What we will cover

What is the Internet

Client/server examples
Deciphering alphabet soup: ISP, DHCP, DNS, http,

https, HTML, smtp, pop3, telnet, ftp, sftp, ssh

Network security:
How to send anonymous emails
How to hack into a system
How a Firewall works
Encrypted communications

Internet History
The Internet is a global network of interconnected computers, enabling
users to share information along multiple channels.
http://en.wikipedia.org/wiki/Internet

Started in 1969 as ARPANET funded by

DARPA (Defense Advanced Research

Projects Agency)
Build as packet switching network to
recover from a nuclear attack by
automatically rerouting data through
surviving links
When I took office, only high energy physicists
had ever heard of what is called the World Wide
Web... Now even my cat has it's own page.
Bill Clinton

The User Perspective

have little laptop at home in NJ
want to exchange information

with big server in California

(or Japan or )

Basic Setup
Each computer must have a unique identifier
IP number and IP name
Computers must be able to exchange data (electrons,

photons, drum beats)

Wireless cards, fiber optics, or Ethernet connections
Unit of data is bit (zero or one, on/off, 2 states)

Everyone involved must speak the same language

TCPIP (Transmission Control Protocol/Internet Protocol)

Network Member Identifier

Every computer on the Internet has at least one unique

identifier, usually two:

IP Number: #.#.#.#, where # is an 8 bit number

What is the range for each sub-number?
How many machines can be on the Internet?
What is your computers IP number?
IP Name for easy reference
What is your computers IP name?
Homework:
What is the IP number of google
What is the IP number of www.shu.edu
What is the IP name of 149.150.254.102

Router A
DHCP

Router B

ISP

fiber optic
lines

www.google.com
ISP:

DNS

Internet Service
Provider
DHCP: Dynamic Host
Config. Protocol
DNS: Domain Name
Server

The Data: IP Packet

www.google.com
(66.102.1.147)

(149.150.254.102)

The Data: IP Packet

www.google.com
(66.102.1.147)

(149.150.254.102)

The Protocol
A mutually agreed-upon convention or standard that
controls or enables the connection, communication, and
data transfer between computing endpoints.
http://en.wikipedia.org/wiki/Protocol_(computing)

Regulates the data exchange and interpretation

Defines who says what at which time
Defines how to interpret data that is exchanged
Regulates what constitutes an error and what to do if

one occurs

Client Server Model

Communication on the Internet usually takes place

between a client and a server program/computer:

Server program: program without a user interface

running on a large computer with access to many

resources (also called the server computer)
Client program: a program with extensive interface
capabilities but few resources running on a small
computer (also called the client computer)

One server computer usually run several server

programs, each of which can service multiple client

programs simultaneously

Client Server Example (1)

I want to view the main web page from www.shu.edu
Server computer: www.shu.edu
Client computer: 192.168.1.2
Server program: web server program (httpd) running on

www.shu.edu with access to lots of stored web pages

Client program: Internet Explorer or Firefox with
extensive formatting and display capabilities but no data to
display

Client Server Example (2)

I want to view the main web page from www.shu.edu
Client: start IE and enter: http://www.shu.edu/
Client sends packet to DNS: who is www.shu.edu
DNS sends packet back: www.shu.edu = 149.150.51.69
Client sends packet to 149.150.51.69: give me main page
Server: receives request for page from 192.168.1.2
Retrieves the web page from disk (or database)
Sends data to 192.168.1.2: here is the data
Client: formats data and display it nicely

Client Server Example (3)

I want to view the main web page from www.shu.edu
Client: sends give me main page

Server: sends data to 192.168.1.2

http (Hypertext Transport Protocol): regulates how a

web server and client communicate

Client: formats data and display it nicely

HTML (Hypertext Markup Language): defines how text
is supposed to look and where to place it

Client Server Example (4)

I want to view the main web page from www.shu.edu
Action

http 1.0 specs

http uses port 80 by general agreement

Client: give me main page

GET / HTTP/1.0

Server: returns data

fixed header:
how many bytes
are coming,
type of data

page text ...

Client Server Example (5)

Telnet:
universal text client used to connect to another
computer and work on that computer in text-based
mode
usually connects to a telnet server but can also
connect to any server computer and any server
program
shows text data in raw unformatted form

Client Server: Telnet

A Telnet client is build into Windows:
Click on Start
Pick Run and type cmd
Type telnet

if you get error message in Vista, open Control Panel, select

Programs, click Turn Windows features on or off, and check
Telnet client (not Telnet server). Then try again.
To open a connection to www.shu.edu, type:
open www.shu.edu (will this work why not?)
Optional: to save a log of your session, type:
set logfile log.txt

Telneting to a Web Server

Start telnet and type:
open www.shu.edu 80

Next type carefully and without errors (you might not

see what you type on the screen type anyway,

including the empty line and capitals):
GET / HTTP/1.0

You have issued a request according to the Hypertext

Transfer Protocol, version 1.0, for the root web page /

How email works

Email systems have two parts, and consequently work
with two server programs and two protocols:
Retrieving email
uses either pop3 (Post Office Protocol version 3 on port
110) or IMAP (Internet message access protocol on port
143)
Sending email
uses smtp (simple mail transport protocol on port 25)

An smtp Conversation
Speaker
Server:

Text
220 Simple Mail Transfer Service ready

Client:

HELO mycomputer.mydomain

Server:

250 kitten.shu.edu

Client:

MAIL FROM:<Smith@shu.edu>

Server:

250 OK

Client:

RCPT TO:<Jones@shu.edu>

Server:

250 OK

Client:

DATA

Server:

354 Start mail input; end with <CRLF>.<CRLF>

Client:

Blah blah blah..

.

Server:

250 OK

Client:

QUIT

Homework
1.
2.

Capture a web page from a web server

Send me an (anonymous) email using Telnet (note that
the SHU smtp server will only allow a connection if you are located
on campus how does it know?)

Hacking 101
Identify a target system
Find an open port
Check which server program services that port
Learn about vulnerabilities of that server program
Exploit vulnerability for evil purposes

Firewall Protection
Every packet transported over the

Internet contains the protocol (port),

sender address, and destination address
A firewall is a device that inspects every
incoming (and outgoing) packet and
includes rules to block data depending
on the port, sender, or destination
A firewall is typically integrated into a
home wireless router
Most firewalls do not check the content
of a packet

ISP

SPAM Protection
Every Internet packet contains the port,

sender, destination, and content (data)

usually unencrypted
A SPAM filter is a device that inspects
all email packets and includes rules to
block messages depending on the
content of the email.
A SPAM filter is typically integrated into
you ISP or email provider
SPAM filters typically read your email!

ISP

Privacy/Content Protection
All Internet traffic is public!
To protect content, the data portion of IP packets

must be encrypted

To protect data between your wireless router and

your laptop, use e.g. WPA wireless encryption

To protect data after it leaves your router, you must
use encrypted services (https instead of http or
sftp instead of ftp)
Note: no standard encryption for email!

Sending email is like passing a postcard along a chain of

hundreds of people with a note: to Jane do not read if
youre not Jane

ISP

Encryption
Encryption is usually based on a key that used to encrypt and
decrypt a message.
Pre-Shared Key (PSK) Encryption:
both parties know a single key (e.g. WPA encryption: both your
router and your computers know the key)
Public Key Encryption:
each party has two keys, a public and a private one. They swap
public keys: Bob uses Annies public key to send her an
encrypted message, she can decrypt it using her private key
based on difficulty of factoring huge numbers into large primes
and ease of multiplying them
See http://www.explainthatstuff.com/encryption.html

Public Key Encryption requires:

large semi-prime number x = p q

Example:
public key x = 15 => private key is:
Homework: Find factorization of RSA-100, which is
1522605027922533360535618378132637429718
0681149613806886579084945801229632589528
97654000350692006139
More Info:
http://en.wikipedia.org/wiki/Public-key_cryptography
http://en.wikipedia.org/wiki/RSA_numbers
http://primes.utm.edu/mersenne/
Enigma by Robert Harris, and Enigma the Movie