is received before issuing the next HTTP request. For most organizations, the access link to the Internet is almost always full, and hence there typically exists a long queuing delay when sending a packet to the Internet. Assume, for example, that the average queuing delay at the border router is ms when a packet travels to the Internet.

In contrast, when a response packet travels from the Internet to a Gbps LAN, the queuing delay is negligible when compared with the delay in the opposite direction.

In addition, suppose that a homepage is to be downloaded that has only one base file that is Kbits long. Network latency contains the round-trip time RTT and the number of round trips required to transfer application data is the delay that can be minimized through protocol optimizations. Network bandwidth has grown substantially over the past two decades, thereby reducing the transmission delay, while propaga- tion delay is largely constrained by the speed of light and has remained unchanged.

Therefore reducing the number of round trips has become the most effective way to improve the latency of TCP-based applications. The media file will stop play back if the rate of play back exceeds the rate at which the file is downloaded. The file will resume to play again after further video is downloaded. Google Video, and YouTube support video progressive downloading that can seek any part of the video before buffering is complete. A Flash Video player can request any part of the Flash Video file starting at a specified key frame.

Cookies are designed to provide a browser with memory for a particular site that one has visited. Individuals who use the Web to purchase a variety of items are typically very familiar with Cookies. Obviously, this information can be very useful in enticing the users to buy more goods by informing them of buying opportunities that fit their pattern of purchases.

Cookies provide the state information for HTTP since it is inherently stateless. In addition, the file is also contained in a back-end database that exists at the Web site. The following data is typical of the type of information Cookies generate: Alice always accesses the Internet from a PC, and this is the first time the current Web site has been vis- ited.

The actual process proceeds as indicated in Figure 1. When an initial HTTP request arrives at the site, e. This information is also saved in a special Cookie file maintained by the browser. If Alice returns to the amazon. This process is repeated each time Alice visits this web site. There is tremendous value in this process for amazon.

For example, the web site knows such things as what she is purchasing, how much she is purchasing, the order of her purchases and the times of purchase. Armed with this information, the company is in a position to suggest additional purchases that are aligned with her previous history of purchases at their site. So, once a purchase has been made and Alice has given the company all the necessary data that identifies her, e. Two cookies are set by amazon. Note that this Hypertext Transfer Protocol contains two Cookies.

Two cookies are sent to amazon. The server responds by sending the requested page, pre- ceded by the HTTP header, that may contain lines requesting the browser to store Cookies.

If the browser sup- ports Cookies and they are enabled, every subsequent page request to this particular server will contain the Cookie. This last condition permits a server or script to explicitly delete a Cookie. This process can be performed in the following manner. First, the user provides both user name and password in the text fields of a login page and forwards them to the server.

Next, the server receives and checks this data. If correct, the server sends back a page that confirms a successful login and includes a Cookie. Finally, with every user request from the server, the browser automatically sends the Cookie to the server, the server compares the Cookie with those that are stored, and if a match is found the server has identified the user. This technique is commonly used by a variety of sites that permit login, such as Yahoo.

Cookies assist with such things as authorization, shopping carts, recommendations and user session state, i. This state is maintained at the protocol endpoints, i. Cookies are routinely being used to collect statistics and generate Irwin, J. However, when a Cookie is used for a single sign on, the authen- tication information stored in the Cookie may be stolen. Unfortunately, Cookies contain a lot of information about an individual and therefore privacy is always an issue when they are used.

The use of a proxy server is the most economical way. The web cache, also known as a proxy server, is an intermediary device between the client and origin server as indicated in Figure 1. It handles HTTP requests for the origin server, and stores recently requested objects. A user can configure a browser to first access the web cache.

Under these circumstances, the browser sends all HTTP requests directly to cache. If the requested object is resident in cache, the cache will return the object to the client.

Otherwise, the cache will request the object from the origin server. When the cache receives the object, it retains a copy and for- wards it on to the client. The proxy caching operation is performed in the following manner. This technique clearly has some inherent advantages. It provides quick turnaround to clients, reduces the load on the Web server, and it results in a significant drop in bandwidth consumption for the access link that connects an internal network to the Internet.

It is, of course, possible that the cache does not have the most up-to-date version of an object. Perhaps it has been recently modified in the Web server. If no recent modification has taken place, it is not necessary for the origin server to send the object to the proxy. If a modification has taken place, the proxy will no longer have the most up-to-date version of the object, and it will be necessary for the web server to forward this updated version to the proxy.

Therefore, the file transmission delay of the objects contained in the page is elimi- nated; this also removes the associated processing delays, propagation delays, and queuing delays for subsequently requesting and delivering objects contained in the web pages.

As a consequence, the congested border router of an organization may have fewer outgoing HTTP request packets and a reduction in the queuing delays for achieving a faster Internet link to an ISP. Conditional POST can also be used in a similar manner.

The first proxy server, known as Squid, is still the most popular open-source proxy server software. One should understand its caveats when using each of its features. Since the proxy is a server to the client and a client to the server, it is essentially a client and server at the same time. The proxy also plays a critical role in security. It is the initial point of contact for a client, and yet no important information is stored locally. As such, it serves as a sacrificial lamb in the case of unwarranted penetration.

If the cache is poisoned, then attacks can be propagated to a computer that accesses the cache. Recently, there have been numerous attacks aimed at poisoning the cache, and unfortunately they are as effective as an attack on the origin server for users that employ the proxy. In the former case, where the browser is specifically configured for this mode of operation, all requests are directed to the proxy. In this mode, user action is required. In the latter case, the proxy lies in the path between client and server, intercepts packets en route, and interposes itself in the transfer of data.

The benefit of this mode is that no user action is required. Web proxies do perform a number of viable functions. Among them are anonymization, trans- coding, prefetching and filtering. The transcoding operation converts data from one form to another to reduce the size of files for such things as cell-phone browsers, and it improves the effective link performance when communicating with ISPs. By requesting content before the user asks for it, prefetching provides a valuable service for dialup users.

Filtering is yet another important function in that it can be used to block access to sites, based on either URL or content. Many vendors provide security services by simply blocking access to malicious sites. Filtering can also be used to reduce the bandwidth consumption for certain protocols and appli- cations, such as P2P and video streaming.

Content providers want to offer content, while consumers want to access it. To do this, quite often the providers deploy server farms and replicas, while consumers deploy web proxies. What are the consequences? What is the most effective and economical way of designing access links? The computer network with a 10 Mbps access link is shown in Figure 1. The following assumptions are made concerning the operation of this network. The consequences of this change from a 10 Mbps to a 45 Mbps access line are reflected in two areas.

However, this upgrade will be costly, e. For example, assuming a hit rate of 0. In addition, how do we ensure that the information is always available even when the area suffers catastrophic damage?

The advantages of WAAS are centralized applications and storage in the data center while maintaining LAN-like application performance by caching. This caching involves both replicating and synching files and the database. It also provides for application acceleration for remote employees, the minimization of branch office IT costs and the simplification of data pro- tection through the existing infrastructure.

Content delivery networks CDNs are used to cache data in various geographic locations around the world, so you can access that data faster by reducing access latency. CDNs can dynamically distribute assets to strategically placed redundant core, fallback and edge servers. CDNs can have automatic server availability sensing with instant user redirection. A CDN can offer high availability, even with large power, network or hardware outages.

As indicated in Figure 1. The user must provide authentication information in the form of a user identification and password, and interact with FTP through a FTP user interface. The FTP process is executed in the following manner.

When the client identifies a file and sends the server a file transfer com- mand, the server opens a second TCP connection, which is used by the server to transfer the file of interest.

Random Books. Book Description: If a network is not secure, how valuable is it? Get the Fundamentals of Internet Architecture and the Protocol Layers Organized into six parts, the book walks you through the fundamentals, starting with the way most people first encounter computer networks—through the Internet architecture.

Learn about Malware and Security Systems Building on the concepts and principles, the book then delves into state-of-the-art cybersecurity mechanisms in Part 5.

Understand Cyber Attacks—and What You Can Do to Defend against Them This comprehensive text supplies a carefully designed introduction to both the fundamentals of networks and the latest advances in Internet security. Articulate Storyline Essentials. Beginning SharePoint Development. Beginning SharePoint Beginning PowerShell for SharePoint Follow Us!

Latest Books. Articulate Storyline Essentials 18 June Beginning SharePoint Development 18 June Beginning SharePoint 18 June Popular Categories. Programmer-books is a great source of knowledge for software developers.