· 7 years ago · Oct 15, 2018, 09:42 AM
1Paper 2
2=======
3Network
4=======
5 A computer network can be described as a system of interconnected devices that can communicate using some common standards (called protocols). These devices communicate to exchange resources (e.g. files and printers) and services.
6
7 Used for everything from accessing the internet or printing a document to downloading an attachment from an email, networks are the backbone of business today. They can refer to a small handful of devices within a single room to millions of devices spread across the entire globe, and can be defined based on purpose and/or size.
8
9Types of Network
10================
11 1. Personal Area Network (PAN)
12 ------------------------------
13 The smallest and most basic type of network, a PAN is made up of a wireless modem, a computer or two, phones, printers, tablets, etc., and revolves around one person in one building. These types of networks are typically found in small offices or residences, and are managed by one person or organization from a single device.
14
15 2. Local Area Network (LAN)
16 ---------------------------
17 We’re confident that you’ve heard of these types of networks before – LANs are the most frequently discussed networks, one of the most common, one of the most original and one of the simplest types of networks. LANs connect groups of computers and low-voltage devices together across short distances (within a building or between a group of two or three buildings in close proximity to each other) to share information and resources. Enterprises typically manage and maintain LANs.
18
19 Using routers, LANs can connect to wide area networks (WANs, explained below) to rapidly and safely transfer data.
20
21 3. Wireless Local Area Network (WLAN)
22 -------------------------------------
23 Functioning like a LAN, WLANs make use of wireless network technology, such as WiFi. Typically seen in the same types of applications as LANs, these types of networks don’t require that devices rely on physical cables to connect to the network.
24
25 4. Campus Area Network (CAN)
26 ----------------------------
27 Larger than LANs, but smaller than metropolitan area networks (MANs, explained below), these types of networks are typically seen in universities, large K-12 school districts or small businesses. They can be spread across several buildings that are fairly close to each other so users can share resources.
28
29 5. Metropolitan Area Network (MAN)
30 ----------------------------------
31 These types of networks are larger than LANs but smaller than WANs – and incorporate elements from both types of networks. MANs span an entire geographic area (typically a town or city, but sometimes a campus). Ownership and maintenance is handled by either a single person or company (a local council, a large company, etc.).
32
33 6. Wide Area Network (WAN)
34 --------------------------
35 Slightly more complex than a LAN, a WAN connects computers together across longer physical distances. This allows computers and low-voltage devices to be remotely connected to each other over one large network to communicate even when they’re miles apart.
36 The Internet is the most basic example of a WAN, connecting all computers together around the world. Because of a WAN’s vast reach, it is typically owned and maintained by multiple administrators or the public.
37
38 7. Storage-Area Network (SAN)
39 -----------------------------
40 As a dedicated high-speed network that connects shared pools of storage devices to several servers, these types of networks don’t rely on a LAN or WAN. Instead, they move storage resources away from the network and place them into their own high-performance network. SANs can be accessed in the same fashion as a drive attached to a server. Types of storage-area networks include converged, virtual and unified SANs.
41
42 8. System-Area Network (also known as SAN)
43 ------------------------------------------
44 This term is fairly new within the past two decades. It is used to explain a relatively local network that is designed to provide high-speed connection in server-to-server applications (cluster environments), storage area networks (called “SANs†as well) and processor-to-processor applications. The computers connected on a SAN operate as a single system at very high speeds.
45
46 9. Passive Optical Local Area Network (POLAN)
47 ---------------------------------------------
48 As an alternative to traditional switch-based Ethernet LANs, POLAN technology can be integrated into structured cabling to overcome concerns about supporting traditional Ethernet protocols and network applications such as PoE (Power over Ethernet). A point-to-multipoint LAN architecture, POLAN uses optical splitters to split an optical signal from one strand of singlemode optical fiber into multiple signals to serve users and devices.
49
50 10. Enterprise Private Network (EPN)
51 ------------------------------------
52 These types of networks are built and owned by businesses that want to securely connect its various locations to share computer resources.
53
54 11. Virtual Private Network (VPN)
55 ---------------------------------
56 By extending a private network across the Internet, a VPN lets its users send and receive data as if their devices were connected to the private network – even if they’re not. Through a virtual point-to-point connection, users can access a private network remotely.
57
58Network Topologies
59==================
60 A network topology is the arrangement of a network, including its nodes and connecting lines. There are two ways of defining network geometry: the physical topology and the logical (or signal) topology.
61
62 Logical (or signal) topology refers to the nature of the paths the signals follow from node to node. In many instances, the logical topology is the same as the physical topology. But this is not always the case. For example, some networks are physically laid out in a star configuration, but they operate logically as bus or ring networks.
63
64 The physical topology of a network is the actual geometric layout of workstations.
65
66 1. Star Topology:
67 -----------------
68 This Topology is mainly considered for the home networking. It normally facilitates a model of central connection called the HUB and this hub may not definitely be a HUB, it may consist of Router or a Switch or a Hub itself. The devices are connected to the Hub through the UTP Ethernet. A comparative study with the bus topologies the star topology consist of more usage of cables and the breakage of the network does only pull one computer network access down and not the complete set of LAN anyhow on the failure of the hub the entire network fails.
69
70 The general advantage of the Star Topology describes ease of installation and wiring without any disruptions caused to the network while connecting or disconnecting of any devices. They are easy to connect, remove or detect faults in and among the devices or the network.
71
72 The general Disadvantages of the Star Topology state’s some such as the increase in the necessary of the cable length. The Hub or the device used as hub fails to concentrate then the nodes attached shows to be inactive or disabled automatically. These topologies are considered to be more expensive than the existing linear topologies increasing the cost value of the concentrators.
73
74 2. Star-Wired Ring
75 ------------------
76 The outlook appearance of the Star-Wired Topology is to be the same model of the Star Topology. The MAU of the Star-Wired ring consist of the wiring that focuses on the transfer of information from one device to another in a ring or a circle as explained in the figure below. A Star-Wired Topology is been used in the Token Ring protocol.
77
78 3. Ring Topology:
79 -----------------
80 Each and every device in this category has two exact neighbours for communication purposes and instances in the Ring network. The messages distributed travel through the ring in the same direction either clockwise or anti-clockwise failing the entire network on the account of breakage. If any cable or device is broken in the connection of the loop then they take the advantage of breaking the entire network. A typical usage of the FDDI, SONNET or any Token Ring topology is used for the implementation of the Ring Network. These kinds of topologies are enhanced in schools and some office enterprises.
81
82 An interesting topology in the network topology is the network topology. On the outline it looks like the group of computers which are connected in the form of circle. The network is redundant and collision-free topology. Being a ring, there are no terminator devices in this topology. The node gives information of data about destination address. According to the destination address given in the data sent in the frame it reaches the destination address and the data is given to destination from the frame. This ring topology is of another kind which is known as Dual-Ring topology. The second ring is being used when the first ring fails.
83
84 4. Bus Topology:
85 ----------------
86 These are networks and are not confused along with the Bus of the computers. These Networks are used as a common activity for the connection of the devices in the network. They are also known as the backbone of the networks. A shared connection shares the communication with another device by the medium through a single cable; they attach or tap along with the interface connector. A broadcast message is sent through the wire set in the network by the device that is need of communication and only the intended recipient formally receives, accepts and processes the messages.
87
88 Ethernet Bus topologies are in action with comparatively less usage of cables and are relatively easy in the process of installation on comparison with the alternatives. The cabling options differ as 10Base-2 (ThinNet) and 10Base-5 (ThickNet), as both are famous Ethernet cables for bus topologies. The bus topologies are best enhanced and reported with results in a limited active devices environment. If in the same case more number of computers are connected then the performance may be affected as they are only restricted to a limited number of computers. An additional problem such as the failure of the backbone shall result in the breakage of the entire network and may enter the stage of becoming unusable.
89
90 Liner Bus Topology – Advantages:
91 --------------------------------
92 The computer of the peripheral shall be attached easily with the linear bus. The requirement of the length of cable is less when compared with the Star Topologies.
93
94 Linear Bus Topology – Disadvantages:
95 ------------------------------------
96 A small break in the cable shuts the entire network. The backbone cable requires terminator at the both ends. A difficulty arises in the understanding of the problem in the shutting down of the system as a whole. This type of solution is never recommended for a stand-alone solution for a large building using large number of networking area.
97
98 5. Tree Topology:
99 -----------------
100 Integrating multiple start topologies combined with the bus topology is known as the Tree topology. To define it easily the hub is the only device that connects to the tree directly, and defined as a each hub functioning to be a root from the tree of devices. The hybrid approach of the bus and the star topologies enhances the future of the network expandability that is proposed to better than the bus topology and the star topology. Whereas in the bus topologies the numbers of devices are limited due to the generation of traffic in broadcasting and in the Star topologies there are only limited number of hub points.
101
102 Tree Topology – Disadvantages:
103 ------------------------------
104 The length of the overall segment is limited by the type of cable used. The entire system goes down upon the breakage of the backbone line in the system. The configuration is considerably more difficult other than other topologies.
105
106 6. Mesh Topology:
107 -----------------
108 This is a topology that involves the concept of routes. The mesh topologies unlike the other topologies shall take any path from the source to the destination through several options as the messages sent in other network uses the same passage. In comparison with the ring topologies the messages though having a two cable path they travel only through one direction. Some of the Wide area network associate deploys the Mesh routing.
109
110 The connection of every single node together is specified as the Full Mesh topology. This shall create the most reliable and redundant networks especially for the large networks used in many organisations. Even though if one link or the other fails they should be able to get connected and linked through the other for the transferring of the data. The linking specifies more connect-ability issues creating a technique of involving a partial mesh topology for restriction of the calculation of the wires used for the linking of the computers for every device on a network.
111
112 The Partial mesh topology is more or less like the Full-mesh as the only difference is the connection of every device with another device on the network is not made instead implementing few routes alternatively. The partial-mesh topologies is been adopted for redundant connection and mostly in WAN’s between routers. A full mesh is defined as the part of a Mesh network where the complete device connects as depicted in the illustration below, some devices may also connect through indirect way empowering the partial mesh networks.
113
114 7. Hybrid Topology:
115 -------------------
116 A hybrid topology is one where one or more network topologies exist.
117
118 Scenario 1: scenarios in which two different topologies connected together still can observe and maintain the same basic network character and hence cannot be considered as a Hybrid Network. For instance a tree network being connected to the same tree network is still the tree network. Therefore the hybrid network is said to be absolute when the two basic network topologies are associated and the topologies resulted failing to meet the basic topology definitions. Example: Two star topologies associated exhibits hybrid topology networks.
119
120 Scenario 2: two basic network topologies connected accrues the Hybrid Topology.
121
122 8. Token Bus:
123 -------------
124 The token ring network and the token bus network are similar processes wherein the station shall have the possession of a token earlier than the transmission on the network. On the other hand the determination of the topology and the understanding of the token-passing methodology are totally different. The IEEE 802.4 committee has expressed the standards of Token bus as the broadband networks in opposition with the Ethernet’s baseband transmission technique. The MAP, Manufacturing Automation Protocol for the manufacturing of the Floor networks uses the IEEE 802.4. Attached resource Computing Network (ARCNET) developed by the General Motors. Although it does not agree or confirm to IEEE 802.4 standards it comes under the Token Bus network only.
125
126 A group of workstations connected by huge long trunk cables of the network may be called as a topology. The workstations normally divide in a star configuration from the hubs comprising of the bus and the star topology. A group of user’s separated by a measured distance come under the category of the Token bus topology and they are determined to the best in structure among them. The token bus networks of the IEEE 802.4 are designed in the 75-ohm coaxial cable via the bus topology. The characteristics of the broadband for the IEEE 802.4 support the standard transmission simultaneously over different several channels.
127
128 The frames of data and tokens are transferred from one station to another in order of following the station addresses with numeric sequence. Hence the token rings are said to follow a logical ring than a physical ring. The token is passed from the last station to the first station through a numerical order pass. The token ring shall never follow the physical ring or ordering present in the workstation attachment to the cable. The stations may present in a different physical location in different orders than the transfer is said to be made. For instance the station 1 might be at one corner and station 2 be in another corner with station 3 present in the middle space.
129
130 Token bus is said to be present in some manufacturing environments while the Ethernet and the token ring methods have become more standard and prominent in many office environments.
131
132IP Address
133==========
134 Internet Protocol Address
135 -------------------------
136 It is a virtual address which is provided to a device, which is connected to a network or internet, just for communicating. It is unique in a network.
137
138Version of IP Address
139=====================
140 1. IPv4
141 2. IPv6
142
1431. IPv4 --> Internet Protocol Version 4
144----------------------------------------
145 It is a 32 bit long address, divided into 4 octets and seperated by a period.
146
147 192.168.0.28 ---> IPv4
148 4 octets --> 192|168|0|28
149 Because I can represent a number using 8 bits(0 and 1)
150 Periods --> dot(.)
151
152
153192 = 128+64 = 11000000
154168 = 128+32+8 = 10101000
1550 = 00000000
15628 = 16 + 8 + 4 = 00011100
157
158
159128 64 32 16 8 4 2 1
160=========================================================
1611 1 0 0 0 0 0 0 192
1621 0 1 0 1 0 0 0 168
1630 0 0 0 0 0 0 0 0
1640 0 0 1 1 1 0 0 28
165
166
167192.168.0.28 = 11000000.10101000.00000000.00011100
168It is composed of decimal numbers only. --> 0-9
169Total Number Of IP Address --> 2^32 IP Addresses
170 0.0.0.0 - 255.255.255.255
171
172Classes of IPv4 Addresses
173=========================
1741. Class A --> 0.0.0.0 - 127.255.255.255
1752. Class B --> 128.0.0.0 - 191.255.255.255
1763. Class C --> 192.0.0.0 - 223.255.255.255
1774. Class D --> 224.0.0.0 - 239.255.255.255
1785. Class E --> 240.0.0.0 - 255.255.255.255
179
180Class D and Class E --> Military and research and development purpose.
181
1822. IPv6 -> Internet Protocol Version 6
183======================================
184 It is 128 bit long address. It is composed of hexa decimal values. Last 32 bit of IPv6 addresses are taken from MAC Address.
185 0000:0000:0000:0000:0000:0000:0000:0000
186 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
187 Total number of IPv6 --> 2^128
188 0000:fe80:0000:f68c:50ff:fe5f:9718
189 5f:97:18
190 f4:8c:50:5f:97:18
191
192Types of IP Address
193===================
1941. Public IP Address | Global IP Address
195 IP Address which is provided by the ISP or that of ISP
196 Google.com --> myipaddress --> 125.63.71.34
197 ipcow.com ----> 125.63.71.34
198 ipchicken.com > 125.63.71.34
199
200 User-Agent Information
201 ======================
202 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
203 Hostname = 125.63.71.34.reverse.spectranet.in
204 Device = X11
205 Operating System = Ubuntu
206 Browser Name = Firefox
207 Browser Version = 60.0
208 Is Mobile Device = False
209 Is Beta = False
210 Screen Resolution = 1366 x 768
211
2122. Private IP Address | Local IP Address
213 This is the IP Address which is provided to end devices which are connected in the network, by the router.
214 MS-OS --> cmd ---> ipconfig
215 Linux/Unix --> Terminal --> ifconfig
216 ifconfig --> interface Configuration
217
218NAT
219===
220 NAT is short for Network Address Translation. NAT is an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations.
221
222 The Purpose of NAT
223 ------------------
224 NAT serves three main purposes:
225 1. Provides a type of firewall by hiding internal IP addresses
226 2. Enables a company to use more internal IP addresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies and organizations.
227 3. Allows a company to combine multiple ISDN connections into a single Internet connection.
228
229 Dynamic NAT
230 -----------
231 A type of NAT in which a private IP address is mapped to a public IP address drawing from a pool of registered (public) IP addresses. Typically, the NAT router in a network will keep a table of registered IP addresses, and when a private IP address requests access to the Internet, the router chooses an IP address from the table that is not at the time being used by another private IP address. Dynamic NAT helps to secure a network as it masks the internal configuration of a private network and makes it difficult for someone outside the network to monitor individual usage patterns. Another advantage of dynamic NAT is that it allows a private network to use private IP addresses that are invalid on the Internet but useful as internal addresses.
232
233 Static NAT
234 ----------
235 A type of NAT in which a private IP address is mapped to a public IP address, where the public address is always the same IP address (i.e., it has a static address). This allows an internal host, such as a Web server, to have an unregistered (private) IP address and still be reachable over the Internet.
236
237 https://drive.google.com/file/d/0B2xwT_-2wGTkSElEbjVxVzZXUlE1M2FXbjRHcGl1QkRqYlBR/view?usp=sharing
238 Presentation of NAT
239
240IP Subnet
241=========
242 Subnetting is the strategy used to partition a single physical network into more than one smaller logical sub-networks (subnets). An IP address includes a network segment and a host segment. Subnets are designed by accepting bits from the IP address's host part and using these bits to assign a number of smaller sub-networks inside the original network. Subnetting allows an organization to add sub-networks without the need to acquire a new network number via the Internet service provider (ISP). Subnetting helps to reduce the network traffic and conceals network complexity. Subnetting is essential when a single network number has to be allocated over numerous segments of a local area network (LAN). Subnets were initially designed for solving the shortage of IP addresses over the Internet.
243
244DHCP Server
245===========
246 A DHCP Server is a network server that automatically provides and assigns IP addresses, default gateways and other network parameters to client devices. It relies on the standard protocol known as Dynamic Host Configuration Protocol or DHCP to respond to broadcast queries by clients.
247
248 A DHCP server automatically sends the required network parameters for clients to properly communicate on the network. Without it, the network administrator has to manually set up every client that joins the network, which can be cumbersome, especially in large networks. DHCP servers usually assign each client with a unique dynamic IP address, which changes when the client’s lease for that IP address has expired.
249
250 - A DHCP client and obtain an interface IPv4 address from an upstream DHCP service a DHCP relay and forward UDP DHCP messages from clients on a LAN to and from a DHCP server
251 - A DHCP server whereby the router/switch services DHCP requests directly. However, there are limitations to using a router/switch as a DHCP server
252 - Running a DHCP server on a router/switch consumes resources on the network device. These DHCP packets are handled in software (not hardware accelerated forwarding). The resources required make this practice not suitable for a network with a large number (> 150) of DHCP clients.
253 - Does not support dynamic DNS. The router/switch DHCP server cannot create an entry into DNS on behalf of the client based on the IPv4 address that was leased to the client.
254 - No ability to e asily manage the scope and see the current DHCP bindings and leases across multiple routers. Administrator must log into the switch/router individually to get information about DHCP bindings.
255 - No high availability or redundancy of the DHCP bindings. This could cause problems if the current DHCP server and default gateway fails.
256 - It is more difficult to configure DHCP options on router/switch platform.
257 - The DHCP service running on a router/switch is not integrated with IP address management (IPAM) for address tracking and scope utilization or security forensics.
258
259Ports
260=====
261 Computer Ports
262 --------------
263 A port is a physical docking point using which an external device can be connected to the computer. It can also be programmatic docking point through which information flows from a program to the computer or over the Internet.
264
265 Characteristics of Ports
266 ------------------------
267 A port has the following characteristics −
268
269 External devices are connected to a computer using cables and ports.
270 Ports are slots on the motherboard into which a cable of external device is plugged in.
271 Examples of external devices attached via ports are the mouse, keyboard, monitor, microphone, speakers, etc.
272
273 Let us now discuss a few important types of ports −
274 Serial Port
275 -----------
276 Used for external modems and older computer mouse
277 Two versions: 9 pin, 25 pin model
278 Data travels at 115 kilobits per second
279
280 Parallel Port
281 -------------
282 Used for scanners and printers
283 Also called printer port
284 25 pin model
285 IEEE 1284-compliant Centronics port
286
287 PS/2 Port
288 ---------
289 Used for old computer keyboard and mouse
290 Also called mouse port
291 Most of the old computers provide two PS/2 port, each for the mouse and keyboard
292 IEEE 1284-compliant Centronics port
293
294 Universal Serial Bus (or USB) Port
295 ----------------------------------
296 It can connect all kinds of external USB devices such as external hard disk, printer, scanner, mouse, keyboard, etc.
297 It was introduced in 1997.
298 Most of the computers provide two USB ports as minimum.
299 Data travels at 12 megabits per seconds.
300 USB compliant devices can get power from a USB port.
301
302 VGA Port
303 --------
304 Connects monitor to a computer's video card.
305 It has 15 holes.
306 Similar to the serial port connector. However, serial port connector has pins, VGA port has holes.
307
308 Power Connector
309 ---------------
310 Three-pronged plug.
311 Connects to the computer's power cable that plugs into a power bar or wall socket.
312
313 Firewire Port
314 -------------
315 Transfers large amount of data at very fast speed.
316 Connects camcorders and video equipment to the computer.
317 Data travels at 400 to 800 megabits per seconds.
318 Invented by Apple.
319 It has three variants: 4-Pin FireWire 400 connector, 6-Pin FireWire 400 connector, and 9-Pin FireWire 800 connector.
320
321 Modem Port
322 ----------
323 Connects a PC's modem to the telephone network.
324
325 Ethernet Port
326 -------------
327 Connects to a network and high speed Internet.
328 Connects the network cable to a computer.
329 This port resides on an Ethernet Card.
330 Data travels at 10 megabits to 1000 megabits per seconds depending upon the network bandwidth.
331
332 Game Port
333 ---------
334 Connect a joystick to a PC
335 Now replaced by USB
336
337 Digital Video Interface, DVI port
338 ---------------------------------
339 Connects Flat panel LCD monitor to the computer's high-end video graphic cards.
340 Very popular among video card manufacturers.
341
342 Sockets
343 -------
344 Sockets connect the microphone and speakers to the sound card of the computer.
345
346 Network Ports
347 -------------
348 A network port is a process-specific or an application-specific software construct serving as a communication endpoint, which is used by the Transport Layer protocols of Internet Protocol suite, such as User Diagram Protocol (UDP) and Transmission Control Protocol (TCP).
349 A specific network port is identified by its number commonly referred to as port number, the IP address in which the port is associated with and the type of transport protocol used for the communication.
350 A port number is a 16-bit unsigned integer that ranges from 0 to 65535.
351
352DNS
353===
354 What is DNS?
355 ------------
356 The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
357
358 Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).
359
360 How does DNS work?
361 ------------------
362 The process of DNS resolution involves converting a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1). An IP address is given to each device on the Internet, and that address is necessary to find the appropriate Internet device - like a street address is used to find a particular home. When a user wants to load a webpage, a translation must occur between what a user types into their web browser (example.com) and the machine-friendly address necessary to locate the example.com webpage.
363
364 In order to understand the process behind the DNS resolution, it’s important to learn about the different hardware components a DNS query must pass between. For the web browser, the DNS lookup occurs “ behind the scenes†and requires no interaction from the user’s computer apart from the initial request.
365
366 There are 4 DNS servers involved in loading a webpage:
367 ------------------------------------------------------
368 DNS recursor
369 The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.
370 Root nameserver
371 The root server is the first step in translating (resolving) human readable host names into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations.
372 TLD nameserver
373 The top level domain server (TLD) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “comâ€).
374 Authoritative nameserver
375 This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request.
376
377Proxy Servers
378=============
379 What is a proxy server?
380 -----------------------
381 Proxy server is a computer that sits between a client computer and the Internet, and provide indirect network services to a client. It may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet. A proxy server intercepts all client requests, and provide responses from its cache or forwards the request to the real server. A client computer is connected to the proxy server, which acknowledges client requests by providing the requested resource/data from either a specified server or the local cache memory. Client requests include files or any other resources available on various servers.
382
383 Types of Proxy servers
384 ----------------------
385 Proxy servers are classified into several types based on purpose and functionality. Some of the most common types and their uses can be described as below:
386
387 Web Proxy
388 The most common type of proxy application, which responds to the user requests by accessing resources from cached web pages and files available on remote web servers. This facilitates quick and reliable access to data for local network clients. If the requested resource is not found in the cache, then a web proxy fetches the file from the remote server, and saves a copy in the cache before returning it to the client.
389
390 Transparent Proxy
391 Mostly used for caching websites and overcoming simple IP bans. However, such proxies do not provide any user anonymity since user’s original IP address is exposed. Transparent proxies are not specifically configured on the client computers.
392
393 Anonymous proxies
394 Do not hide the original IP address of the user; however, they provide adequate anonymity to most users. Anonymous proxies are easily detectable.
395
396 A distorting proxy
397 Identifies itself as a proxy server, and modify the HTTP headers to disguise the original IP address.
398
399 Tunneling proxies
400 Capable of passing client requests and return responses without making any modifications. These are also referred to as gateway proxies.
401
402 A forward proxy
403 Responds to client requests by retrieving data from a wide range of sources on the internet. It is also referred to as an Internet-facing proxy.
404
405 Open proxies
406 Belong to the category of forwarding proxy servers, which are accessible by any internet user since they can receive and return requests from any client computer. Meanwhile, anonymous open proxies are used for user anonymity to conceal the IP address.
407
408 Reverse proxies
409 Also known as surrogates, usually receive requests from the Internet and forward them to internal network servers. A reverse proxy server forwards requests to one or more proxy servers, whose response is returned to the client computer, the user of which has no knowledge on the origin of the response.
410
411 Where is a Proxy server used?
412 -----------------------------
413 Proxy servers are used for several purposes. If it is used as a caching web proxy, it can dramatically improve performance of a web response. When a request is made by a client, a caching proxy returns response directly from its cache if the document already exists. Otherwise, it makes the request to the real server, returns the result, and save it in its cache for later use.
414
415 Proxy servers are also used as "web proxies" to filter web page contents. An organization or company may use a proxy server to block offensive web contents from viewed by the users. Considering the growing need within organizations to prevent employees from accessing specific websites, such as facebook.com, proxy servers are being deployed across the computers connected to the intranet. Some web proxies are able to reformat web pages to suit a specific set of audience, or cater certain organizational or personal internet usage purposes. Further, web proxies can be used to prevent the attack of computer viruses and malware, as well as other hostile content transferred across the internet web pages. However, users can also use web proxy servers to access those blocked sites indirectly. These web proxies are built with PHP or CGI to implement the proxying functionality, and provide web access to those sites blocked by corporation and school proxies. Moreover, Internet Service providers (ISPs) may also use proxies to block computer viruses and other offensive contents.
416
417 There are several advantages of Proxy servers. We intend to provide some of the most basic uses of proxy servers.
418
419 Performance Improvement:
420 ------------------------
421 Proxy servers also contribute to improved web performance since the results of the user requests are saved in cache memory for a set period of time. This is achieved with the help of a caching proxy server, which could save a large amount of time while catering to the requests from a vast user load. A caching proxy server maintains a local copy of frequently requested web content. Hence, it can accelerate service requests by retrieving content from the cache memory, if it had already been requested by another client on the same network. This feature contributes to a significant reduction in upstream bandwidth usage and costs for large organizations with thousands of employees.
422
423 Monitoring and Filtering User Requests:
424 ---------------------------------------
425 As discussed earlier, web proxies can be used to filter user requests, and block certain content or web pages from being accessed. This can be achieved with the help of a content-filtering web proxy server that differentiates the users’ level of control over the content, based on the user type - Guest or Administrator.
426
427 Content-filtering proxies are generally used in organizations and educational institutions with strict internet-usage policies. Blocking certain websites, and restricting access to specific key words and censoring undesirable content are some of the basic features provided by content-filtering or web-filtering proxies. However, there are certain web proxies that are used to bypass geo-restrictions and censorship regulations by using certain advanced services that help access resources from blacklisted web locations.
428
429 Anonymous Browsing:
430 -------------------
431 An anonymous proxy server is another type of web proxy that anonymizes users' online activities. This type of proxy server directs the user requests to a destination server, which ultimately has no knowledge of the source of the request. Only the proxy is aware of the source of the request, including the user IP address and location.
432
433 Advertisements targeting specific geographical regions Web Proxies can also be used to validate and verify geo-targeted advertisements. Servers of such ads validate the source IP address of the user request, and determine the geographic location of the request with the help of a geo-IP database. The user requests are responded via proxy servers that are located within the respective geographical location, to ensure that advertisements displayed are purely relevant to the users’ location.
434
435 Translation:
436 ------------
437 Considering the global audiences, translation proxies have been developed to localize/translate the content of a source website into a local language of the client computer. Responses for requests sent by local users are replaced with translated content from the source website, and passed back through the proxy server. Some translation proxies also provide additional services such as excluding source content or substituting source content with original local content.
438
439VPN
440===
441 A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet.
442 VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources. To ensure safety, data travels through secure tunnels, and VPN users must use authentication methods -- including passwords, tokens or other unique identification procedures -- to gain access to the VPN server.
443 VPNs are used by remote workers who need access to corporate resources, consumers who may want to download files and business travelers who may want to log into sites that are geographically restricted. VPN services are critical conduits through which data can be transported safely and securely.
444
445 How a VPN works and why you should use one
446 ==========================================
447 The two most common types of VPNs are remote access VPNs and site-to-site VPNs.
448 A remote access VPN uses a public telecommunication infrastructure like the internet to provide remote users with secure access to their organization's network. This is especially important when employees are using a public Wi-Fi hotspot or other avenues to access the internet and connect to their corporate network.
449
450 A VPN client on a remote user's computer or mobile device connects to a VPN gateway on the organization's network. The gateway typically requires the device to authenticate its identity. Then, it creates a network link back to the device that allows it to reach internal network resources -- e.g., file servers, printers and intranets -- as though the gateway is on the network locally.
451
452 A remote-access VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the entire internal network.
453
454 Some VPNs provide Layer 2 access to the target network; these require a tunneling protocol like the Point-to-Point Tunneling Protocol or the Layer 2 Tunneling Protocol running across the base IPsec connection.
455
456 VPN design, What is VPN
457 =======================
458 In addition to IPsec and SSL, other protocols used to secure VPN connectivity and encrypt data are Transport Layer Security and OpenVPN.
459
460 A site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another -- usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection.
461
462 Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (virtual private LAN service) running across the base transport.
463
464 VPN services can also be defined as connections between specific computers, typically servers in separate data centers, when security requirements for their exchanges exceed what the enterprise network can deliver. Increasingly, enterprises also use VPN connections in either remote access mode or site-to-site mode to connect -- or connect to -- resources in a public infrastructure-as-a-service environment.
465
466 Newer hybrid-access scenarios put the VPN gateway itself in the cloud, with a secure link from the cloud service provider into the internal network.
467
468 Benefits of using a VPN
469 -----------------------
470 The justification for using VPN access instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network -- e.g., for a traveling sales rep -- or it is too costly to do so.
471
472 In addition to providing a secure way for remote users to transmit or access information, VPN services are used for other purposes, as well. VPNs can hide a user's browsing activity, which is particularly helpful with public Wi-Fi connections. VPNs also allow users to connect to sites that may be blocked geographically.
473
474 VPN performance may be affected by a variety of factors, among them, the speed of users' internet connections, the types of protocols an internet service provider uses and the types of encryption the VPN uses. VPN services performance can also be affected by poor quality of service and conditions that are outside IT's control.
475
476
477Computer Network | Layers of OSI Model
478======================================
479 OSI stands for Open Systems Interconnection. It has been developed by ISO – ‘International Organization of Standardization‘, in the year 1974. It is a 7 layer architecture with each layer having specific functionality to performed. All these 7 layers work collaboratively to transmit the data from one person to another across the globe.
480
481 1. Physical Layer (Layer 1) :
482 -----------------------------
483 The lowest layer of the OSI reference model is the physical layer. It is responsible for the actual physical connection between the devices. The physical layer contains information in the form of bits. It is responsible for the actual physical connection between the devices. When receiving data, this layer will get the signal received and convert it into 0s and 1s and send them to the Data Link layer, which will put the frame back together.
484
485 The functions of the physical layer are :
486 ------------------------------------------
487 Bit synchronization:
488 The physical layer provides the synchronization of the bits by providing a clock. This clock controls both sender and receiver thus providing synchronization at bit level.
489 Bit rate control:
490 The Physical layer also defines the transmission rate i.e. the number of bits sent per second.
491 Physical topologies:
492 Physical layer specifies the way in which the different, devices/nodes are arranged in a network i.e. bus, star or mesh topolgy.
493 Transmission mode:
494 Physical layer also defines the way in which the data flows between the two connected devices. The various transmission modes possible are: Simplex, half-duplex and full-duplex.
495
496 Hub, Repeater, Modem, Cables are Physical Layer devices.
497 Network Layer, Data Link Layer and Physical Layer are also known as Lower Layers or Hardware Layers.
498
499 2. Data Link Layer (DLL) (Layer 2) :
500 ------------------------------------
501 The data link layer is responsible for the node to node delivery of the message. The main function of this layer is to make sure data transfer is error free from one node to another, over the physical layer. When a packet arrives in a network, it is the responsibility of DLL to transmit it to the Host using its MAC address.
502
503 Data Link Layer is divided into two sub layers :
504 ------------------------------------------------
505 Logical Link Control (LLC)
506 Media Access Control (MAC)
507
508 Packet received from Network layer is further divided into frames depending on the frame size of NIC(Network Interface Card). DLL also encapsulates Sender and Receiver’s MAC address in the header.
509
510 The Receiver’s MAC address is obtained by placing an ARP(Address Resolution Protocol) request onto the wire asking “Who has that IP address?†and the destination host will reply with its MAC address.
511
512 The functions of the data Link layer are :
513 ------------------------------------------
514 Framing:
515 Framing is a function of the data link layer. It provides a way for a sender to transmit a set of bits that are meaningful to the receiver. This can be accomplished by attaching special bit patterns to the beginning and end of the frame.
516 Physical addressing:
517 After creating frames, Data link layer adds physical addresses (MAC address) of sender and/or receiver in the header of each frame.
518 Error control:
519 Data link layer provides the mechanism of error control in which it detects and retransmits damaged or lost frames.
520 Flow Control:
521 The data rate must be constant on both sides else the data may get corrupted thus , flow control coordinates that amount of data that can be sent before receiving acknowledgement.
522 Access control:
523 When a single communication channel is shared by multiple devices, MAC sub-layer of data link layer helps to determine which device has control over the channel at a given time.
524
525 Packet in Data Link layer is referred as Frame.
526 Data Link layer is handled by the NIC (Network Interface Card) and device drivers of host machines.
527 Switch & Bridge are Data Link Layer devices.
528
529 3. Network Layer (Layer 3) :
530 ----------------------------
531 Network layer works for the transmission of data from one host to the other located in different networks. It also takes care of packet routing i.e. selection of shortest path to transmit the packet, from the number of routes available. The sender & receiver’s IP address are placed in the header by network layer.
532
533 The functions of the Network layer are :
534 ----------------------------------------
535 Routing:
536 The network layer protocols determine which route is suitable from source to destination. This function of network layer is known as routing.
537 Logical Addressing:
538 In order to identify each device on internetwork uniquely, network layer defines an addressing scheme. The sender & receiver’s IP address are placed in the header by network layer. Such an address distinguishes each device uniquely and universally.
539
540 Segment in Network layer is referred as Packet.
541 Network layer is implemented by networking devices such as routers.
542
543 4. Transport Layer (Layer 4) :
544 ------------------------------
545 Transport layer provides services to application layer and takes services from network layer. The data in the transport layer is referred to as Segments. It is responsible for the End to End delivery of the complete message. Transport layer also provides the acknowledgement of the successful data transmission and re-transmits the data if error is found.
546 • At sender’s side:
547 Transport layer receives the formatted data from the upper layers, performs Segmentation and also implements Flow & Error control to ensure proper data transmission. It also adds Source and Destination port number in its header and forwards the segmented data to the Network Layer.
548 Note: The sender need to know the port number associated with the receiver’s application.
549 Generally this destination port number is configured, either by default or manually. For example, when a web application makes a request to a web server, it typically uses port number 80, because this is the default port assigned to web applications. Many applications have default port assigned.
550 • At receiver’s side:
551 Transport Layer reads the port number from its header and forwards the Data which it has received to the respective application. It also performs sequencing and reassembling of the segmented data.
552
553 The functions of the transport layer are :
554 ------------------------------------------
555 Segmentation and Reassembly:
556 This layer accepts the message from the (session) layer , breaks the message into smaller units . Each of the segment produced has a header associated with it. The transport layer at the destination station reassembles the message.
557 Service Point Addressing:
558 In order to deliver the message to correct process, transport layer header includes a type of address called service point address or port address. Thus by specifying this address, transport layer makes sure that the message is delivered to the correct process.
559
560 The services provided by transport layer :
561 ------------------------------------------
562 Connection Oriented Service: It is a three phase process which include
563 – Connection Establishment
564 – Data Transfer
565 – Termination / disconnection
566 In this type of transmission the receiving device sends an acknowledgment, back to the source after a packet or group of packet is received. This type of transmission is reliable and secure.
567 Connection less service: It is a one phase process and includes Data Transfer. In this type of transmission the receiver does not acknowledge receipt of a packet. This approach allows for much faster communication between devices. Connection oriented Service is more reliable than connection less Service.
568
569 Data in the Transport Layer is called as Segments.
570 Transport layer is operated by the Operating System. It is a part of the OS and communicates with the Application Layer by making system calls.
571 Transport Layer is called as Heart of OSI model.
572
573 5. Session Layer (Layer 5) :
574 ----------------------------
575 This layer is responsible for establishment of connection, maintenance of sessions, authentication and also ensures security.
576
577 The functions of the session layer are :
578 ----------------------------------------
579 Session establishment, maintenance and termination:
580 The layer allows the two processes to establish, use and terminate a connection.
581 Synchronization :
582 This layer allows a process to add checkpoints which are considered as synchronization points into the data. These synchronization point help to identify the error so that the data is re-synchronized properly, and ends of the messages are not cut prematurely and data loss is avoided.
583 Dialog Controller :
584 The session layer determines which device will communicate first and the amount of data that will be sent.
585
586 All the above 3 layers are integrated as a single layer in TCP/IP model as “Application Layerâ€.
587 Implementation of above 3 layers is done by the network application itself. These are also known as Upper Layers or Software Layers.
588
589 SCENARIO:
590 Let’s consider a scenario where a user wants to send a message through some Messenger application running in his browser. The “Messenger†here acts as the application layer which provides the user with an interface to create the data. This message or so called Data is compressed, encrypted (if any secure data) and converted into bits (0’s and 1’s) so that it can be transmitted.
591
592 6. Presentation Layer (Layer 6) :
593 ---------------------------------
594 Presentation layer is also called the Translation layer.The data from the application layer is extracted here and manipulated as per the required format to transmit over the network.
595
596 The functions of the presentation layer are :
597 ---------------------------------------------
598 Translation :
599 For example, ASCII to EBCDIC.
600 Encryption/ Decryption :
601 Data encryption translates the data into another form or code. The encrypted data is known as the cipher text and the decrypted data is known as plain text. A key value is used for encrypting as well as decrypting data.
602 Compression:
603 Reduces the number of bits that need to be transmitted on the network.
604
605 7. Application Layer (Layer 7) :
606 --------------------------------
607 At the very top of the OSI Reference Model stack of layers, we find Application layer which is implemented by the network applications. These applications produce the data, which has to be transferred over the network. This layer also serves as window for the application services to access the network and for displaying the received information to the user.
608 Ex: Application – Browsers, Skype Messenger etc.
609
610 Application Layer is also called as Desktop Layer.
611
612 The functions of the Application layer are :
613 --------------------------------------------
614 Network Virtual Terminal
615 FTAM-File transfer access and management
616 Mail Services
617 Directory Services
618
619OSI model acts as a reference model and is not implemented in Internet because of its late invention. Current model being used is the TCP/IP model.
620
621
622Session 15
623==========
624Network Traffic Analysis
625Introduction to Wireshark
626Lab Setup Wireshark
627Sniffing Wireless Network
628Creating Your Own Filters
629
630Network Traffic Analysis
631========================
632Wireshark --> Not an attacking tool, but it is traffic monitoring and analysis tool.
633
634Filters
635=======
636
6371. Protocol Based Filter
638========================
639 dns