Sunteți pe pagina 1din 101

AMITY UNIVERSITY

NETWORKING BASICS
SYLLABUS

Module I: Introduction to Networking

Computer Networks , Benefits of Computer Networks , Classification of Networks


:-(a) Based on size LAN,MAN,WAN . (b) Based on Topology STAR , BUS ,
RING . (c) Based on medium Wired , Wireless . Examples of some networks.
Networking devices : Router, Bridge , Gateway, Hub, Switch .

Module II Data Transmission

Transmission Terminology :- Simplex, Half duplex & full duplex , Bandwidth,


Serial & Parallel Communication , Analog and Digital Data Transmission ,
Transmission Media and its Characteristics :- Twisted Pair ,Coaxial Cable,
Optical Fibber
Wireless Transmission :- Radio ,Infra red.

Module III : OSI Layer concepts and Functions


Introduction to the OSI Model . The 7 layers of OSI model . Protocols :- File
Transfer Protocols, Trivial File Transfer Protocol (TFTP), TELNET, Remote login,
Electronic Mail (Email), SNMP, POP and UDP

Module IV : Internet
Introduction to internet & intranet, Internet Technologies, Basis concepts of
internet, DNS, Protocols, Services of internet, WWW.

Module V : Networking Technologies

ATM , VoIP.
Module VI : Network Security

Introduction to Virus, Worms , Trojans , Spyware . Role of Anti Spyware , Anti


Virus and Firewalls in Information Security. Hacking and Cracking ,
Cryptography , Digital Signatures .
Module I Introduction to Networking

I.1Computer Network
I.2 Benefits of Computer Networks
I.2.a. Resource Sharing .
I.2.b. Information Sharing .
I.2.c. Fast Data Transfer .
I.2.d. Saving of Time .
I.3 Classification of Networks
I.3.a Based on size LAN,MAN,WAN
I.3.b Based on Topology
I.3.b.i STAR
I.3.b.ii BUS
I.3.b.iii RING
I.3.c Based on medium Wired , Wireless .
I.4 Examples of some networks
I.5 Networking devices
I.5.a Router
I.5.b Bridge
I.5.c Gateway
I.5.d Hub
I.5.e Switch
I.1 Computer Networks

A Computer Network is obtained when two or more than two networking devices
connected together or interconnection of two or more than two smaller networks .

That is when we connect two devices we get a network and when we connect
two smaller networks , we get a larger network .

Examples of Network :-
a. Computer Networks at College , Hospital etc .
b. Internet .

I.2 Benefits of Computer Networks

Whenever we create something new , there is some benefit or advantage behind


it . Similarly Computer Networks were created with the following benefits in mind
:-

a. Resource Sharing .
b. Information Sharing .
c. Fast Data Transfer .
d. Saving of Time .

I.2.a Resource Sharing

Case 1
We have a 5 computers in an office allocated to different employees . All the
employees have been given a separate printer attached to their computer .
Now it is felt that these employees are not needing an individual printer but
can manage with just one printer .

a. Because it is increasing the cost , i.e. 5 printers have to be bought in place


of one which increases the costs .
b. Because 5 printers encroach 5 times the space in the office .

Solution :- Computer Network .

We can connect all the 5 computers and 1 printer on the network . Now we have
1 printer instead of 5 which helps in saving money and space both .

I.2.b Information Sharing

Computer Networks are used to share information amongst each other . For
example :- Websites. If an organisation or a company wants to share some
information with a large number of people , website is a good solution an
websites can be accessed via internet which is a network itself. Universities
and organisations have their own internal networks for the purpose of
information sharing .
I.2.c Fast Data Transfer

When we wish to send some data from one place to another and if we send it
via a storage medium i.e. a pen drive , we will have to copy data to the pen
drive and send it via post . It will take a long time to reach.

In the other case if the two locations are connected through a network the
same data can be transferred within no time .

I.2.d Saving of Time

Networks also help in saving time . Suppose we wish to withdraw some


money from the bank we now dont have to travel to the bank , we can now
withdraw the money from the ATM machine nearby . Now the ATM machine
is on a Network only .

I.3 Classification of Computer Networks

We can classify computer networks in the ways :-

a. Based on Size
b. Based on Topology
c. Based on Media Used
I.3.a Classification of Computer Networks
Based on Size

Based on
Size

LAN MAN WAN

Based on size we can have following categories :-


i. LAN :- Local Area Network It stands for Local Area Network . The size
of LAN is typically inside a building or at maximum inside a campus .
ii. MAN :- Metropolitan Area Network . It stands for Metropolitan Area
Network .The typical boundary of this is a city or at maximum a small
state .
iii. WAN :- Wide Area Network . This is the biggest of all networks . This
extends across cities , states ,countries and continents .
I.3.a.i Local Area Network
802.3 Bus
802.4 Token Bus
802.5 Token Ring
802.11
802.1Q
A Local Area Network can be further classified in to various categories
depending upon the topology implemented and the protocol used .

I.3.a.i.* * IEEE 802.3 BUS

This protocol represents the communication model bsed on single bus or


backbone on which the whole network runs. In the 802.3 model , mainly the
CSMA/CD protocol is used. CSMA/CD stands for Carrier Sense Multiple Access /
Collision Detection.

There is a common bus connection all the computers on the network . This bus is
the only connection medium between the computers i.e. there is no direct
connection between the computers . There is no transmission sequence or token
system in this protocol. Any computer which may like to transmit may transmit at
any point of time.

The main disadvantage of this network is collisions . Because there is no priority


or schedule for transmission many computers transmit at the same time , which
causes collisions on the bus . Collision means that the data of all the computers
transmitting simultaneously on the bus gets destroyed. This severely hampers
the efficiency of the network. There is another big disadvantage ; the distance to
which the bus can travel is limited by the frame size , because of the Collision
Detection property.

There are four data rates that are supported currently :-

10 Mbps - 10Base-T Ethernet (IEEE 802.3)


100 Mbps - Fast Ethernet (IEEE 802.3u)
1000 Mbps - Gigabit Ethernet (IEEE 802.3z)
10-Gigabit - 10 Gbps Ethernet (IEEE 802.3ae).

All the computers are in contention for the bus equally. If computer named A
has to send data to a computer named X it simply transmits the data on the
shared bus . All the computers on the network are able to listen to this data . All
the computers compare the address on the data with their own address . Only
that computer collects data from the network whose address matches the
address on the data . Rest of the computers ignore the packet.

I.3.a.i.* * IEEE 802.4 Token Bus

This is another implementation of the 802 family of networks . This network also
used a bus as the backbone of the network. The difference between the 802.3
and 802.4 , although both use the bus as the backend is that the 802.4 creates a
virtual ring on the physical bus , which is a coaxial cable .

Now on this virtual ring , token passing mechanism is used for giving authority to
transmit . This is used to avoid collisions which is the main disadvantage of the
802.3 network .

A token is circulated on the ring . A computer now having a token can transmit ,
others cannot . If a computer receives a token and has nothing to transmit , the
token is passed on to the next computer on the virtual ring. Now unlike the 802.3
, where the data is broadcast , here the computer has to know its virtual
neighbours , i.e. the computer on its left and right in the virtual ring.
This basically is a cross between the bus and ring , to derive the advantages of
both . Ring is a more rigid composition in the sense that when a new computer is
to be connected the wires have to be physically connected . But in 802.4 since
the ring is virtual , modifications can be made in the addresses only .

The difference between 802.4 and 802.5 is that the ends of the cable in 802.4
dont meet like they do in 802.5 .

I.3.a.i.* * IEEE 802.5 Token Ring

The IEEE defines in the 802.5 standard , what we call the Token Ring network.
As it is seen there are two words in the name of the protocol. Token and Ring.
Ring is there because the computers or networking devices are connected in the
form of a ring . It means that all the computers are connected to exactly two other
computers on the network. Any computer is connected to the computer on its left
and its right on the network . There are no other direct connections.

The word Token means that the computers use the Token system for
transmission. That is any computer can transmit when it is in possession of a
token, which is a permission to transmit. Otherwise the computers cannot
transmit.

One of the disadvantages is that all the messages have to pass through all the
computers falling in the path. It drastically decreases the speed of
communication . Suppose for example there is a Token Ring Network of 20
computers. Now computer no 2 has to transmit to computer no 12 . All the data
intended for computer no 12 has to go through all the 10 computers in between.
This brings down the transmission speed and eats up valuable bandwidth.
Token Ring is an advancement of the simple Ring. In token ring , the computers
are given a token to transmit. As and when a computer receives a token , it is
able to transmit.

This architecture is originally based upon the IBM Token Ring . The token which
is passed or circulated along the ring is itself a fame. When a node has to send
any information , and it receives a token , it alters the token and appends the
information to it. Now there is no token on the network . Now this frame finally
reaches to the original sender . The sender can check from the frame whether
the receiver has copied the information or not.

It is a deterministic type of network i.e. maximum time between the transmission


and reception can be calculated .

I.3.a.i.* * 802.1Q VLAN

VLAN Stands for Virtual Local Area Network . It can constitute more that one
network devices / LANs which logically connected to each other . Logically
Connected means that the LANs are configured in such a manner that the user
feels that the computers or the networking devices are connected on the same
backbone .

The IEEE standard no for VLAN is 802.1Q.

The real advantage of VLANs is that because the VLANs are based on logical
rather than physical connections , VLANs provide high degree of flexibility in
terms of bandwidth and resource optimisation .

The various types of VLANs are as follows :-

1. Port-Based VLAN
2. MAC-based
3. Protocol-based
4. ATM based VLAN

I.3.b Classification of Computer Networks


Based on Topology

Based on
Topology

STAR RING BUS

FULLY
CONNECTED
Figure :- Classification Based On Topology

I.3.b.i Classification of Computer Networks


Based on Topology
Star Topology

a. Star Topology is named so because the computers when


connected in this configuration look like a Star .
b. All the computers are connected to one central computer.
c. No computer is connected to any other computer other than the
central computer .
d. Any computer if wants to communicate with any other computer
has to go through the central computer .
e. This kind of topology is useful where there is requirement of one
central computer like Railway Reservation .

Figure :- STAR Topology .

I.3.b.ii Classification of Computer Networks


Based on Topology
Ring Topology
a. Ring Topology is named so because the computers in this topology
are connected in a ring .
b. In a Ring there communication is only in one direction .
c. Suppose if the direction of communication is towards right , any
computer can communicate to the computer immediately to its right
.
d. But it cannot communicate to the computer immediately to its left .
e. The message has to go through the ring towards Right and travel
the whole ring to reach the left computer .

Figure :- Ring Topology .


I.3.b.iii Classification of Computer Networks
Based on Topology
Bus Topology

a. In this configuration all the computers are connected to a common


backbone called the BUS .
b. All the computes can transmit DIRECTLY to all other computes .
c. The only problem is that if two or more than two computers transmit
at the same time , then there can be a data collision on the
network.
d. But there is a solution to this problem called CSMA/CD.
e. It stands for Carrier Sense Multiple Access/Collision Detection .
f. This technology enables all the computers to transmit on the same
common BUS.

Figure :- BUS Topology

I.3.b.iv Classification of Computer Networks


Based on Topology
Fully Connected Topology

a. This is an ideal configuration .


b. But this is not practically implementable because we cant physically
connect each computer on a network to every other computer on
the network.
c. It will create very large number of physical cable connections.

No of Computers No. of Cables


2 1
3 3
4 6
5 8
And so on

Figure :- Fully Connected Topology

I.3.c Classification of Computer Networks


Based on Media Used

Based on Media Used to


connect

Wired Wireless
Media Media

Metallic Fibre Optic Infrared RF


Cable Cable

Figure :- Classification Based on Media

We can classify the networks based on media used . The networks can be either
wired or wireless networks .
The wired networks can be connected either using Metallic Cables i.e. Copper
Cables. The cables can be Co-Axial Cables , UTP Cables etc. Or the Network
can be connected using Fibre Optic Cables.

The wireless networks can be connected using either Infra Red medium or Radio
Frequency. The problem with Infrared is that it gets affected by variations in
temperature. Also Infrared is line of sight communication , It cannot pass the
obstructions that come in the way. Radio Waves are a better medium for
communication . Both the problems mentioned in Infrared are not there with
Radio Waves.

I.4 Examples of Some Networks

a. Internet
b. Cable TV network .
c. University Intranet .
d. Mobile Phone network.

I.5 Networking Devices

a. Router
b. Gateway
c. Bridge
d. Hub

I.5.a Router

Routers are the devices which are used to route the packets on the
internet. When we send a packet to particular destination , we write the
address of the sender and receiver on the packet. Just like in the postal
system we have sorting clerks who read the address on the envelope and
decide in which direction the packet has to go , On the internet we have
routers . Routers read the address on the packets and decide in which
direction the packet has to go.
Routers are networking device working on specific protocols . These
protocols can be adaptive and non adaptive depending upon the
configuration .
I.5.b Gateway

Gateways are devices which interconnect two DIFFERENT types of


networks . What is meant by different is that the networks are running
different protocols. The job of the gateway is convert one protocol into
another.
Suppose there is a situation that data coming from one network running
protocol A has to go to a network running protocol B . Now the other
network will not be able to understand the data because of protocol
difference . So there is needed a device which can convert the data from
protocol A to protocol B. This job is done by a Gateway.
I.5.c Bridge

Bridges are used to connect two networks , but running the same basic
protocol , maybe with slight differences . Brides sort out the differences
between the variants of a protocol running on different networks being
connected. For example to connect 802.3 , 802.4 and 802.5 networks we
make use of a bridge. Because essentially these three are LAN Protocols
with differences due to topology and transmission mode.

I.5.d Hub

Hub is a device that provides a backbone to multiple devices on the Ethernet .


Logically in Ethernet (BUS network as studied above) we have a common bus
which connects all the computers to all other computers . But in practice it is
not possible to physically have a cable running through the room or building
to which all the computers are connected. So the hub was invented. Hub is a
small rectangular device with multiple connectivity ports . Multiple computers
can be connected to a hub through these ports . And internally the hub
provides a common backbone to all the computers connected , forming a
BUS network .
A Hub is a very basic device . Whenever a packet is received on one port it is
broadcast to all other ports. It results in collisions . The devices on the
networks have to have the capability to detect collisions. The Hub doesnt
help in detecting any collisions.

HUB
Module II Data Transmission

II.1 Transmission Terminology


II.2 Communication Modes Simplex, Half duplex & full duplex
II.2.a Simplex Communication
II.2.b Half Duplex Communication
II.2.c Full Duplex Communication
II.3 Bandwidth
II.4.a Serial Communication
II.4.b Parallel Communication
II.5.a Analog Data Transmission
II.5.b Digital Data Transmission
II.6 Transmission Media
II.6.a Wired Media
II.6.a.i Co-axial Cable
II.6.a.ii Twisted Pair
II.6.a..iii Optical Fibre Single Mode and Multi Mode
II.6.b Wireless Media
II.6.b.i Infrared Communication
II.6.b.ii Radio Frequency Communication
II.1 Transmission Technology

The term transmission technology means the technology used to transmit data
from one place to another . It involves the technology behind working of various
transmission media , various transmitters and receivers , protocols used to
transmit and receive , type of communication etc . All such aspects are discussed
below .

II.2 Communication Modes


Simplex , Half Duplex , Full Duplex

There are three modes of communication , varying upon how the communication
is taking place between two parties .
a. Simplex
b. Half Duplex
c. Full Duplex

II.2.a Simplex Communication

Simplex Communication means that there is only one way communication at any
time . There is only one transmitter and only one receiver . The communication
can happen in only one direction . Although the transmitter can transmit , the
other party cannot respond at that time or at any other time later .
TRANSMITTER RECEIVER

Simplex Communication

II.2.b. Half Duplex Communication

In the case of half duplex communication , both parties can send and receive ,
but the constraint is that they can do it one by one . They cant transmit and
receive at the same time .
When one party is transmitting the other party has to listen , and if the other party
wants to transmit , it can do only after the first party has stopped transmitting .
This type of communication is better than the simplex communication method .
Here both parties can transmit and receive.
E.g. Walky Talkie Communication .

1
TRANSMITTER RECEIVER
2
3
4
5
6
7
8

Half Duplex Communication


Parties communication one by one
II.2.c. Full Duplex Communication

Full Duplex Communication is the best of the three modes of communication . It


enables both the parties to simultaneously transmit and receive . It saves a lot of
precious time . This method is also user friendly.

In this mode the same channel is used for transmission and reception by both the
parties .
e.g. Telephone Communication .

TRANSMITTER RECEIVER

Full Duplex Communication

II.3 Bandwidth

In parlance of networking bandwidth means the data carrying capacity of the


channel . It defines the speed which the channel can carry data. Bandwidth is
defined in Mbps.
E.g. If we say that the channel bandwidth is 20 Mbps . It means that the channel
has a data carrying capacity of 20 Mb in one second.
II.4.a/b Serial and Parallel Communication

These are two modes of communication if we see whether the communication is


happening parallely or serially . We can send data in two modes , either the data
can be transmitted from one place to another in parallel mode or it can be
transmitted in serial mode.

There are respective advantages and disadvantages of each mode over each
other.

Following diagrams show parallel and serial communication.

TRANSMITTER RECEIVER

Pn+2 Pn+1 Pn P3 P2 P1

Serial Communication
(Packets travelling one by one )
TRANSMITTER P1 RECEIVER

P2

P3

Pn

Parallel Communication
(Packets travelling in parallel at same moment )

Sino. Parallel Communication Serial Communication


1. All the packets travel together in The packets travel one by one .
one go.
2. Due to parallel transmission the Due to serial transmission the
communication is faster. communication is slower .
3. More wires are needed for Only 2 wires are needed for
communication. communication .
4. Protocol for transmission is easier . Protocol for serial communication is
complex .
5. E.g. LPT port in computer E.g. COM Port in computer .

II.5.a/b Analog and Digital Data Transmission

In the old times the communication technology was Analog . Analog


communication means what ever is recorded is transmitted as it is . i.e. in the
case of a analog communication , what the user speaks is sampled and
transmitted as it is.
But in case of Digital Communication , the sample is converted into a digital code
. This digital code is now transmitted in place of the actual sample.

There are many advantages of Digital Communication over Analog


Communication .

1. In analog communication , the chances of distortion in the signal are more as


compared to the digital communication .
2. When the communication is long range , it is required to boost the signal at
regular distances .
In case of analog comm. to boost the signal , we use amplifiers , which are
analog devices. The problem with amplifiers is that the distortions in the signal is
also amplified , which causes further distortion . In Digital Comm. we use
repeaters to do the job. The best thing about the repeaters is that they
REGENERATE the original signal , due to which the distortion in the signal is
NOT transmitted further .

DISTANCE AMPLIFIER

Original Distorted Amplified


Signal Signal Signal

Analog Communication .
(Distortion is also amplified with signal)
DISTANCE REPEATER

Original Distorted Regenerated


Signal Signal Signal

Digital Communication .
(Distortion is NOT present in repeated signal

3. In digital transmission facility of error checking is there , which enables us to


see if there is error in transmission , and if there is , it can be corrected . This
facility is not present in analog communication .
II.6 Transmission Media

Transmission Media

Wired Wireless
Media Media

Metallic Fibre Optic Infrared RF


Cable Cable

Co-axial Twisted Single Mode Multi Mode


Cable Pair
II.6.a.i Coaxial Cable

Image Source :- WWW.

Coaxial cable, or coax, is a cable used for carrying electrical signals. It has two
conductors , namely inner conductor and outer conductor. The inner conductor is
surrounded by a di-electric insulator , and the outer conductor is surrounded by
an insulating material .

The outer conductor is in the form of a mesh surrounding the inner conductor
over the di-electric insulator . This outer conductor is called Shield . This outer
conductor is in the form of a mesh or thin wires or at times be made of thin foil.
The outer conductor is connected to the electrical ground of the circuits between
which it carries the signal , to keep it at a constant potential .

It is called a coaxial cable because the axis of both the cables , inner and outer is
same. That is they share the same axis.

Coaxial cables find their used in carrying electromagnetic signals . We can see
coaxial cables carrying signals in our homes . For example:- Cable TV
connection Cable, TV antenna Cable, DTH Cable etc .
What is special about a coaxial cable is that it is relatively free from the outer
interferences because of the electromagnetic field in the coaxial cable remains
inside the outer and inner conductors only . This allows the cable to run for long
distance and alongside metallic paneling inside the buildings with a very low
signal loss.

Coaxial cables due to their excellent signal carrying capacity are used for
carrying radiofrequency signals . These are high frequency signals used for
carrying data from one place to another .

Some special physical features of coaxial cable are its physical strength ,
frequency performance and flexibility. Because the cable may have travel for
long distances (supported or unsupported ) it has to be tough . Also when the
cable runs inside a building there are many turns that the cable has to take to
reach from one place to another so it has to be flexible also.

II.6.a.ii Twisted Pair

This kind of cable contains pairs of 2 conductors ; forward and return conductors
. The main feature of this kind of cable is that using the turns in the conductors
we are able to cancel out the effect of any kind or electromagnetic interference.

In the ordinary type of cable when there is no twisting in the cables , when there
is a source of noise , the noise is induced into both the wires which are running
parallel , equally. This effect gets added up and causes distortion in the signal
being carried by the cable.

In case of twisted pair cables ,the cables are twisted at regular intervals . Due to
this after each twist the cable gets away near the interference source and the
cable away from the source get exchanged. When there is any kind of
interference due to any external electromagnetic source , the effect produced is
equal and opposite in the pair. Due to this equal and opposite effect , the
interference gets cancelled out automatically.

The electromagnetic interference may be due to the other cables passing nearby
, or because of devices like fans , air conditioners etc.

We specify the Twisted Pair cables by how many twists are there in the wire is
defined in twists / meter.

Twisted pair cables are often shielded in attempt to prevent electromagnetic


interference. Because the shielding is made of metal, it may also serve as a
ground. However, usually a shielded or a screened twisted pair cable has a
special grounding wire added called a drain wire. This shielding can be applied to
individual pairs, or to the collection of pairs. When shielding is applied to the
collection of pairs, this is referred to as screening. The shielding must be
grounded for the shielding to work.

Types of Twisted Pair Cables


1. Screened unshielded twisted pair (S/UTP) - All the pairs are shielded
together .
2. Shielded twisted pair (STP or STP-A) - All the pairs are shielded
individually .
3. Screened shielded twisted pair (S/STP or S/FTP) - The pairs are shielded
individually as well as the whole cable is also shielded .

II.6.a.iii Optical Fibre Cables

Fiber optic cables are optical media . It means that the signal carried in such
cables is optical in nature and not electrical . Optical Signal means that the data
is converted into light pulses , and these light pulses behave as carrier for that
data .These light pulses are then carried by optical fiber cables.

The most important feature of the fiber optic cable is extremely high bandwidth
and high speed . The feature that makes so popular is that it can run for long
distances without any amplification for the signal being carried . Fiber optic
cables are today being used to connect tandem exchanges , as transoceanic
cables and providing high speed , high bandwidth carrier for networks across the
world.

The optical fiber transmission system is similar to the electrical data transmission
system . We give data in electronic from the transmitter .The transmitter converts
the electronic signals into light signals or light pulses. For this , a Light Emitting
Diode or LED is used .

On the other end of the cable is a light sensitive receive which senses the light
signals and converts them into electronic signals which can be fed into electronic
circuits on the other end .

The fiber optic cable is like a long water hose coated with silver from inside or
coated with aluminum foil from inside. If light is thrown inside from one end the
light will be emitted from the other side even after so many bends in the hose.

Fiber optic cables work on the principle of total internal reflection . This principle
states that when the angle of incidence of light exceeds the critical value , the
light is fully reflected back form the surface of glass.

Types of Fiber Optic Cables :-

1. Single Mode
2. Multi Mode

Single Mode cable means a single strand or fiber . It has a small diameter than
the multimode fiber only one mode can propagate through this cable. The light
source should be very narrow for the light to travel in this cable. Single mode
fiber gives higher data rates than multimode fiber. And data can travel about 50
times longer in this kind of cable than multimode cable . it is because of single
thin core that almost ends the possibility of overlapping of light pulses which may
cause dispersion.

Multi-Mode cable has bigger diameter than single mode cables. It provides good
speed but a medium distances . More than one modes of light can travel in the
fiber at the same time . Although it gives high speeds , but also shortens the
distances to which the data can travel without distortion. Due to many multiple
paths of light travelling in the same fiber , there can be dispersion in the signal.

Today the mobile phone companies, fixed line companies, internet service
provider companies are rapidly replacing copper by fibre. And the fibre optic
cables are expected to reach every household in future . And the industry will
have to provide fibre to every household because of growing bandwidth needs of
the users all across the world .

II.6.b.i Infrared Communication

Infra red rays are used in short range data transmission . It is mainly used in
transmission between computer and peripherals , or today between mobile
devices. IR communication is most popularly used in TV remote control operation
.

The transmitter contains a Light Emitting Diode which emits light in the Infra Red
frequency . This diode is provided by an electronic signal to be transmitted A
modulator is attached to this LED. The job of this modulator is to modulate the IR
signal (to be produced by the diode ) according to the electronic signal provided.

On the receiving end on the TV is a IR light sensitive diode called a Photodiode


This diode is sensitive to the signals produced by the IR Diode . When the signal
falls on this photodiode this diode passes on the signals to the demodulator
attached to it. The job of the demodulator is to decode the signal received

The receiver is responsive to the signal send by the receiver only because it acts
only if there is a fast changing IR signal falling on it . It is not affected by the IR
present in the ambient light .

The advantage of the IR is also its disadvantage . The IR signal cannot penetrate
walls or any other obstruction like furniture etc.

This makes it popular for home Television remote control operation as remote
control of one TV in one room will not affect the Television in the other room.

But it is also its biggest disadvantage because it is a line of sight transmission


and if anything comes in between the transmitter and receiver , the
communication fails .

II.6.b.ii Radio Frequency Communication

RF range is a subset of the electromagnetic spectrum . The range of the subset


is from 3KHz to 300GHz .These radio signals are modulated and used as
communication media . For example , big organisations that have a huge
requirement for bandwidth cannot access the internet on telephone lines .They
take this facility through the Microwave setup . The antennas can be seen on the
rooftops of the buildings . The advantage of he radio communication is that it is
not line of sight communication like IR and is also better than wired because
wires have to be buried under for which lots of digging has to be done . No
digging is required in the case of RF .
Module III OSI Layer concepts and Functions

III.1 Introduction to the OSI Model


III.2 The Seven Layers of OSI Model
III.3 File Transfer Protocol & Trivial File Transfer Protocol (TFTP )
III.4 TELNET
III.5 Remote login
III.6 Electronic Mail (Email
III.7 SNMP
III.8 POP
III.9 UDP

III.1 Introduction to OSI Model

The OSI model stands for Open Systems Interface Reference Model . This
model is a reference model which provides a detailed description of how the
networks work . The model is used to understand the various functionalities of
the networks and networking devices the software that makes the networks run.

It clearly divides the networks into seven layers . These layers are nothing but
separate areas / functionalities of the networks . All these layers can be seen as
different modules of a software which are supposed to perform different jobs.

The seven layers of the OSI model are :-

7 Application Layer
6 Presentation Layer
5 Sessions Layer
4 Transport Layer
3 Network Layer
2 Data Link Layer
1 Physical Layer

All the layers provide some service in the model . A layer is a collection of similar
functions combined together .All the layers provide their services to the layers
above them

This model was given by the ISO or the International Organisation for Standards
in the late 90s . This model contains a reference model which gives seven
functional layers and the protocols used on these layers .

III.2 Seven Layers of OSI Model

The seven layers of OSI model with their functionalities are explained below .

7 Application Layer Applications based on network i.e.


Internet Explorer
6 Presentation Layer Data conversion
5 Sessions Layer Maintenance of sessions between
communicating nodes
4 Transport Layer End to End connectivity
3 Network Layer Network Addressing
2 Data Link Layer Link to Link connectivity , Flow
Control and Error Control
1 Physical Layer Physical Media carrying the signals
Physical Layer

The physical layer contains the physical medium which is used to transmit the
data from one place to another .It contains the details such as parallel / serial
communication , amplifiers , repeaters , wires used as carriers . It also defines
the voltage and current levels that are predefined for transmission between two
parties.

The protocols such as RS 232 form a part of the physical layer only . RS232
defines the handshaking procedures , voltage and current levels , transistor logic
used and clock used. In case of signals that are to be transmitted over analog
medium , the modems which perform modulation and demodulation are also a
part of the physical layer . The physical layer specifies the modulation details .

Data Link Layer

The job of the Data Link Layer is ensure the delivery of data from one link to
another . I is a link to link layer . It is not an end to end layer. If there are more
than one computers between the source and destination , the data link layer
works between any two directly connected computers. The data link later of the
computer 1 will talk to the data link layer of computer 2 and the data link layer of
computer 2 will talk to the data link layer of computer 3 and so on. The data link
layer of the computer 1 will never be able to talk to the data link layer or 3 or 4 or
any other computer .

This is what is meant by link to link connectivity. There is no end to end


connectivity in this layer .

The two major jobs of the data link layer are 1. Flow Control and 2. Error Control
.
Flow control means that the layer has to ensure that all the packets which have
left the transmitter have reached the receiver .

Flow control means providing synchrony between the sender and receiver . It
means that if the speed of transmission of the sender is more than the reception
speed of the receiver , the packets will be overlapped.

Suppose the sender sends 10 packets in 1 second , and the receiver receives
only 5 packets in 1 second , it means that 5 packets will be lost in each second .

It is the job of the Data Link Layer to ensure that this does not happen . This is
called Flow Control .

Many protocols are used for this purpose . For example :-

Stop and Wait Protocol .


Sliding Window Protocol .

Stop and Wait Protocol

This is a Flow Control protocol. Under this protocol the sender sends one packet
to the receiver , waits for the acknowledgement from the receiver . It doesnt
transmit again until and unless the acknowledgement is received from the
receiver .
PKT
S R
E E
N C
D ACK I
E E
R V
E
R
PKT

Stop & Wait Protocol

Sliding Window Protocol

The problem with the Stop and Wait Protocol is that , a lot of time is wasted in
waiting for the acknowledgment to come back . The Source can transmit only
after the acknowledgment is received . It takes up the time of packet reaching the
destination and the acknowledgment travel time back from the destination .

To make things better another protocol called the Sliding Window Protocol is
used . Under this protocol we create a sliding window of packets .

a. whenever a packet leaves the sender , the window is moved clockwise


b. Whenever an acknowledgement is received , the window is moved
anticlockwise .
c. The window can move unto a predefined maximum .
d. This helps in effective flow control
Sender 0 Pkts Sent Sender 1 Pkts Sent Sender 2 Pkts Sent

Sender 2 Pkts Sent


& 1 Ack recd.
Sliding Window Protocol

Network Layer

The network layer is a layer which as the name suggests concerned with
networking and its main jobs are network address resolution and routing . The

network layer can be compared to the sorting clerks and the postmen on the
postal system .

The Network layer is serviced by the Data Link Layer below and the it in turn
services the transport layer .

The Network Layer devices are also entrusted with connecting two different types
of networks . What we mean by two different type of networks is that networks
running two completely different protocols.
Network layer devices are supposed to connect these two networks . It involves
Protocol Conversion . This job is performed by a network layer device called
Gateway.

The most popular protocol running on the network layer is the Internet Protocol.

The routing job is performed by executing Routing Algorithms , which can ne


adaptive and not adaptive .Some of the routing algorithms are :-

a. Shortest Path Routing

b. Distance Vector Routing

. Link State Routing .

Transport Layer

The Transport layer is the 4th layer from bottom,. It is an end to end layer . The
job of the transport layer is to ensure flow control and error control between end
to end computers . i.e. first Source computer and the last destination computer .
If some part of the data has not reached the destination the transport layer
resend the data.

All the jobs are performed using various protocols on the transport layer . Some
of the protocols are :-

a. Transmission Control Protocol


b. User Datagram protocol
Session Layer

This is a layer responsible for maintaining the various sessions on the computer.
We can be connected to more than one computers on the network . One to one
connection or session is maintained by this layer . The start and end of sessions
is managed by this layer . all the sessions are opened and closed according to
preset procedures .

Presentation Layer

The presentation layer as the name suggests is involved in the presentation of


data . the upper layer , the Application layer is serviced by the presentation layer
. It understands the syntax of the upper layer and the syntax of the data which is
coming from the lower layer. The job of the presentation layer is to convert this
data to make it understandable for the application layer .

This provides a platform for conversion of various formats of data from one form
to another. It provides help in the compatibility issues . Today we are using
Unicode , earlier we used ASCII , EBCDIC . This layer can convert the codes
from one notation to another .

Application Layer

The topmost layer of the OSI model is the Application Layer . It is the layer with
which the user interacts . Some of the implementations of the Application Layer
are Simple Mail Transfer Protocol , File Transfer Protocol , HTTP .
III.3 File Transfer Protocol

It is a protocol of the network layer . the FTP is used to access files on a network
. The FTP is used on networks based on TCP/IP model.

The earlier versions of TCP were command based but now graphical user
interface based versions of FTP are also available . FTP protocolsis used to
access remote computers .

III.3 Trivial File Transfer Protocol

TFTP stands for Trivial File Transfer Protocol (TFTP) . It is same as the FTP
but with limited functions in it . The main advantage is that it can be implemented
using small memory. It found its application in the old days as computer internal
memory was limited . Just like FTP it is used to transfer files .There are 3
transfer modes in TFTP today . Because of being smaller in size it has its own
disadvantages also like it cannot display directory listings , cannot download files
up to a size of 1 Terrabyte and has no security mechanism .

III.4 Telnet

Telnet stands for Teletype Network . Telnet can be used on the operating
systems command line interface .This protocol can be used on the internet . It
was developed in the late 1960s . Telnet versions are available for all operating
systems . It is a client server based protocol and is a connection oriented
protocol . Telnet lags behind in the security issues as telnet doesnt support
encryption of data while transmission . It also doesnt have support for
authentication .

III.5 Remote Login

Remote Login means logging into a computer which is at a frmote location.


Remote login is very popular because of its many advantages . WE can control a
device sitting in Antarctica from our home location , we can copy files from office
computer sitting at home , even the system administrator can access all the
computers employed in the company from one single location for any kind of
troubleshooting issues . We can login in to a remote computer on an internet
connection , or on our local area network directly.

Many operation systems today have built in remote login tools . When we
purchase the operating system we get the tools free with the operating system .
III.6 Email

Email is the concept of transferring messages using network. There are servers
on the internet which store messages in between and then relay it forward as and
when possible depending upon the situation of the network.

There are email servers on the internet , who provide user wither a certain
amount of space on the hard disks . The space can be in the form of a folder on
the server . When someone wants to send the mail to a particular user , the
unique id provided to that person by his/her email server is used . The id is
attached to the message that is sent . Emails today can carry multimedia content
also other than text content . This has been made possible due to the MIME ,
Multi-Media Mail Extension. Today the mail transmission is done using the
SMTP , Simple Mail Transfer Protocol Other protocols used for emailing ae :-

IMAP
POP3
SMTP
UUCP
X400

Email is a very useful tool today because of the following fetures :-

1. 24X7 availability
2. Mail can be sent from any location , office or home .
3. Speed of transmission , mail reaches in seconds or at maximum munutes
to the intended recipients.
4. email is free , there is no postage cost , as ion postal system.
5. We can send photographs along with text content accurately without
distorting the quality of the image . In case of fax the quality of the image
gets distorted.
6. The mail can be retrieved from any location in the world .
7. The identity of the user is kept secret .

III.7 SNMP

SNMP stands for Simple Network Management Protocol (SNMP) . It is


network protocol . This protocol as the name suggests is used in networks for the
management of network devices . The devices connected on the network can be
administered through the simple network management protocol by the network
administrator .

III.8 Post Office Protocol

POP stands for Post Office protocol . This is a protocol which is uded o the
internet on the application layer . This protocol as the ame suggests is used for
the purposes of mailing .

The pop protocol is used for downloading emails from the email server by the
local computer software .

The versions of Post office protocol aer :-

. POP3

. POP4 :- Future version .

The specialty of the POP protocol is that using the pop , emails can be
downloaded to the local computer . The advantage derived out of this is that we
dont need to connect to the internet 24x7 to view the mails . Suppose we have
internet connection at office , we can see the mails at office . Now when we
reach home and want to view the mails we again need internet connection ,
which is not available . so we cannot view the mails at home .

This is where the pop comes in . The pop protocol allows the user to download
the emails in his laptop in the office , using a local email client like Microsoft
Outlook . Now the mails are in the laptop and not the internet server . We can
view these mails for all times to come , now . and internet connection is not
required as the mails are locally available on the laptop.

Another such protocol gaining popularity today is IMAP , internet Message


Access Protocol. The IMAP is a better protocol than the POP protocol .

III.9 UDP

UDP stands for User Datagram Protocol . Using UDP as the name suggests ,
the computers can send messages on the internet . The messages in UDP are
called datagram . The UDP works on a network supporting the IP internet
protocol. It doesnt support reliable service . The service supported by UDP is
unreliable type. Error checking and correction is not supported in UDP.

UDP is typically used in applications which are time sensitive. Here the user can
afford to have error but not delay in the reaching of packets. For error checking
some other protocol has to be used .

UDP supports multicasting and broadcasting or data packets on the network.

For example video and voice are the kind or data which can afford to have
some error or loss in packet sequence but not delay in reception . Quality
may go down for a small interval due to the above mentioned problems
but the continuity of the video is not broken which is important.
Module IV Internet

IV.1 Introduction to internet


IV.2 Internet Technologies
IV.3 Intranet
IV.4 Basis concepts of internet
IV.5 DNS
IV.6 Protocols
IV.7 Services of internet
IV.8 WWW.
IV.9 ATM
IV.10 VoIP
IV.1 Introduction to Internet

A network is and interconnection of computers or other smaller networks .


Internet means Inter Network. Just like that What we call internet is a huge
network of smaller networks connected together . It connects billions or internet
users across the world . Universities , hospitals ,organisations , governments ,
individuals are connected to the internet. It is called mother or all networks
because it is the biggest network in the world.

Today the internet has become a means for many things :-

1. Information sharing by organisations and businesses


2. For doing business ecommerce
3. For sending and receiving messages instantly
4. For Audio calling

Today on the internet , we have very popular :-

1. Newsgroups
2. Blogs
3. Social Networking Sites Face book etc .

On the internet we can reach a particular website by entering a particular IP


address . We can purchase a a domain name with a particular IP address. IT
makes it easy to remember the name of the website. Otherwise we have to
remember the IP address which is very difficult.

On the internet some of the most popular websites are :-

1. Google
2. Yahoo
3. Wikipedia
4. Hotmail etc.

IV.2/4 Internet Technologies & Basic Concepts of Internet

There are many technologies that make the huge internet work . Behind the
scenes there are routers , bridges , gateways , many protocols working to fetch
the desired results . All these things have been discussed in various parts of this
material .

The internet uses the following devices :-

1. Routers
2. Bridges
3. Gateways
4. Hubs
5. Repeaters
6. Switches
7. Network Interface Cards
8. Servers
9. Personal Computers

Some of the protocols used on the internet are :-

1. TCP
2. IP
3. DNS
4. FTP
5. TFTP
6. UDP
7. SNMP
8. POP3
9. IMAP
10. HTTP
11. NFS
12. MIME
13. SSL
14. ICMP
15. IGMP

IV.3 Intranet

Intranet is a network that works inside an organisation. This network is used for
communication and information sharing purposes inside an organisation . This
kind of networks are based on IP . For example the network that connects the
universitys various departments . The departments are connected through an
internal network and not through the internet cloud .

IV.5 DNS

DNS Stands for Domain Name Server . On the internet every location is given an
IP address . Now if a company called Nike creates a website for its customers
and is allocated an IP number . for example , 102.232.299.211 . Now for Nikes
customers to remember this IP address is very difficult . Even if the customers
are able to remember one IP address , there would be hundreds of other
websites which are useful for them , they cant remember the IP addresses of all
the websites . So the researchers evolved a system of assigning a name to each
IP address .

Now when we type Nike.com or Google.com in the address bar in the web
browser , it basically goes to the Domain Name Serve for resolution. The Domain
Name Server checks the name and converts it into the associated IP address.
Then the connection can be made with that IP number.

IV.6 Protocols

Protocol is a set of rules set between two communication parties . It clearly


defines all the parameters of communication . If both the parties follow the
protocol the communication goes smoothly .

For example , if two computer want to communicate with each other , some of
the things that they have to decide before hand are :-

1. Packet Size
2. Organisation of the packet
a. SENDER ADDRESS - DATA RECEIVER ADDRESS

or

b. DATA SENDERS ADDRESS RECEIVER ADDRESS


3. Speed of transmission etc.

All these things are defined in a protocol . The protocols are present and
understood by both the parties .
IV.7 Services of the Internet

Internet provides many services to individuals and businesses :-

1. e-commerce
a. e-ticketing
b. Purchasing on the internet
2. e-governance
a. Filing of Income Tax online
3. Online Education
a. e-Learning
4. Online Medical Check-up
5. Remote Login
6. Text/Audio/Video Chatting
7. email
8. Information Sharing through websites
9. News groups / Blogs
10. Social Networking Sites etc .

IV.8 WWW

The WWW stands for World Wide Web. It is smaller part of the mighty internet ,
and is essentially an interconnection of documents in Hypertext format . It has
become the biggest collective pool of knowledge today . It contains text , audio ,
and video .
IV.9 ATM

ATM stands for Asynchronous Transfer Mode. It is a digital transmission


technology. The ATM is employed on the Network Layer . This is a standard
developed for transmission of audio and video. This switching technique is based
on sell switching .

IV.10 VoIP

VoIP stands for Voice Over Internet Protocol . Normally for voice there used to
be separate telephone networks all across the world . It was thought of using the
internet for voice transmission , since it would provide cheaper mode of
communication .

Thinking on the same lines the VoIP protocol was developed. This protocol as
the name suggests is involved in transmission of voice over IP networks . It is
also called IP telephony or alternatively Internet Telephony .

IV.11 Network Design

Network Design is a process via which the network administrators ensure


optimisation of the network in terms of resources and operation.

Network design involves business aspects , network planning and asset


resourcing . These are called the different layers of network design .

The network design involves three major stages , Namely :-

1. Topological Design
2. Network Synthesis
3. Network Realisation

1. Topological Design means designing the topology of the network .


Various topologies are considered before a particular topology is decided .
Topologies are rated upon bandwidth utilisation . The physical location of
devices like routers and switches is optimised in this stage.
2. Network Synthesis: In this stage the network designer determines the
components to be used according to the GoS , i.e. Grade of Service . GoS
is a performance criteria which is used to define the quality parameters of
networks. Non Lenier optimisation is used to find out the required
parameters in this stage.

3. Network Realisation: In this stage the designer is involved with capacity


requirements and reliability issues of the network. MFO method is used to
determine the required parameters like demand , costs etc.
Module V Network Security

V.1 Virus
V.2 Worms
V.3 Trojans
V.4 Spyware
V.5 Anti- Spyware
V.6 Anti Virus
V.7 Firewall
V.8 Hacking
V.9 Cracking
V.10 Cryptography
V.11 Digital Signatures
V.1 Virus

Although its name is same as the biological virus , it is nothing but a computer
program written by a software engineer with a malicious intent . This program
can do many types of damage to the information stored in the computer and
even the hardware in some cases if direct access to hardware is provided .

It is called a virus because it has the capability to spread , it can copy itself and
spread via the removable storage devices we use to move data or on a network.
It can spread through Pen Drives , Floppy Disks , Hard Disks , CDs i.e. any
storage device.

One of the most notorious of the viruses have been the boot viruses . The virus
would install on the boot sector of a floppy or hard disk knowing that the boot
process takes place from the boot sector . Whenever the computer would boot , it
would run this virus unknowingly .

A virus attaches it self to a host program which looks innocent to the user . The
user runs the host program and when it happens the virus code also gets
executed with the program . The viruses are memory resident and non memory
resident in nature.

Some of the most notorious viruses ever are :-

1. Elk Cloner (1982)


2. Brain (1986)
3. Morris (1988)
4. Melissa (1999)
5. Love bug (2000)
6. Code Red (2001)
7. Blaster (2003)
8. Sasser (2004)
Threats according to Symantec.com(The following table has been taken from
Symantec.com(http://www.symantec.com/business/security_response/threate
xplorer/threats.jsp ) )

Threats
Name Type
Packed.Generic.294 Trojan
Trojan.Zbot!gen6 Trojan, Virus, Worm
Packed.Generic.292 Trojan
Trojan.Arugizer Trojan
W32.Pilleuz!gen4 Worm
Trojan.Mozipowp Trojan
Packed.Generic.290 Trojan, Virus, Worm
W32.Scrshotvid Trojan, Worm
Trojan.FakeAV!gen20 Trojan
Suspicious.SecTool Trojan, Virus, Worm
SymbOS.Exy.E Worm
W32.Pilleuz!gen2 Worm
Trojan.Digitala Trojan
W32.Spybot.AVEO Worm
Trojan.Pcprotector Trojan
W32.Gammima.AG!gen4 Virus, Worm
Bloodhound.Exploit.315 Trojan, Virus, Worm
Bloodhound.Exploit.316 Trojan, Virus, Worm
W32.Xpiro.B Virus
Bloodhound.Exploit.314 Trojan, Virus, Worm
Trojan.Downexec.G!inf Trojan, Worm
Trojan.Gen Trojan
Infostealer.Saluni Trojan
Bloodhound.Harakit Trojan, Virus, Worm
Bloodhound.Exploit.233 Trojan, Virus, Worm
Packed.Generic.176 Trojan, Virus, Worm
Bloodhound.Exploit.238 Trojan, Virus, Worm
LivePlayer!gen2
Trojan.Vundo!gen5 Trojan
Trojan.Thuxeme!inf Trojan
W32.Pykspa.F Worm
Packed.Generic.287 Trojan, Virus, Worm
Trojan.Zeloaces!inf Trojan
W32.Koobface!gen3 Trojan, Virus, Worm
Suspicious.Insight
W32.Changeup.B Worm
W32.Changeup!gen2 Trojan, Virus, Worm
Trojan.FakeAV!gen19 Trojan
Trojan.Patchload.A!inf Trojan, Virus, Worm
Backdoor.Mulkerv Trojan
Trojan.Zefarch!gen Trojan, Virus, Worm
Trojan.Wuwo Trojan
Trojan.FakeAV!gen18 Trojan

V.2 Worms

Computer worm

A worm spreads through a computer network. It is like a computer virus a


computer program. The specialty of this program is that it has capability to
replicate itself. Worms infect networks by replicating themselves and transmitting
their multiple copies to all the nodes connected on the network .
There can be many harms that the worm can inflict . Even if it doesnt do any
explicit harm to the network , because of sending hundreds and thousands of
copies of itself on the network , it eats away the bandwidth on the network.

If he network is busy sending copies of the worm from one place to another , it is
obvious that it will not be able to send the legitimate traffic across. It brings down
the quality of service of the network. It also causes denial of service to the
customers logged into the network .

Other than this the worm can be designed to do actual harm to the systems . It
may delete or alter the files it comes across .

The following is a list of current worms , taken form (albionresearch.com )(


http://www.albionresearch.com/disaster/virusesandworms.php)

Top Ten Viruses/Worms Last Month (from Sophos)

Troj/Invo-Zip 1 New Troj/Invo-Zip 12%


W32/Netsky 2 3 W32/Netsky 9.5%
Mal/EncPk-EI 3 Re-entry Mal/EncPk-EI 7.8%
Troj/Pushdo-Gen 4 2 Troj/Pushdo-Gen 6.3%
Troj/Agent-HFU 5 1 Troj/Agent-HFU 5.6%
Mal/Iframe-E 6 5 Mal/Iframe-E 5.5%
Troj/Mdrop-BTV 7 Re-entry Troj/Mdrop-BTV 5.3%
Troj/Mdrop-BUF 8 Re-entry Troj/Mdrop-BUF 4.5%
Troj/Agent-HFZ 9 1 Troj/Agent-HFZ 4.4%
Troj/Agent-HGT 10 1 Troj/Agent-HGT 3.9%

Sophos New/Current Virus/Worm Alerts

8 Mar 2010 Troj/Agent-MRA


8 Mar 2010 Troj/Agent-MQZ
8 Mar 2010 Troj/FakeAV-AXS
8 Mar 2010 Troj/Agent-MQY
8 Mar 2010 Troj/VB-ENN
8 Mar 2010 Troj/Zbot-MV
8 Mar 2010 Troj/Agent-MQW
8 Mar 2010 Troj/Agent-MQX
8 Mar 2010 Troj/FakeAV-AYX
8 Mar 2010 Troj/FakeAV-AYW

Some of the Most Notorious worms in history

10. ILOVEYOU 2000


11. CodeRed
12. Sircam
13. Nimda
14. BadTrans.B Worm
15. Klez
16. Chrisma Worm
17. Morris Worm

V.3 Trojans

Computer Trojans are as the name suggests malicious code hidden behind an
innocent looking program . It is a malware intended to damage the recipient
computer . It in the front appears to perform a particular needed job but at the
back end makes way for unauthorised access to the host computer .

Why the name Trojan Horse ?


It finds the answer in Greek mythology. The Greeks had been seiging Troy for
many years , but were not able to capture it . Finally they thought of a trick . They
made a huge wooden horse and left it outside the gates of Troy . The Trojans
thinking that the Greek had left , pulled the horse inside the city gates. The
Greeks had hidden soldiers inside the horse who came out in the night and
opened the gates of the city for the rest of the army to enter .

Hence the name computer Trojan , because this also does the same thing . It
enters the system seeming as something else and at the back performs security
breach.

Trojan horses are used by hackers to gain access into a machine without the
permission of the user . Normally when we visit some websites which are
malicious in nature , the Trojan horse gets downloaded or may come from an
infected source .

The Trojan gets installed in the computer and later on helps the hackers to gain
access into that computer , just like the Greek mythology Trojan Horses .

The hacker can operate the machine almost as its own. Any information can be
stolen from the machine , files can be destroyed , information like when user
visits bank accounts or email accounts etc can be copied by the hacker .

Some of Worms affecting windows systems . (List taken from


http://www.simovits.com/trojans/trojans_workson.html , Complete list can be
seen on the same website )

1. 3D Tetris ,
2. 3troj ,
3. 7th Sphere
4. 8fish
5. Abuser
6. ABX
7. Achtung!
8. Acid
9. Acid Alliance
10. Actx
11. Admire
12. AdonAi
13. Alien Spy
14. The Freezer
15. The Hobbit Daemon
16. The Internet Spy And You
17. The Invasor
18. The IP Spoof
19. The Killer Trojan
20. The Nix
21. The Prayer
22. The ReVeNgEr
23. The Ripper .

V.4 Spyware

Just like virus or worms Spyware also comes under that category of Malware ,
which means that it is a code or program written for doing some damage to the
computer .

Although the working of spyware is different from the other two types of malware
mentioned.

Spyware as the name suggests is used to spy into a system . The job of the
spyware is to silently sit inside the host system and observe the activities of the
system .
Spyware like the real world spies does nothing suspicious so as to keep its
presence hidden . It doesnt do any type of damage to the computer system so
that the user doesnt get suspicious and try remove the spyware from the system
.The success of the spyware lies in its hiding . Once the spyware is detected , it
becomes of no use.

When we visit some malicious web sites , although we may or may not know it ,
the spyware gets downloaded from the website to our computer . It may also
come from other sources like detachable storage devices etc.

Spyware sits quietly in the system and copies all the relevant information being
input and processed. Suppose a user is logging on to a bank called Citi Bank .
Once the website of the bank opens , the user id and login password is input .
After that if the user wants to do a financial transaction , the transaction
password has to be entered . All this information is quietly registered by the
spyware .

One find morning when the spyware finds that there is no activity in the system ,
presuming that the user is away, the spyware sends all the information recorded
from the users computer to its parent i.e. probably a hacker somewhere on the
internet . The information may be transmitted even while the user is using the
system .

Once the hacker has the users information , like bank name ,login id and
password , nothing can stop the hacker from transferring the money from that
account to anywhere else.

List of Some Known Spyware ( List taken from :-


http://home.earthlink.net/~doniteli/index73.htm#list , Complete list can be seen at
the same web site . )

1. MP3 Grouppie
2. MP3 Mag-Net
3. MP3 Renamer
4. Mp3 Stream Recorder
5. MP3INFO-Editor
6. Live Antispy (Try RogueRemover)
7. LivePaper
8. Loan Calculator Plus
9. LOL Chat
10. Infinite Patience
11. InfoBlast
12. InnovaClub
13. InstallZIP
14. Add/Remove Plus!
15. Add/Remove Plus!
16. Address Rover 98
17. Admiral VirusScanner
18. Advanced Call Center
19. Advanced Maillist Verify
20. AdWizard
21. Octopus
22. Of The Day Quizzer
23. Onflow (Thanks Spike)
24. Oxide Demo
25. Photocopier
26. PicPluck
27. Pictures In News
28. Ping Thingy
29. PingMaster
30. PKZip
A list of spyware can be seen at:- http://www.spywaredb.com/spyware-list-1/
.

V.5 Anti Spyware

The Job of anti spyware is as the name suggests to fight with the spyware . Anti
Spyware has following functions :-

PREVENT
SPYWARE FROM
ENTERING SYSTEM

DETECT ANY
JOBS OF SPYWARE IN THE
ANTISPYWARE SYSTEM

REMOVE THE
SPYWARE FROM
THE SYSTEM

PREVENTION

The first and foremost role of any Anti Spyware Software is to prevent the entry
of the spyware into the system . Whenever the system downloads something
from the intent or copies some matter from the removable storage media the anti
spyware can check the files being downloaded or copied for traces of any kind of
spyware . If found it can stop copying of downloading process .
DETECTION

The second role of detection comes into play because of the following two
reasons :-

1. When the system was bought the Anti Spyware Software was not
loaded in the system . Some time has passed between the system
creation and installation of the Anti Spyware Software . This has
caused lapses in the security of the system . Now if the Anti
Spyware Software is installed in the system , the Anti Spyware
Program , cannot assume that there has been no infection in the
period when the anti spyware was not present in the system . It
presumes that an infection has been there so when we finally install
the Anti Spyware in the System , we run the program to DETECT
any spyware in the system . Therefore the need to have the
DETECTION Function arises .
2. In the second case the detection is required because , every day
new spyware are being created . Once the Anti Spyware is bought
from the company and installed it works on the spyware definitions
that come with the software in that date . The problem is caused by
the new spywares that are coming every day. The solution lies in
regularly updating the Anti Spyware Software . Now whenever the
anti spyware software is updated , a system scan has to be run
because a spyware may have entered the system while the Anti
Spyware Program was not updated . So now the Anti Spyware
Programme does the DETECTION.

REMOVAL

Once the Anti Spyware Program is able to detect some kind of spyware in the
system the job is to primarily remove the spyware from the system. The Anti
Spyware Program informs the user that the spyware has been found , and has
bee removed.

A Screen shot of AVG Anti-Virus Software containing inbuilt Anti Spyware


Software

A screen shot of the Anti Spyware Software showing the tracking cookies caught
in the system during scan .
List of Some popular Anti Spyware Software ( list taken from http://www.2-
spyware.com/anti-spyware)

1. Ad Aware Pro
2. AVG Anti Spyware
3. CheckFlow Anti Spyware 2005
4. CounterSpy
5. Disspy
Doctor Alex
6. DriveHound
7. eAcceleration StopSign Threat Scanner
8. Microsoft AntiSpyware Beta1
9. MyCleanerPC
10. NoAdware
11. Omniquad AntiSpy
12. ParetoLogic Anti Spyware
13. PC Pitstop Exterminate
14. pcOrion
15. PestBlock
16. Prevx1
17. ScanSpyware
18. Trend Micro AntiVirus plus AntiSpyware
19. Yahoo Anti Spy
20. ZoneAlarm Anti Spyware

V.6 Anti Virus

The Job of anti virus is as the name suggests to protect the computer from
Virus. Anti Spyware has following functions :-

PREVENT VIRUS
FROM ENTERING
SYSTEM

DETECT ANY VIRUS


JOBS OF ANTI IN THE SYSTEM
VIRUS

REMOVE THE
VIRUS FROM THE
SYSTEM

PREVENTION

The first and foremost role of any Anti Virus Software is to prevent the entry of
the virus into the system . Whenever the system downloads something from the
intent or copies some matter from the removable storage media the anti virus can
check the files being downloaded or copied for virus. If found it can stop copying
of downloading process .

DETECTION

The second role of detection comes into play because of the following two
reasons :-

1. When the system was first created the Anti Spyware Software was
not loaded in the system . Some time has passed between the
system creation and installation of the Anti Spyware Software . This
has caused lapses in the security of the system . Now if the Anti
Spyware Software is installed in the system , the Anti Spyware
Program , cannot assume that there has been no infection in the
period when the anti spyware was not present in the system . It
presumes that an infection has been there so when we finally install
the Anti Spyware in the System , we run the program to DETECT
any spyware in the system . Therefore the need to have the
DETECTION Function arises .
2. In the second case the detection is required because , every day
new spyware are being created . Once the Anti Spyware is bought
from the company and installed it works on the spyware definitions
that come with the software in that date . The problem is caused by
the new spywares that are coming every day. The solution lies in
regularly updating the Anti Spyware Software . Now whenever the
anti spyware software is updated , a system scan has to be run
because a spyware may have entered the system while the Anti
Spyware Program was not updated . So now the Anti Spyware
Programme does the DETECTION.
REMOVAL

Once the Anti Spyware Program is able to detect some kind of spyware in the
system the job is to primarily remove the spyware from the system. The Anti
Spyware Program informs the user that the spyware has been found , and has
bee removed.

A Screen shot of AVG Anti-Virus Software containing inbuilt Anti Spyware


Software

A screen shot of the Anti Spyware Software showing the tracking cookies caught
in the system during scan .

1. A screen shot of the AVG Anti Virus Software .


2. A Screen shot of the Anti Virus Programs log .
3. A screen shot showing the options that are selectable in the AVG antivirus
software.

4. A screen shot of Anti Virus Software showing list of tracking cookies and virus
caught during scan . For Virus look at the last entry .
Some Popular Anti Virus Software in the market :-

1. Avast!
2. AVG
3. Avira
4. BitDefender
5. Kaspersky Anti-Virus
6. McAfee VirusScan
7. Panda
8. PC Tools
9. Quick Heal
10. Sophos Anti-Virus
11. Symantec Norton AntiVirus/Norton 360
12. Trend Micro Internet Security
13. ZoneAlarm

V.7 Firewall

Firewalls as the name suggests located at the boundary of the network. It is just
like a sniffer dog sitting at the gates who sniffs all the people coming in and going
out .

The job of the firewall is to observe all the movement at the entry and exit ports
of a computer or a network . Any kind of unwanted entry or exit is stopped by the
firewall .

The firewall has following jobs :-

1. Suppose there is a company which is handling sensitive information


, for example a defence company dealing in aeronautical designs .
Now there can be many people working in this company who may
want to interact with friends and family outside the company . The
may do so by writing emails etc . Now the company has to ensure
that nothing relating to the company goes out of the computer
networks .
 Either the company would employ many people who would
sit and read all the emails before the mails can be allowed to
leave the network for outside world .
 OR the company can employ a Firewall , which can allow or
stop emails from leaving the network depending upon the
matter .
 If the email doesnt contain any relevant words pertaining to
the company the email is allowed to leave the network.
 If the emails does contain such words , e.g. missile ,
aeroframe etc. then the mails is stopped from transmission .
 All this is done by a firewall which sits quietly at the network
exit .
2. Another area where the firewall finds its role is when a user tries to
access a particular website . Sometimes it may so happen that the
user is redirected from that website to another website by a rogue
router in the way. If the user is trying to visit Citi Banks website ,
and is fraudulently redirected to another website looking like the
Citis original website , the user may enter all the confidential
information there and may be cheated . This is stopped by a firewall
. If the user is redirected anywhere , the firewall immediately tells
the user about the same . Now it depends upon the user the decide
whether to continue or not.
3. There are many programs that try to access the interenet from our
computer . The user cannot keep a tap over such programs . The
firewall keeps such tap over such programs . Without the explicit
permission of the user the firewall doesnt allow any program to
access the internet. Each time a program tries to access the
internet the user is asked whether to give permission or not . If the
user says no the program is not allowed to access the internet .
This permission granted by the user can be one time or permanent
as chosen by the user.

Following two screen shots show that the firewall is asking for
permission for a particular program to access the internet .
In the following Screen shot it can be seen that many programs have
been given access to the internet . It is showed by a green tick mark.
In the following screen shot it can be seen that some programs denied the
internet access permission . It is shown in a red cross.

4. When there is a program which is trying to access your computer


from outside the firewall immediately informs you that such user or
IP is trying to gain access to your computer . Now it is up to the use
to grant access or not. If the IP is known the access can be given or
else the access is denied . It saves the user from unauthorised
access.

Following screen shot shows the log of the firewall indicating the
connections which have been blocked .
5. Firewalls are also utilised by organisations to prevent the
employees from visiting certain websites . For example in many
organisations the public mail websites are blocked .This may be
due to any reason . But the firewall once directed not to allow a
particular website will not allow access to that website .
List of some firewall software in the market :-

(List from:- http://www.timberlinetechnologies.com/products/firewalls.html )

1. AccessMaster NetWall (Evidian)


2. BorderManager (Novell)
3. BorderWare Firewall Server (BorderWare Technologies)
4. BorderWare Document Gateway (BorderWare Technologies)
5. BorderWare Mail Gateway (BorderWare Technologies)
6. BorderWare Office Gateway (BorderWare Technologies)
7. Cisco Secure Integrated Software (Cisco Systems)
8. Cisco Secure PIX Firewall (Cisco Systems)
9. CyberGuard Firewall for Unixware (CyberGuard)
10. CyberGuard Firewall for Windows NT (CyberGuard)
11. Cyberoam (Elitecore Technolgies)
12. CyberwallPLUS Firewall (Network-1 Security Solutions)
13. Drawbridge (CERIAS)
14. FireProof (Secure Computing)
15. FireSTAR (CyberGuard)
16. Firewall-1 (Checkpoint Software Technologies)
17. Firewall Accelerator Card (Intrusion.com)
18. Fwconfig (CERIAS)
19. GB-100 Firewall Appliance (Global Technology Associates)
20. GNAT Box (Global Technology Associates)
21. Guardian Firewall (NetGuard)
22. HP Praesidium e-Firewall (Hewlett-Packard)
23. Interceptor Firewall Appliance (eSoft)
24. IPACL (CERIAS)
25. IP Filter (CERIAS)
26. IP Firewall (CERIAS)
27. KnightSTAR (CyberGuard)
28. KryptoWall (Utimaco Safeware Systems)
29. Lucent Managed Firewall (Lucent Technologies)
30. NetWall (Evidian)
31. SafeSquid (Office Efficiencies (India))
32. SecureCom 8000 Family (Intrusion.com)
33. SecureCom Linux Gateway (Intrusion.com)
34. SecureZone (Secure Computing)
35. ServerGuard (GenNet)
36. Sidewinder Security Server (Secure Computing)
37. SmartWall (V-ONE)
38. SonicWALL DMZ (SonicWALL)
39. SonicWALL PRO (SonicWALL)
40. SonicWALL SOHO (SonicWALL)
41. SmoothWall (Smoothwall)
42. STARLord (CyberGuard)
43. Tcpr (CERIAS)
44. TIS Internet Firewall Toolkit (Trusted Information Systems)
45. Trusted Gate (TrustWorks Systems)
46. WebGuard (GenNet)

V.8 Hacking

Hacking basically means performing any activity in a computer system or


network that is not authorised by the owner or administrator. It may also mean
making some unauthorized changes to the system .

Hacking is sometimes mis-identified with cyber crime that takes place on then
networks or the internet .

Some organisations today employ hackers to find faults in their software . This
allows them to tap the leaks or the bugs in the software before anybody takes
undue advantage of the bugs and enters into the information system of he
organisation .

Hacking is totally different form cracking which is malicious in nature and should
not be interchangeably used .

V.9 Cracking

Cracking is different from hacking in that it means hacking done with a malicious
intent . It may mea modifying the software in such a as way as to bypass its
security features.

For example we get the pirated copies of many software in the market . These
software have been cracked by the crackers . Sometimes the crackers remove
the security totally and at others they provide the keys that work with these
software . At other times the expiry date is removed form the software so that
the trial version becomes full version .

V.10 Cryptography

Encryption

The human has always felt the need to hide some personal information form the
others . This gave birth to the science of encryption called Cryptography . I
basically means that the information is somehow changed into a form , so that
the person whom it is not intended for cannot understand it .

The process of changing the information into such an un-understandable form is


called Encryption .

Suppose we want to send a message :-

ATTACK IN THE MORNING. MORE FORCES ARRIVING SOON

Now if we send this message in this form it will be heard and understood by the
enemy and we may loose the battle . So this text has to be encrypted in such a
from that , it may be heard , but it should no be understood .

This text is called PLAIN TEXT .

We apply one of the many encryption techniques to it .

We receive a text called CIPHER TEXT .


PLAIN CIPHER
TEXT TEXT
ENCRYPTION
ALGORITHM

Process of Encryption

DECRYPTION

Now when the intended receive receives the cipher text , the recipient applies
the reverse process to the text to obtain plain text from the cipher text . This
process is called Decryption .

CIPHER PLAIN
TEXT TEXT
DECRYPTION
ALGORITHM

Process of Decryption
Substitution Cipher

Series Substitution Cipher

Plain Text :-

ATTACK IN THE MORNING. MORE FORCES ARRIVING SOON

A B C D E F
B C D E F G

G H I J K L
H I J K L M

M N O P Q R
N O P Q R S

S T U V W X
T U V W X Y

Y Z
Z A

Cipher Text :-

BUUBDLJOUIFNPSOJOHNPSFGPSDFTBSSJWJOHTPPO.

Explanation :-

Substitution Cipher is one of the oldest techniques of encryption . It is so old that


it was used by Julius Caesar .
Technique :-

1. We write the complete alphabet set.


2. And we write below the original alphabet set the alphabet set to be
substituted .
3. We can likewise achieve 25 combinations of substitute codes .
4. For example :-
 A is substituted by B , B is substituted by C and so on
 A is substituted by C , B is substituted by D and so on
 A is substituted by D , B is substituted by E and so on


 A is substituted by Z , B is substituted by A .
5. After we have decided which alphabet series is to be substituted ,
6. We can write down the plain text which is to be encrypted .
7. The alphabets in the plaintext are substituted by the alphabets
written below .
8. Thus we obtain a Cipher Text .
9. Now this encrypted text can be transmitted .
Random Substitution Cipher

Plain Text :-

ATTACK IN THE MORNING. MORE FORCES ARRIVING SOON

A B C D E F
T G K Q C P

G H I J K L
R W B O U V

M N O P Q R
A E L J D N

S T U V W X
X F M Y I Z

Y Z
S H

Chipper Text :-

TFFTKUBEFWCALNEBERALNCPLNKCXTNNBYBERXLLE.

Explanation :-

Random Substitution Cipher is also basically substitution cipher, the only


difference being that instead of substituting the whole series of alphabets , we
now randomly substitute the alphabets .

Technique :-

1. We write the complete alphabet set.


2. And we write below the original alphabet set the random alphabets
to be substituted .
3. We can likewise achieve huge number of combinations of
substitute codes .
4. For example :-
 A is substituted by R , B is substituted by M and so on
 A is substituted by L , B is substituted by P and so on
 A is substituted by N , B is substituted by T and so on


 A is substituted by Q , B is substituted by X .
5. After we have RANDOMLY substituted all the alphabets ,
6. We can write down the plain text which is to be encrypted .
7. The alphabets in the plaintext are substituted by the alphabets
written below .
8. Thus we obtain a Cipher Text .
9. Now this encrypted text can be transmitted .

Advantages of Random Substitution over Series Substitution

1. This gives a huge number of combinations


2. It makes it immensely difficult to break.
3. Even if it is broken it takes a lot of time to be broken .
4. It is thus a stronger cipher than Series Substitution Cipher .
Transposition Cipher

Plain Text :-

ATTACK IN THE MORNING. MORE FORCES ARRIVING SOON

A T T A C K I N
T H E M O R N I
N G M O R E F O
R C E S A R R I
V I N G S O O N

1 2 3 4 5 6 7 8
A T T A C K I N
T H E M O R N I
N G M O R E F O
R C E S A R R I
V I N G S O O N

Cipher Text :-

ATNRVTHGCITEMENAMOSGCORASKREROINFRONIOIN

Explanation :-

1. This is another technique to encrypt text .


2. In this technique we arrange the plaintext in to a matrix .
3. Suppose we take a 8x5 (CxR) matrix .
4. We insert the plaintext in rows . eg. We fill up row1 then row 2 and
likewise .
5. Now to encrypt we dont read the rows but the columns .
6. As shown by the arrows , we first read the column1 which gives
ATNRV
7. Then we read the column2 then we read the column3 and so on.
8. This gives us an encrypted text .
9. We only need to tell the receiver which matrix we have used .
10. Using that information the receiver can de-crypt the message
easily.
11. The difference between this cipher and the substitution cipher is
that the substitution cipher can be broken by Frequency Analysis ,
where as this cipher cant be broken with Frequency analysis .

Some more Encryption Techniques

o Seriated Playfair
o Four square cipher
o Baufort cipher variant
o Della Porta cipher
o Poly-alphabetic substitution cipher
o Gronsfeld
o Generic transposition cipher
o Two square cipher
o Simple substitution cipher
o GROMARK
o Redfence cipher
o Ordinary columnar transposition
o Homohponic substitution cipher
o Checkerboard cipher
o M Del Vayo cipher
o Vigenere cipher
o Beaufort cipher
o Nihilist substitution cipher

V.11 Digital Signatures

Just like the physical signature ensures that the document is coming from the
right person , a digital signature is also a method to ensure that the document is
from the right person and also that the document has not been modified in the
way since it left the owner whose digital signatures are affixed on the document .

Digital signatures are based on encryption techniques . The data is sent in


encrypted from , from one place to another . Today the DSS or the Digital
Signature Standard is in place which provides guidelines as to how the Digital
Signatures should be implemented.

When the recipient receives the message they run the message through the
same hash algorithm and generate the message digest number. They then
decrypt the signature using the senders public key and providing the two
numbers match they know the message is from who it says its from AND that is
has not been modified.

Signing of the Document using Digital Signature

Signing of a message or an electronic document is performed in two steps . The


concept of Digitally Signing documents is essentially based upon Cryptography
based on Public Key. The electronic document can be signed by the sender by
using his private key and the receiver can decrypt it using the public key. The
two stages of signing a document using Digital Signatures are :-
Stage 1: A message Digest is Calculated

Cryptographic Hashing Algorithm is used to calculate the hash value of he


message that is to be transmitted. The hash value which is extracted from the
message , is a sequence of bits . The transformations are applied in such a
manner that if even one bit in the message to be transmitted is changed , the
message digest changes completely . This property of the algorithms makes is
next to impossible to crack the message thus encrypted. That is to find out the
original message from the message digest or the hash value. This is because the
hash value of the original message is many times smaller than the actual
message itself which makes it practically impossible to derive the original
message without applying infinitely high computing resources to the problem,
which is of course infeasible. This gives it immunity from any kind of attacks by
crypta-analysts . Cryptographic Hashing Algorithms like MD2/4/5 , SHA1 can be
used for this purpose . The hash value thus calculated is also called the message
digest . The only lacuna is that when we use the same hashing algorithm , we
can arrive at the same hah value for two entirely different messages , but the
probability of such case is infinitesimally small.

Stage 2 - Digital Signature Calculation

The hash value or the message digest is obtained from the original message in
the first step . Now in the second step the hash value so obtained is encrypted
using the private key of the signee . Now that the hash value has been further
encrypted using another algorithm with the signees private key as key for the
algorithm , the encrypted hash value is called the Digital Signature . There are
various algorithms used in the stage two , i.e. encryption of the hash value .
Some of them are the DSA , RSA , ECDSA . These algorithms are based on
different theories.

A digital signature thus calculated is attached to the document which is to be


authenticated and the document is transmitted . The receiver once receives the
digital signatures is able to verify the document through its digital signatures.

Verification of Digital Signatures

Stage -1 Current Hash-Value is calculated

Stage 2: Original Hash-Value is calculated

Stage 3: Current and the Original Hash-Values are compared

Now when the document is received by the intended recipient , it becomes


imperative to understand that how the receiver is able to authenticate the
message with the help of the Digital Signatures attached to the document
received.

The receiver has to establish that whether the message received has been
signed by the private key corresponding to the particular public key. Although it
can be established that the document has been signed by a particular private key
but it cannot be established whether the document has been signed by a
particular person. To further establish this , the receiver needs to have the public
key of the sender of the message.
Digitally Current Hash Value
Signed
Message Hashing Algio

Comparison
of Signatures

Decryption

Digital Signatures Original Hash Value

Stage 1 Current Hash Value Calculation

The current hash value is calculated from the message obtained using the same
hashing algorithm that was used during the process of digitally signing the
message.

Step 2: Calculate the Original Hash-Value

The Digital Signature obtained with the message is decrypted with the same
algorithm that was used to at the encryption stage . But the difference is that the ,
although the algorithm is the same but the key is different . The key is now the
Public Key , which corresponds to the private key of the message sender . Now
after the decryption is done the value that is obtained is called the poriginal hash
value .
Stage 3: Comparison of the Current and the Original Hash-Values

After the stage one and two , in the third stage , we compare the values
obtained in the two stages . The original hash value and the current hash value
are now compared. The comparison is found successful if the two values are
found to be same else the comparison is unsuccessful . Which means that the
digital signatures on the document are invalid.

If the digital signatures are found to be invalid , it can be because , there has
been a change in the original message during transmission , that is after it was
signed. It will lead to the different hash values . Some other reasons like invalid
public key etc. can be there .

Digital Signatures is a medium to facilitate the authentication of the document .


To further facilitate the process the sender sends along with the document , his
digital certificate . During the verification process the public key mentioned in the
digital certificate is used for verification.