What is Network?

A network is defined as a group of two or more computer systems linked together. There are many types of computer networks, including the following: local-area networks (LANs): The computers are geographically close together (that is, in the same building).

What is Transmission media?

Transmission media is a communication channel that carries the information from the sender to the receiver. Data is transmitted through the electromagnetic signals. The main functionality of the transmission media is to carry the information in the form of bits through LAN(Local Area Network).

Types of Transmission Media

In data communication terminology, a transmission medium is a physical path between the transmitter and the receiver i.e it is the channel through which data is sent from one place to another. Transmission Media is broadly classified into the following types:

1. Guided Media:

It is also referred to as Wired or Bounded transmission media. Signals being transmitted are directed and confined in a narrow pathway by using physical links.

Features:

High Speed

Secure

Used for comparatively shorter distances

There are 3 major types of Guided Media:

(i) Twisted Pair Cable –

It consists of 2 separately insulated conductor wires wound about each other. Generally, several such pairs are bundled together in a protective sheath. They are the most widely used Transmission Media. Twisted Pair is of two types:

Unshielded Twisted Pair (UTP):

This type of cable has the ability to block interference and does not depend on a physical shield for this purpose. It is used for telephonic applications.

Advantages:

Least expensive

Easy to install

High speed capacity

Disadvantages:

Susceptible to external interference

Lower capacity and performance in comparison to STP

Short distance transmission due to attenuation

Shielded Twisted Pair (STP):

This type of cable consists of a special jacket to block external interference. It is used in fast-data-rate Ethernet and in voice and data channels of telephone lines.

Advantages:

Better performance at a higher data rate in comparison to UTP

Eliminates crosstalk

Comparitively faster

Disadvantages:

Comparitively difficult to install and manufacture

More expensive

Bulky

(ii) Coaxial Cable –

It has an outer plastic covering containing 2 parallel conductors each having a separate insulated protection cover. Coaxial cable transmits information in two modes: Baseband mode(dedicated cable bandwidth) and Broadband mode(cable bandwidth is split into separate ranges). Cable TVs and analog television networks widely use Coaxial cables.

Advantages:

High Bandwidth

Better noise Immunity

Easy to install and expand

Inexpensive

Disadvantages:

Single cable failure can disrupt the entire network

(iii) Optical Fibre Cable –

It uses the concept of reflection of light through a core made up of glass or plastic. The core is surrounded by a less dense glass or plastic covering called the cladding. It is used for transmission of large volumes of data.

Advantages:

Increased capacity and bandwidth

Light weight

Less signal attenuation

Immunity to electromagnetic interference

Resistance to corrosive materials

Disadvantages:

Difficult to install and maintain

High cost

Fragile

unidirectional, ie, will need another fibre, if we need bidirectional communication

2. Unguided Media:

It is also referred to as Wireless or Unbounded transmission media.No physical medium is required for the transmission of electromagnetic signals.

Features:

Signal is broadcasted through air

Less Secure

Used for larger distances

There are 3 major types of Unguided Media:

(i) Radiowaves –

These are easy to generate and can penetrate through buildings. The sending and receiving antennas need not be aligned. Frequency Range:3KHz – 1GHz. AM and FM radios and cordless phones use Radiowaves for transmission.

Further Categorized as (i) Terrestrial and (ii) Satellite.

(ii) Microwaves –

It is a line of sight transmission i.e. the sending and receiving antennas need to be properly aligned with each other. The distance covered by the signal is directly proportional to the height of the antenna. Frequency Range:1GHz – 300GHz. These are majorly used for mobile phone communication and television distribution.

(iii) Infrared –

Infrared waves are used for very short distance communication. They cannot penetrate through obstacles. This prevents interference between systems. Frequency Range:300GHz – 400THz. It is used in TV remotes, wireless mouse, keyboard, printer, etc.

Hub: A Hub is a networking device that allows one to connect multiple PCs to a single network. Hubs may be based on Ethernet, Firewire, or USB connections.

Switch : A network switch is a computer networking device that is used to connect many devices together on a computer network. A switch is considered more advanced than a hub because a switch will on send msg to device that needs or request it.

Hub versus Switch comparison chart

	Hub	Switch
Layer	Physical layer. Hubs are classified as Layer 1 devices per the OSI model.	Data Link Layer. Network switches operate at Layer 2 of the OSI model.
Function	To connect a network of personal computers together, they can be joined through a central hub.	Allow connections to multiple devices, manage ports, manage VLAN security settings
Data Transmission form	Electrical signal or bits	Frame (L2 Switch) Frame & Packet (L3 switch)
Ports	4/12 ports	Switch is multi port Bridge. 24/48 ports
Transmission Type	Hubs always perform frame flooding; may be unicast, multicast or broadcast	First broadcast; then unicast & multicast as needed.
Device Type	Passive Device (Without Software)	Active Device (With Software) & Networking device
Transmission Mode	Half duplex	Half/Full duplex
Broadcast Domain	Hub has one Broadcast Domain.	Switch has one broadcast domain [unless VLAN implemented]
Speed	10Mbps	10/100 Mbps, 1 Gbps
Address used for data tramsmission	Uses MAC address	Uses MAC address
Device Category	non intelligent device	Intelligent Device
Manufacturers	Sun Systems, Oracle and Cisco	Cisco and D-link Juniper
Collisions	Collisions occur commonly in setups using hubs.	No collisions occur in a full-duplex switch.

Router: A router is a networking device that connects a local network to other local networks. At the Distribution Layer of the network, routers direct traffic and perform other functions critical to efficient network operation.

There are 3 types of routing:

1. Static routing –

Static routing is a process in which we have to manually add routes in routing table.

Advantages –

· No routing overhead for router CPU which means a cheaper router can be used to do routing.

· It adds security because only administrator can allow routing to particular networks only.

· No bandwidth usage between routers.

Disadvantage –

· For a large network, it is a hectic task for administrator to manually add each route for the network in the routing table on each router.

· The administrator should have good knowledge of the topology. If a new administrator comes, then he has to manually add each route so he should have very good knowledge of the routes of the topology.

2. Default Routing –

This is the method where the router is configured to send all packets towards a single router (next hop). It doesn’t matter to which network the packet belongs, it is forwarded out to router which is configured for default routing. It is generally used with stub routers. A stub router is a router which has only one route to reach all other networks.

3. Dynamic Routing –

Dynamic routing makes automatic adjustment of the routes according to the current state of the route in the routing table. Dynamic routing uses protocols to discover network destinations and the routes to reach it. RIP and OSPF are the best examples of dynamic routing protocol. Automatic adjustment will be made to reach the network destination if one route goes down.

A dynamic protocol have following features:

The routers should have the same dynamic protocol running in order to exchange routes.

When a router finds a change in the topology then router advertises it to all other routers.

Advantages –

· Easy to configure.

· More effective at selecting the best route to a destination remote network and also for discovering remote network.

Disadvantage –

· Consumes more bandwidth for communicating with other neighbors.

· Less secure than static routing.

Router versus Switch comparison chart

	Router	Switch
Layer	Network Layer (Layer 3 devices)	Data Link Layer. Network switches operate at Layer 2 of the OSI model.
Function	Directs data in a network. Passes data between home computers, and between computers and the modem.	Allow connections to multiple devices, manage ports, manage VLAN security settings
Data Transmission form	Packet	Frame (L2 Switch) Frame & Packet (L3 switch)
Ports	2/4/5/8	Switch is multi port Bridge. 24/48 ports
Transmission Type	At Initial Level Broadcast then Uni-cast & Multicast	First broadcast; then unicast & multicast as needed.
Used in (LAN, MAN, WAN)	LAN, MAN, WAN	LAN
Transmission Mode	Full duplex	Half/Full duplex
Broadcast Domain	In Router, every port has its own Broadcast domain.	Switch has one broadcast domain [unless VLAN implemented]
Connections	Can connect to multiple PCs or networking devices via Ethernetor WiFi	Can connect to multiple PCs or networking devices (L3 switches) via Cat5, Cat5e
Speed	1-100 Mbps (Wireless); 100 Mbps - 1 Gbps (Wired)	10/100 Mbps, 1 Gbps
Necessary for Internet Connection?	No, but provides additional security and allows for multiple connections.	No
Address used for data tramsmission	Uses IP address	Uses MAC address
Security	Provides security measures to protect network	Port security
Device Category	Intelligent Device	Intelligent Device
Routing Decision	Take faster routing decisions	Take more time for complicated routing decisions
NAT (Network Address Translation)	Routers can perform NAT	Switches cannot perform NAT
Faster	In a different network environment (MAN/ WAN), a router is faster than an L3 switch.	In a LAN environment, an L3 switch is faster than a router(built-in switching hardware)
Features	Firewall VPN Dynamic hadling of Bandwidth	Priority rt range On/Off setting of port VLAN Port mirroring

What does Gateway mean?

A gateway is a data communication device that provides a remote network with connectivity to a host network.

A gateway device provides communication to a remote network or an autonomous system that is out of bounds for the host network nodes. Gateways serve as the entry and exit point of a network; all data routed inward or outward must first pass through and communicate with the gateway in order to use routing paths. Generally, a router is configured to work as a gateway device in computer networks.

Brouter

A brouter is a device that functions as both a bridge and a router. It can forward data between networks (serving as a bridge), but can also route data to individual systems within a network (serving as a router).

What does Bridge Router mean?

A bridge router is a type of network device operating as both a bridge and a router.

It forwards the frames to the connected segments or a LAN when there is no routing information. It also routes all other TCP/IP packets to different networks. The bridge router operates at the network and data link layer of the OSI Model.

Network goals

Computer Network means an interconnection of autonomous (standalone) computers for information exchange. The connecting media could be a copper wire, optical fiber, microwave or satellite.

Networking Elements – The computer network includes the following networking elements:

· At least two computers

· Transmission medium either wired or wireless

· Protocols or rules that govern the communication

· Network software such as Network Operating System

Network Criteria:

The criteria that have to be met by a computer network are:

1. Performance – It is measured in terms of transit time and response time.

Transit time is the time for a message to travel from one device to another. Response time is the elapsed time between an inquiry and a response.

Performance is dependent on the following factors:

· The number of users

· Type of transmission medium

· Capability of connected network

· Efficiency of software

2. Reliability – It is measured in terms of

· Frequency of failure

· Recovery from failures

· Robustness during catastrophe

3. Security – It means protecting data from unauthorized access.

Goals of Computer Networks: The following are some important goals of computer networks:

· Resource Sharing –

Many organization has a substantial number of computers in operations, which are located apart. Ex. A group of office workers can share a common printer, fax, modem, scanner etc.

· High Reliability –

If there are alternate sources of supply, all files could be replicated on two or, machines. If one of them is not available, due to hardware failure, the other copies could be used.

· Inter-process Communication –

Network users, located geographically apart, may converse in an interactive session through the network. In order to permit this, the network must provide almost error-free communications.

· Flexible access –

Files can be accessed from any computer in the network. The project can be begun on one computer and finished on another.

Bandwidth

Bandwidth is the total range of frequencies associated with a signal or a device or a channel.

Bandwidth isdefined as a range within a band of frequencies or wavelengths. Bandwidth is also the amount of data that can be transmitted in a fixed amount of time.

It is measured in bits per second (bps). Modern day networks provide bandwidth in Kbps, Mbps and Gbps. Some of the factors affecting a network’s bandwidth include −

· Network devices used

· Protocols used

· Number of users connected

· Network overheads like collision, errors, etc.

Bandwidth of digital signals

Digital signals are represented in the form of box waves.

Channel

Physical medium like cables over which information is exchanged is called channel. Transmission channel may be analog or digital. As the name suggests, analog channels transmit data using analog signals while digital channels transmit data using digital signals.

Throughput

Throughput is the actual speed with which data gets transferred over the network. Besides transmitting the actual data, network bandwidth is used for transmitting error messages, acknowledgement frames, etc.

Throughput is a better measurement of network speed, efficiency and capacity utilization rather than bandwidth.

Protocol

Protocol is a set of rules and regulations used by devices to communicate over the network. Just like humans, computers also need rules to ensure successful communication.

Types of Protocols

There are various types of protocols that support a major and compassionate role in communicating with different devices across the network. These are:

1. Transmission Control Protocol (TCP)

2. Internet Protocol (IP)

3. User Datagram Protocol (UDP)

4. Post office Protocol (POP)

5. Simple mail transport Protocol (SMTP)

6. File Transfer Protocol (FTP)

7. Hyper Text Transfer Protocol (HTTP)

8. Hyper Text Transfer Protocol Secure (HTTPS)

9. Telnet

Some other popular protocols act as co-functioning protocols associated with these primary protocols for core functioning. These are:

· ARP (Address Resolution Protocol)

· DHCP (Dynamic Host Configuration Protocol)

· IMAP4 (Internet Message Access Protocol)

· SIP (Session Initiation Protocol)

· RTP (Real-Time Transport Protocol)

· RLP (Resource Location Protocol)

· RAP (Route Access Protocol)

· L2TP (Layer Two Tunnelling Protocol)

· PPTP (Point To Point Tunnelling Protocol)

· SNMP (Simple Network Management Protocol)

· TFTP (Trivial File Transfer Protocol)

TCP/IP

TCP/IP stands for Transmission Control Protocol/Internet Protocol. TCP/IP is a set of layered protocols used for communication over the Internet. The communication model of this suite is client-server model. A computer that sends a request is the client and a computer to which the request is sent is the server.

Mobile Communication Protocols

Mobile communication protocols use multiplexing to send information. Multiplexing is a method to combine multiple digital or analog signals into one signal over the data channel. This ensures optimum utilization of expensive resource and time. At the destination these signals are de-multiplexed to recover individual signals.

GSM

GSM stands for Global System for Mobile communications. GSM is one of the most widely used digital wireless telephony system.

Any GSM handset with a SIM (Subscriber Identity Module) card can be used in any country that uses this standard. Every SIM card has a unique identification number. It has memory to store applications and data like phone numbers, processor to carry out its functions and software to send and receive messages

GSM technology uses TDMA (Time Division Multiple Access) to support up to eight calls simultaneously. It also uses encryption to make the data more secure.

The frequencies used by the international standard is 900 MHz to 1800 MHz However, GSM phones used in the US use 1900 MHz frequency and hence are not compatible with the international system.

CDMA

CDMA stands for Code Division Multiple Access. It was first used by the British military during World War II. After the war its use spread to civilian areas due to high service quality. As each user gets the entire spectrum all the time, voice quality is very high. Also, it is automatically encrypted and hence provides high security against signal interception and eavesdropping.

GPRS

GPRS stands for General Packet Radio Services. It is a packet based wireless communication technology that charges users based on the volume of data they send rather than the time duration for which they are using the service. This is possible because GPRS sends data over the network in packets and its throughput depends on network traffic. As traffic increases, service quality may go down due to congestion, hence it is logical to charge the users as per data volume transmitted.

GPRS is the mobile communication protocol used by second (2G) and third generation (3G) of mobile telephony. It pledges a speed of 56 kbps to 114 kbps, however the actual speed may vary depending on network load.

Cookies

Cookies are small text files with their unique ID stored on your system by a website. The website stores your browsing details like preferences, customizations, login ID, pages clicked, etc. specific to that website. Storing this information enables the website to provide you with a customized experience the next time you visit it.

How Cookies Work

When you visit a website through your browser, the website creates and stores a cookie file in your browser or program data folder/sub-folder. This cookie may be of two types −

· Session cookie − It is valid only till the session lasts. Once you exit the website the cookie is automatically deleted.

· Persistent cookie It is valid beyond your current session. Its expiration date is mentioned within the cookie itself.

A cookie stores these information −

· Name of website server

· Cookie expiration date/time

· Unique ID

Difference between Unicast, Broadcast and Multicast

The cast term here signifies some data(stream of packets) is being transmitted to the recipient(s) from client(s) side over the communication channel that help them to communicate. Let’s see some of the “cast” concepts that are prevailing in the computer networks field.

1. Unicast –

This type of information transfer is useful when there is a participation of single sender and single recipient. So, in short you can term it as a one-to-one transmission. For example, a device having IP address 10.1.2.0 in a network wants to send the traffic stream(data packets) to the device with IP address 20.12.4.2 in the other network,then unicast comes into picture. This is the most common form of data transfer over the networks.

2. Broadcast –

Broadcasting transfer (one-to-all) techniques can be classified into two types :

Limited Broadcasting –

Suppose you have to send stream of packets to all the devices over the network that you reside, this broadcasting comes handy. For this to achieve,it will append 255.255.255.255 (all the 32 bits of IP address set to 1) called as Limited Broadcast Address in the destination address of the datagram (packet) header which is reserved for information tranfer to all the recipients from a single client (sender) over the network.

Direct Broadcasting –

This is useful when a device in one network wants to transfer packet stream to all the devices over the other network.This is achieved by translating all the Host ID part bits of the destination address to 1,referred as Direct Broadcast Address in the datagram header for information transfer.

This mode is mainly utilized by television networks for video and audio distribution.

One important protocol of this class in Computer Networks is Address Resolution Protocol (ARP) that is used for resolving IP address into physical address which is necessary for underlying communication.

3. Multicast –

In multicasting, one/more senders and one/more recipients participate in data transfer traffic. In this method traffic recline between the boundaries of unicast (one-to-one) and broadcast (one-to-all). Multicast lets server’s direct single copies of data streams that are then simulated and routed to hosts that request it. IP multicast requires support of some other protocols like IGMP (Internet Group Management Protocol), Multicast routing for its working. Also in Classful IP addressing Class D is reserved for multicast groups.

ROUTING
Routing is the process of taking a packet from one device sending it through the network to another device in a different network.

1.Static routing

Static routing is a form of routing that occurs when a router uses a manually-configured routing entry, rather than information from a dynamic routingtraffic. ... Unlike dynamic routing, static routes are fixed and do not change if the network is changed or reconfigured.

In as much as it’s a complex task.

Benefits of static routes:

i. Bandwidth usage between router is at a minimum, none in some cases.

ii. There is no overhead on the router CPU.

iii.It adds security due to the choice of route configuration by the administrator.

iv.It reduces the number of routes found in the routing table.

Disadvantages of Static Routes:

i.Takes too many man-hours for configuration especially in a large network.

ii. Too complex and can sometimes be confusing during troubleshooting.

III.Administrator intervention is required to maintain changing route information.

IV.Does not scale well with growing networks; maintenance becomes cumbersome.

V.Requires complete knowledge of the whole network for proper implementation.

2.DYNAMIC ROUTING

Dynamic routing protocols are supported by software applications running on the routing device (the router) which dynamically learn network destinations and how to get to them and also advertise those destinations to other routers. This advertisement function allows all the routers to learn about all the destination networks that exist and how to to those networks.

Examples of Routing Protocols are Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF).

Type of networking protocols [ AP, Ministry of Education-2015]

There are three basic types of routing protocols.

Distance-vector Routing Protocols: Distance-vector Routing Protocols use simple algorithms that calculate a cumulative distance value between routers based on hop count.

Example: Routing Information Protocol Version 1 (RIPv1) and Interior Gateway Routing Protocol (IGRP)

Link-state Routing Protocols: Link-state Routing Protocols use sophisticated algorithms that maintain a complex database of internetwork topology.

Example: Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS)

Hybrid Routing Protocols: Hybrid Routing Protocols use a combination of distance-vector and link-state methods that tries to incorporate the advantages of both and minimize their disadvantages.

Example: Enhanced Interior Gateway Routing Protocol (EIGRP), Routing Information Protocol Version 2 (RIPv2)

STATIC ROUTING	DYNAMIC ROUTING
Manual	Automatic
User defined	Routes are updated according to change in topology.
Doesn't employ complex routing algorithms.	Uses complex routing algorithms to perform routing operations.
Small networks	Large networks
Link failure obstructs the rerouting.	Link failure doesn't affect the rerouting.
Provides high security.	Less secure due to sending broadcasts and multicasts.
No routing protocols are indulged in the process.	Routing protocols such as RIP, EIGRP, etc are involved in the routing process.

What does Server mean?

A server is a computer, a device or a program that is dedicated to managing network resources. Servers are often referred to as dedicated because they carry out hardly any other tasks apart from their server tasks.

What does Client mean?

A client is the receiving end of a service or the requestor of a service in a client/server model type of system. The client is most often located on another system or computer, which can be accessed via a network. This term was first used for devices that could not run their own programs, and were connected to remote computers that could via a network. These were called dumb terminals and they were served by time-sharing mainframe computers.

Introduction to Firewall

Firewall is a network security device, either hardware or software based, which monitors all incoming and outgoing traffic and based on defined set of security rules it accept, reject or drop that specific traffic.

Accept : allow the traffic

Reject : block the traffic but reply with an “unreachable error”

Drop : block the traffic with no reply

Firewall establishes a barrier between secured internal networks and outside untrusted network, such as Internet.

History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on routers. ACLs are rules that determine whether network access should be granted or denied to specific IP address.

But ACLs cannot determine the nature of packet it is blocking. Also, ACL alone does not have the capacity to keep threats out of the network. Hence, Firewall was introduced.

Connectivity to the Internet is no longer optional for organizations. However, accessing Internet provides benefits to the organization; it also enables the outside world to interact with internal network of the organization. This creates a threat to the organization. In order to secure the internal network from unauthorized traffic we need Firewall.

How Firewall Works:

Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. For example, Rules are defined like any employee from HR department cannot access the data from code server and at the same time other rule is defined like system administrator can access the data from both HR and technical department. Rules can be defined on firewall based on the necessity and security policies of the organization.

From the perspective of a server, network traffic can be either outgoing or incoming. Firewall maintains distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the server itself, allowed to pass. Still, setting rule on outgoing traffic is always better in order to achieve more security and prevent unwanted communication.

Incoming traffic is treated differently. Most traffic which reaches on firewall is one of these three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address and destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of port number which identifies purpose of that packet.

Default policy: It is very difficult to explicitly cover every possible rule on firewall. For this reason, firewall must always have a default policy. Default policy only consist action (accept, reject or drop).

Suppose no rule is defined about SSH connection to the server on firewall. So, it will follow default policy. If default policy on firewall is set to accept, then any computer outside of your office can establish SSH connection to the server. Therefore, setting default policy as drop (or reject) is always a good practice.

Generation of Firewall

Firewalls can be categorized based on its generation.

First Generation-Packet Filtering Firewall : Packet filtering firewall is used to control network access by monitoring outgoing and incoming packet and allowing them to pass or stop based on source and destination IP address, protocols and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers).

Packet firewalls treats each packet in Isolation. They have no ability to tell whether a packet is part of an existing stream of traffic. Only It can allow or deny the packets based on unique packet headers.

Packet filtering firewall maintains a filtering table which decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be Filtered according to following rules:

1. Incoming packets from network 192.168.21.0 are blocked.

2. Incoming packets destined for internal TELNET server (port 23) are blocked.

3. Incoming packets destined for host 192.168.21.3 are blocked.

4. All well-known services to the network 192.168.21.0 are allowed.

Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table.

Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter the packets on any OSI layer, up to application layer. It has ability to block specific content, also recognize when certain application and protocols (like HTTP, FTP) are being misused.

In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents direct connection between either side of firewall, each packet has to pass through the proxy. It can allow or block the traffic based on predefined rules.

Note: Application layer firewalls can also be used as Network Address Translator(NAT).

Next Generation Firewalls (NGFW) : Next Generation Firewalls are being deployed these days to stop modern security breaches like advance malware attacks and application layer attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many fuctionalities to protect the network from these modern threats.

Types of Firewall

Firewalls are generally of two types: Host-based and Network-based.

Host- based Firewalls : Host-based firewall are installed on each network node which controls each incoming and outgoing packet. It is a software application or suit of applications, comes as a part of operating system. Host-based firewalls are needed because network firewalls cannot provide protection inside a trusted network. Host firewall protects each host from attacks and unauthorized access.

Network-based Firewalls : Network firewall function on network level. In other words, these firewalls filters all incoming and outgoing traffic across the network. It protects the internal network by filtering the traffic using rules defined on firewall. A Network firewall might have two or more network interface cards (NICs). Network-based firewall is usually a dedicated system with proprietary software installed.

Both types of firewall have their own advantages.

Network Topologies

The arrangement of a network which comprises of nodes and connecting lines via sender and receiver is referred as network topology. The various network topologies are :

a) Mesh Topology :

In mesh topology, every device is connected to another device via particular channel.

Figure 1 : Every device is connected with another via dedicated channels. These channels are known as links.

If suppose, N number of devices are connected with each other in mesh topology, then total number of ports that is required by each device is N-1. In the Figure 1, there are 5 devices connected to each other, hence total number of ports required is 4.

If suppose, N number of devices are connected with each other in mesh topology, then total number of dedicated links required to connect them is NC2 i.e. N(N-1)/2. In the Figure 1, there are 5 devices connected to each other, hence total number of links required is 5*4/2 = 10.

Advantages of this topology :

· It is robust.

· Fault is diagnosed easily. Data is reliable because data is transferred among the devices through dedicated channels or links.

· Provides security and privacy.

Problems with this topology :

· Installation and configuration is difficult.

· Cost of cables are high as bulk wiring is required, hence suitable for less number of devices.

Cost of maintenance is high.

b) Star Topology :

In star topology, all the devices are connected to a single hub through a cable. This hub is the central node and all others nodes are connected to the central node. The hub can be passive in nature i.e. not intelligent hub such as broadcasting devices, at the same time the hub can be intelligent known as active hubs. Active hubs have repeaters in them.

Figure 2 : A star topology having four systems connected to single point of connection i.e. hub.

Advantages of this topology :

· If N devices are connected to each other in star topology, then the number of cables required to connect them is N. So, it is easy to set up.

· Each device require only 1 port i.e. to connect to the hub.

Problems with this topology :

· If the concentrator (hub) on which the whole topology relies fails, the whole system will crash down.

· Cost of installation is high.

· Performance is based on the single concentrator i.e. hub.

c) Bus Topology :

Bus topology is a network type in which every computer and network device is connected to single cable. It transmits the data from one end to another in single direction. No bi-directional feature is in bus topology.

Figure 3 : A bus topology with shared backbone cable. The nodes are connected to the channel via drop lines.

Advantages of this topology :

· If N devices are connected to each other in bus topology, then the number of cables required to connect them is 1 which is known as backbone cable and N drop lines are required.

· Cost of the cable is less as compared to other topology, but it is used to built small networks.

Problems with this topology :

· If the common cable fails, then the whole system will crash down.

If the network traffic is heavy, it increases collisions in the network. To avoid this, various protocols are used in MAC layer known as Pure Aloha, Slotted Aloha, CSMA/CD etc.

d) Ring Topology :

In this topology, it forms a ring connecting a devices with its exactly two neighbouring devices.

Figure 4 : A ring topology comprises of 4 stations connected with each forming a ring..

The following operations takes place in ring topology are :

One station is known as monitor station which takes all the responsibility to perform the operations.

To transmit the data, station has to hold the token. After the transmission is done, the token is to be released for other stations to use.

When no station is transmitting the data, then the token will circulate in the ring.

There are two types of token release techniques : Early token release releases the token just after the transmitting the data and Delay token release releases the token after the acknowledgement is received from the receiver.

Advantages of this topology :

· The possibility of collision is minimum in this type of topology.

· Cheap to install and expand.

Problems with this topology :

· Troubleshooting is difficult in this topology.

· Addition of stations in between or removal of stations can disturb the whole topology.

e) Hybrid Topology :

This topology is a collection of two or more topologies which are described above. This is a scalable topology which can be expanded easily. It is reliable one but at the same it is a costly topology.

Figure 5 : A hybrid topology which is a combination of ring and star topology.

Transmission modes

o The way in which data is transmitted from one device to another device is known as transmission mode.

o The transmission mode is also known as the communication mode.

o Each communication channel has a direction associated with it, and transmission media provide the direction. Therefore, the transmission mode is also known as a directional mode.

o The transmission mode is defined in the physical layer.

The Transmission mode is divided into three categories:

o Simplex mode

o Half-duplex mode

o Full-duplex mode

OSI Model

o OSI stands for Open System Interconnection is a reference model that describes how information from a software application in one computer moves through a physical medium to the software application in another computer.

o OSI consists of seven layers, and each layer performs a particular network function.

o OSI model was developed by the International Organization for Standardization (ISO) in 1984, and it is now considered as an architectural model for the inter-computer communications.

o OSI model divides the whole task into seven smaller and manageable tasks. Each layer is assigned a particular task.

o Each layer is self-contained, so that task assigned to each layer can be performed independently.

Characteristics of OSI Model:

o The OSI model is divided into two layers: upper layers and lower layers.

o The upper layer of the OSI model mainly deals with the application related issues, and they are implemented only in the software. The application layer is closest to the end user. Both the end user and the application layer interact with the software applications. An upper layer refers to the layer just above another layer.

o The lower layer of the OSI model deals with the data transport issues. The data link layer and the physical layer are implemented in hardware and software. The physical layer is the lowest layer of the OSI model and is closest to the physical medium. The physical layer is mainly responsible for placing the information on the physical medium.

Functions of the OSI Layers

Physical layer

The main functionality of the physical layer is to transmit the individual bits from one node to another node.

o It is the lowest layer of the OSI model.

o It establishes, maintains and deactivates the physical connection.

o It specifies the mechanical, electrical and procedural network interface specifications.

Functions of a Physical layer:

o Line Configuration: It defines the way how two or more devices can be connected physically.

o Data Transmission: It defines the transmission mode whether it is simplex, half-duplex or full-duplex mode between the two devices on the network.

o Topology: It defines the way how network devices are arranged.

o Signals: It determines the type of the signal used for transmitting the information.

Data-Link Layer

o This layer is responsible for the error-free transfer of data frames.

o It defines the format of the data on the network.

o It provides a reliable and efficient communication between two or more devices.

o It is mainly responsible for the unique identification of each device that resides on a local network.

o It contains two sub-layers:

o Logical Link Control Layer

o It is responsible for transferring the packets to the Network layer of the receiver that is receiving.

o It identifies the address of the network layer protocol from the header.

o It also provides flow control.

o Media Access Control Layer

o A Media access control layer is a link between the Logical Link Control layer and the network's physical layer.

o It is used for transferring the packets over the network.

Functions of the Data-link layer

o Framing: The data link layer translates the physical's raw bit stream into packets known as Frames. The Data link layer adds the header and trailer to the frame. The header which is added to the frame contains the hardware destination and source address.

o Physical Addressing: The Data link layer adds a header to the frame that contains a destination address. The frame is transmitted to the destination address mentioned in the header.

o Flow Control: Flow control is the main functionality of the Data-link layer. It is the technique through which the constant data rate is maintained on both the sides so that no data get corrupted. It ensures that the transmitting station such as a server with higher processing speed does not exceed the receiving station, with lower processing speed.

o Error Control: Error control is achieved by adding a calculated value CRC (Cyclic Redundancy Check) that is placed to the Data link layer's trailer which is added to the message frame before it is sent to the physical layer. If any error seems to occurr, then the receiver sends the acknowledgment for the retransmission of the corrupted frames.

o Access Control: When two or more devices are connected to the same communication channel, then the data link layer protocols are used to determine which device has control over the link at a given time.

Network Layer

o It is a layer 3 that manages device addressing, tracks the location of devices on the network.

o It determines the best path to move data from source to the destination based on the network conditions, the priority of service, and other factors.

o The Data link layer is responsible for routing and forwarding the packets.

o Routers are the layer 3 devices, they are specified in this layer and used to provide the routing services within an internetwork.

o The protocols used to route the network traffic are known as Network layer protocols. Examples of protocols are IP and Ipv6.

Functions of Network Layer:

o Internetworking: An internetworking is the main responsibility of the network layer. It provides a logical connection between different devices.

o Addressing: A Network layer adds the source and destination address to the header of the frame. Addressing is used to identify the device on the internet.

o Routing: Routing is the major component of the network layer, and it determines the best optimal path out of the multiple paths from source to the destination.

o Packetizing: A Network Layer receives the packets from the upper layer and converts them into packets. This process is known as Packetizing. It is achieved by internet protocol (IP).

Transport Layer

o The Transport layer is a Layer 4 ensures that messages are transmitted in the order in which they are sent and there is no duplication of data.

o The main responsibility of the transport layer is to transfer the data completely.

o It receives the data from the upper layer and converts them into smaller units known as segments.

o This layer can be termed as an end-to-end layer as it provides a point-to-point connection between source and destination to deliver the data reliably.

The two protocols used in this layer are:

o Transmission Control Protocol

o It is a standard protocol that allows the systems to communicate over the internet.

o It establishes and maintains a connection between hosts.

o When data is sent over the TCP connection, then the TCP protocol divides the data into smaller units known as segments. Each segment travels over the internet using multiple routes, and they arrive in different orders at the destination. The transmission control protocol reorders the packets in the correct order at the receiving end.

o User Datagram Protocol

o User Datagram Protocol is a transport layer protocol.

o It is an unreliable transport protocol as in this case receiver does not send any acknowledgment when the packet is received, the sender does not wait for any acknowledgment. Therefore, this makes a protocol unreliable.

Functions of Transport Layer:

o Service-point addressing: Computers run several programs simultaneously due to this reason, the transmission of data from source to the destination not only from one computer to another computer but also from one process to another process. The transport layer adds the header that contains the address known as a service-point address or port address. The responsibility of the network layer is to transmit the data from one computer to another computer and the responsibility of the transport layer is to transmit the message to the correct process.

o Segmentation and reassembly: When the transport layer receives the message from the upper layer, it divides the message into multiple segments, and each segment is assigned with a sequence number that uniquely identifies each segment. When the message has arrived at the destination, then the transport layer reassembles the message based on their sequence numbers.

o Connection control: Transport layer provides two services Connection-oriented service and connectionless service. A connectionless service treats each segment as an individual packet, and they all travel in different routes to reach the destination. A connection-oriented service makes a connection with the transport layer at the destination machine before delivering the packets. In connection-oriented service, all the packets travel in the single route.

o Flow control: The transport layer also responsible for flow control but it is performed end-to-end rather than across a single link.

o Error control: The transport layer is also responsible for Error control. Error control is performed end-to-end rather than across the single link. The sender transport layer ensures that message reach at the destination without any error.

Session Layer

o It is a layer 3 in the OSI model.

o The Session layer is used to establish, maintain and synchronizes the interaction between communicating devices.

Functions of Session layer:

o Dialog control: Session layer acts as a dialog controller that creates a dialog between two processes or we can say that it allows the communication between two processes which can be either half-duplex or full-duplex.

o Synchronization: Session layer adds some checkpoints when transmitting the data in a sequence. If some error occurs in the middle of the transmission of data, then the transmission will take place again from the checkpoint. This process is known as Synchronization and recovery.

Presentation Layer

o A Presentation layer is mainly concerned with the syntax and semantics of the information exchanged between the two systems.

o It acts as a data translator for a network.

o This layer is a part of the operating system that converts the data from one presentation format to another format.

o The Presentation layer is also known as the syntax layer.

Functions of Presentation layer:

o Translation: The processes in two systems exchange the information in the form of character strings, numbers and so on. Different computers use different encoding methods, the presentation layer handles the interoperability between the different encoding methods. It converts the data from sender-dependent format into a common format and changes the common format into receiver-dependent format at the receiving end.

o Encryption: Encryption is needed to maintain privacy. Encryption is a process of converting the sender-transmitted information into another form and sends the resulting message over the network.

o Compression: Data compression is a process of compressing the data, i.e., it reduces the number of bits to be transmitted. Data compression is very important in multimedia such as text, audio, video.

Application Layer

o An application layer serves as a window for users and application processes to access network service.

o It handles issues such as network transparency, resource allocation, etc.

o An application layer is not an application, but it performs the application layer functions.

o This layer provides the network services to the end-users.

Functions of Application layer:

o File transfer, access, and management (FTAM): An application layer allows a user to access the files in a remote computer, to retrieve the files from a computer and to manage the files in a remote computer.

o Mail services: An application layer provides the facility for email forwarding and storage.

o Directory services: An application provides the distributed database sources and is used to provide that global information about various objects.

What is Multiplexing?

Multiplexing is a technique used to combine and send the multiple data streams over a single medium. The process of combining the data streams is known as multiplexing and hardware used for multiplexing is known as a multiplexer.

Multiplexing is achieved by using a device called Multiplexer (MUX) that combines n input lines to generate a single output line. Multiplexing follows many-to-one, i.e., n input lines and one output line.

Demultiplexing is achieved by using a device called Demultiplexer (DEMUX) available at the receiving end. DEMUX separates a signal into its component signals (one input and n outputs). Therefore, we can say that demultiplexing follows the one-to-many approach.

Why Multiplexing?

o The transmission medium is used to send the signal from sender to receiver. The medium can only have one signal at a time.

o If there are multiple signals to share one medium, then the medium must be divided in such a way that each signal is given some portion of the available bandwidth. For example: If there are 10 signals and bandwidth of medium is100 units, then the 10 unit is shared by each signal.

o When multiple signals share the common medium, there is a possibility of collision. Multiplexing concept is used to avoid such collision.

o Transmission services are very expensive.

History of Multiplexing

o Multiplexing technique is widely used in telecommunications in which several telephone calls are carried through a single wire.

o Multiplexing originated in telegraphy in the early 1870s and is now widely used in communication.

o George Owen Squier developed the telephone carrier multiplexing in 1910.

Concept of Multiplexing

o The 'n' input lines are transmitted through a multiplexer and multiplexer combines the signals to form a composite signal.

o The composite signal is passed through a Demultiplexer and demultiplexer separates a signal to component signals and transfers them to their respective destinations.

Advantages of Multiplexing:

o More than one signal can be sent over a single medium.

o The bandwidth of a medium can be utilized effectively.

Data link layer

The Data Link Layer is responsible for transmission of data between two nodes. Its main functions are-

Data Link Control.

Multiple Access Control

Data Link control –

The data link control is responsible for reliable transmission of message over transmission channel by using techniques like framing, error control and flow control. For Data link control refer to – Stop and Wait ARQ

Multiple Access Control –

If there is a dedicated link between the sender and the receiver then data link control layer is sufficient, however if there is no dedicated link present then multiple stations can access the channel simultaneously. Hence multiple access protocols are required to decrease collision and avoid crosstalk. For example, in a classroom full of students, when a teacher asks a question and all the students (or stations) start answering simultaneously (send data at same time) then a lot of chaos is created( data overlap or data lost) then it is the job of the teacher (multiple access protocols) to manage the students and make them answer one at a time.

Thus, protocols are required for sharing data on non dedicated channels. Multiple access protocols can be subdivided further as –

Taxonomy of Multiple access protocols:

1. Random Access Protocol: In this, all stations have same superiority that is no station has more priority than another station. Any station can send data depending on medium’s state( idle or busy). It has two features:

There is no fixed time for sending data

There is no fixed sequence of stations sending data

The Random access protocols are further subdivided as:

(a) ALOHA – It was designed for wireless LAN but is also applicable for shared medium. In this, multiple stations can transmit data at the same time and can hence lead to collision and data being garbled.

Pure Aloha:

When a station sends data it waits for an acknowledgement. If the acknowledgement doesn’t come within the allotted time then the station waits for a random amount of time called back-off time (Tb) and re-sends the data. Since different stations wait for different amount of time, the probability of further collision decreases.

Vulnerable Time = 2* Frame transmission time

Throughput = G exp{-2*G}

Maximum throughput = 0.184 for G=0.5

Slotted Aloha:

It is similar to pure aloha, except that we divide time into slots and sending of data is allowed only at the beginning of these slots. If a station misses out the allowed time, it must wait for the next slot. This reduces the probability of collision.

Vulnerable Time = Frame transmission time

Throughput = G exp{-*G}

Maximum throughput = 0.368 for G=1

For more information on ALOHA refer – LAN Technologies

(b) CSMA – Carrier Sense Multiple Access ensures fewer collisions as the station is required to first sense the medium (for idle or busy) before transmitting data. If it is idle then it sends data, otherwise it waits till the channel becomes idle. However there is still chance of collision in CSMA due to propagation delay. For example, if station A wants to send data, it will first sense the medium.If it finds the channel idle, it will start sending data. However, by the time the first bit of data is transmitted (delayed due to propagation delay) from station A, if station B requests to send data and senses the medium it will also find it idle and will also send data. This will result in collision of data from station A and B.

There Are Three Different Type of CSMA Protocols

(I) I-persistent CSMA

(ii) Non- Persistent CSMA

(iii) p-persistent CSMA

1-persistent: The node senses the channel, if idle it sends the data, otherwise it continuously keeps on checking the medium for being idle and transmits unconditionally(with 1 probability) as soon as the channel gets idle.

Non-Persistent: The node senses the channel, if idle it sends the data, otherwise it checks the medium after a random amount of time (not continuously) and transmits when found idle.

p-persistent CSMA

•This method is used when channel has time slots such that the time slot duration is equal to or greater than the maximum propagation delay time.

• Whenever a station becomes ready to send, it senses the channel.

• If channel is busy, station waits until next slot.

• If channel is idle, it transmits with a probability p.

• With the probability q=l-p, the station then waits for the beginning of the next time slot.

• If the next slot is also idle, it either transmits or waits again with probabilities p and q.

• This process is repeated till either frame has been transmitted or another station has begun transmitting.

(c) CSMA/CD – Carrier sense multiple access with collision detection. Stations can terminate transmission of data if collision is detected. For more details refer – Efficiency of CSMA/CD

Frame format of CSMA/CD

The frame format specified by IEEE 802.3 standard contains following fields.

CSMA/CD Procedure:

(d) CSMA/CA – Carrier sense multiple access with collision avoidance. The process of collisions detection involves sender receiving acknowledgement signals. If there is just one signal(its own) then the data is successfully sent but if there are two signals(its own and the one with which it has collided) then it means a collision has occurred. To distinguish between these two cases, collision must have a lot of impact on received signal. However it is not so in wired networks, so CSMA/CA is used in this case.

CSMA/CA avoids collision by:

Interframe space – Station waits for medium to become idle and if found idle it does not immediately send data (to avoid collision due to propagation delay) rather it waits for a period of time called Interframe space or IFS. After this time it again checks the medium for being idle. The IFS duration depends on the priority of station.

Contention Window – It is the amount of time divided into slots. If the sender is ready to send data, it chooses a random number of slots as wait time which doubles every time medium is not found idle. If the medium is found busy it does not restart the entire process, rather it restarts the timer when the channel is found idle again.

Acknowledgement – The sender re-transmits the data if acknowledgement is not received before time-out.

2. Controlled Access:

In this, the data is sent by that station which is approved by all other stations.

3. Channelization:

In this, the available bandwidth of the link is shared in time, frequency and code to multiple stations to access channel simultaneously.

Frequency Division Multiple Access (FDMA) – The available bandwidth is divided into equal bands so that each station can be allocated its own band. Guard bands are also added so that no to bands overlap to avoid crosstalk and noise.

Time Division Multiple Access (TDMA) – In this, the bandwidth is shared between multiple stations. To avoid collision time is divided into slots and stations are allotted these slots to transmit data. However there is a overhead of synchronization as each station needs to know its time slot. This is resolved by adding synchronization bits to each slot. Another issue with TDMA is propagation delay which is resolved by addition of guard bands.

For more details refer – Circuit Switching

Code Division Multiple Access (CDMA) – One channel carries all transmissions simultaneously. There is neither division of bandwidth nor division of time. For example, if there are many people in a room all speaking at the same time, then also perfect reception of data is possible if only two person speak the same language. Similarly data from different stations can be transmitted simultaneously in different code languages.

Ethernet : IEEE 802.3 Local Area Network (LAN) Protocols : Ethernet protocols refer to the family of local-area network (LAN)covered by the IEEE 802.3. In the Ethernet standard, there are two modes of operation: half-duplex and full-duplex modes. In the half duplex mode, data are transmitted using the popular Carrier-Sense Multiple Access/Collision Detection (CSMA/CD) protocol on a shared medium.
The main disadvantages of the half-duplex are the efficiency and distance limitation, in which the link distance is limited by the minimum MAC frame size. This restriction reduces the efficiency drastically for high-rate transmission. Four data rates are currently defined for operation over optical fiber and twisted-pair cables :

10 Mbps -10Base-T Ethernet (IEEE 802.3)
100 Mbps - Fast Ethernet (IEEE 802.3u)
1000 Mbps - Gigabit Ethernet (IEEE 802.3z)
10-Gigabit - 10 Gbps Ethernet (IEEE 802.3ae).

Multiplexing Techniques

Multiplexing techniques can be classified as:

Frequency-division Multiplexing (FDM)

o It is an analog technique.

o Frequency Division Multiplexing is a technique in which the available bandwidth of a single transmission medium is subdivided into several channels.

o In the above diagram, a single transmission medium is subdivided into several frequency channels, and each frequency channel is given to different devices. Device 1 has a frequency channel of range from 1 to 5.

o The input signals are translated into frequency bands by using modulation techniques, and they are combined by a multiplexer to form a composite signal.

o The main aim of the FDM is to subdivide the available bandwidth into different frequency channels and allocate them to different devices.

o Using the modulation technique, the input signals are transmitted into frequency bands and then combined to form a composite signal.

o The carriers which are used for modulating the signals are known as sub-carriers. They are represented as f1,f2..fn.

o FDM is mainly used in radio broadcasts and TV networks.

Advantages Of FDM:

o FDM is used for analog signals.

o FDM process is very simple and easy modulation.

o A Large number of signals can be sent through an FDM simultaneously.

o It does not require any synchronization between sender and receiver.

Disadvantages Of FDM:

o FDM technique is used only when low-speed channels are required.

o It suffers the problem of crosstalk.

o A Large number of modulators are required.

o It requires a high bandwidth channel.

Applications Of FDM:

o FDM is commonly used in TV networks.

o It is used in FM and AM broadcasting. Each FM radio station has different frequencies, and they are multiplexed to form a composite signal. The multiplexed signal is transmitted in the air.

Wavelength Division Multiplexing (WDM)

Wavelength Division Multiplexing is same as FDM except that the optical signals are transmitted through the fibre optic cable.

o WDM is used on fibre optics to increase the capacity of a single fibre.

o It is used to utilize the high data rate capability of fibre optic cable.

o It is an analog multiplexing technique.

o Optical signals from different source are combined to form a wider band of light with the help of multiplexer.

o At the receiving end, demultiplexer separates the signals to transmit them to their respective destinations.

o Multiplexing and Demultiplexing can be achieved by using a prism.

o Prism can perform a role of multiplexer by combining the various optical signals to form a composite signal, and the composite signal is transmitted through a fibre optical cable.

o Prism also performs a reverse operation, i.e., demultiplexing the signal.

Time Division Multiplexing

o It is a digital technique.

o In Frequency Division Multiplexing Technique, all signals operate at the same time with different frequency, but in case of Time Division Multiplexing technique, all signals operate at the same frequency with different time.

o In Time Division Multiplexing technique, the total time available in the channel is distributed among different users. Therefore, each user is allocated with different time interval known as a Time slot at which data is to be transmitted by the sender.

o A user takes control of the channel for a fixed amount of time.

o In Time Division Multiplexing technique, data is not transmitted simultaneously rather the data is transmitted one-by-one.

o In TDM, the signal is transmitted in the form of frames. Frames contain a cycle of time slots in which each frame contains one or more slots dedicated to each user.

o It can be used to multiplex both digital and analog signals but mainly used to multiplex digital signals.

There are two types of TDM:

o Synchronous TDM

o Asynchronous TDM

Synchronous TDM

o A Synchronous TDM is a technique in which time slot is preassigned to every device.

o In Synchronous TDM, each device is given some time slot irrespective of the fact that the device contains the data or not.

o If the device does not have any data, then the slot will remain empty.

o In Synchronous TDM, signals are sent in the form of frames. Time slots are organized in the form of frames. If a device does not have data for a particular time slot, then the empty slot will be transmitted.

o The most popular Synchronous TDM are T-1 multiplexing, ISDN multiplexing, and SONET multiplexing.

o If there are n devices, then there are n slots.

Concept Of Synchronous TDM

In the above figure, the Synchronous TDM technique is implemented. Each device is allocated with some time slot. The time slots are transmitted irrespective of whether the sender has data to send or not.

Disadvantages Of Synchronous TDM:

o The capacity of the channel is not fully utilized as the empty slots are also transmitted which is having no data. In the above figure, the first frame is completely filled, but in the last two frames, some slots are empty. Therefore, we can say that the capacity of the channel is not utilized efficiently.

o The speed of the transmission medium should be greater than the total speed of the input lines. An alternative approach to the Synchronous TDM is Asynchronous Time Division Multiplexing.

Asynchronous TDM

o An asynchronous TDM is also known as Statistical TDM.

o An asynchronous TDM is a technique in which time slots are not fixed as in the case of Synchronous TDM. Time slots are allocated to only those devices which have the data to send. Therefore, we can say that Asynchronous Time Division multiplexor transmits only the data from active workstations.

o An asynchronous TDM technique dynamically allocates the time slots to the devices.

o In Asynchronous TDM, total speed of the input lines can be greater than the capacity of the channel.

o Asynchronous Time Division multiplexor accepts the incoming data streams and creates a frame that contains only data with no empty slots.

o In Asynchronous TDM, each slot contains an address part that identifies the source of the data.

o The difference between Asynchronous TDM and Synchronous TDM is that many slots in Synchronous TDM are unutilized, but in Asynchronous TDM, slots are fully utilized. This leads to the smaller transmission time and efficient utilization of the capacity of the channel.

o In Synchronous TDM, if there are n sending devices, then there are n time slots. In Asynchronous TDM, if there are n sending devices, then there are m time slots where m is less than n (m<n).

o The number of slots in a frame depends on the statistical analysis of the number of input lines.

Concept Of Asynchronous TDM

In the above diagram, there are 4 devices, but only two devices are sending the data, i.e., A and C. Therefore, the data of A and C are only transmitted through the transmission line.

Frame of above diagram can be represented as:

The above figure shows that the data part contains the address to determine the source of the data.

Switching

o When a user accesses the internet or another computer network outside their immediate location, messages are sent through the network of transmission media. This technique of transferring the information from one computer network to another network is known as switching.

o Switching in a computer network is achieved by using switches. A switch is a small hardware device which is used to join multiple computers together with one local area network (LAN).

o Network switches operate at layer 2 (Data link layer) in the OSI model.

o Switching is transparent to the user and does not require any configuration in the home network.

o Switches are used to forward the packets based on MAC addresses.

o A Switch is used to transfer the data only to the device that has been addressed. It verifies the destination address to route the packet appropriately.

o It is operated in full duplex mode.

o Packet collision is minimum as it directly communicates between source and destination.

o It does not broadcast the message as it works with limited bandwidth.

Why is Switching Concept required?

Switching concept is developed because of the following reasons:

o Bandwidth: It is defined as the maximum transfer rate of a cable. It is a very critical and expensive resource. Therefore, switching techniques are used for the effective utilization of the bandwidth of a network.

o Collision: Collision is the effect that occurs when more than one device transmits the message over the same physical media, and they collide with each other. To overcome this problem, switching technology is implemented so that packets do not collide with each other.

Advantages of Switching:

o Switch increases the bandwidth of the network.

o It reduces the workload on individual PCs as it sends the information to only that device which has been addressed.

o It increases the overall performance of the network by reducing the traffic on the network.

o There will be less frame collision as switch creates the collision domain for each connection.

Disadvantages of Switching:

o A Switch is more expensive than network bridges.

o A Switch cannot determine the network connectivity issues easily.

o Proper designing and configuration of the switch are required to handle multicast packets.

NIC

o NIC stands for network interface card.

o NIC is a hardware component used to connect a computer with another computer onto a network

o It can support a transfer rate of 10,100 to 1000 Mb/s.

o The MAC address or physical address is encoded on the network card chip which is assigned by the IEEE to identify a network card uniquely. The MAC address is stored in the PROM (Programmable read-only memory).

There are two types of NIC:

1. Wired NIC

2. Wireless NIC

Wired NIC: The Wired NIC is present inside the motherboard. Cables and connectors are used with wired NIC to transfer data.

Wireless NIC: The wireless NIC contains the antenna to obtain the connection over the wireless network. For example, laptop computer contains the wireless NIC.

Computer Network Types

A computer network is a group of computers linked to each other that enables the computer to communicate with another computer and share their resources, data, and applications.

A computer network can be categorized by their size. A computer network is mainly of four types:

o LAN(Local Area Network)

o PAN(Personal Area Network)

o MAN(Metropolitan Area Network)

o WAN(Wide Area Network)

Digital Signature

The Digital Signature is a technique which is used to validate the authenticity and integrity of the message. We know that there are four aspects of security: privacy, authentication, integrity, and non-repudiation. We have already discussed the first aspect of security and other three aspects can be achieved by using a digital signature.

The basic idea behind the Digital Signature is to sign a document. When we send a document electronically, we can also sign it. We can sign a document in two ways: to sign a whole document and to sign a digest.

Signing the Whole Document

o In Digital Signature, a public key encryption technique is used to sign a document. However, the roles of a public key and private key are different here. The sender uses a private key to encrypt the message while the receiver uses the public key of the sender to decrypt the message.

o In Digital Signature, the private key is used for encryption while the public key is used for decryption.

o Digital Signature cannot be achieved by using secret key encryption.

Digital Signature is used to achieve the following three aspects:

o Integrity: The Digital Signature preserves the integrity of a message because, if any malicious attack intercepts a message and partially or totally changes it, then the decrypted message would be impossible.

o Authentication: We can use the following reasoning to show how the message is authenticated. If an intruder (user X) sends a message pretending that it is coming from someone else (user A), user X uses her own private key to encrypt the message. The message is decrypted by using the public key of user A. Therefore this makes the message unreadable. Encryption with X's private key and decryption with A's public key results in garbage value.

o Non-Repudiation: Digital Signature also provides non-repudiation. If the sender denies sending the message, then her private key corresponding to her public key is tested on the plaintext. If the decrypted message is the same as the original message, then we know that the sender has sent the message.

PGP

o PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.

o PGP was designed to provide all four aspects of security, i.e., privacy, integrity, authentication, and non-repudiation in the sending of email.

o PGP uses a digital signature (a combination of hashing and public key encryption) to provide integrity, authentication, and non-repudiation. PGP uses a combination of secret key encryption and public key encryption to provide privacy. Therefore, we can say that the digital signature uses one hash function, one secret key, and two private-public key pairs.

Following are the steps taken by PGP to create secure e-mail at the sender site:

o The e-mail message is hashed by using a hashing function to create a digest.

o The digest is then encrypted to form a signed digest by using the sender's private key, and then signed digest is added to the original email message.

PGP at the Sender site (A)

PGP at the Receiver site (B)

Data Link Controls

Data Link Control is the service provided by the Data Link Layer to provide reliable data transfer over the physical medium. For example, In the half-duplex transmission mode, one device can only transmit the data at a time. If both the devices at the end of the links transmit the data simultaneously, they will collide and leads to the loss of the information. The Data link layer provides the coordination among the devices so that no collision occurs.

The Data link layer provides three functions:

o Line discipline

o Flow Control

o Error Control

Line Discipline

o Line Discipline is a functionality of the Data link layer that provides the coordination among the link systems. It determines which device can send, and when it can send the data.

Line Discipline can be achieved in two ways:

o ENQ/ACK

o Poll/select

END/ACK

END/ACK stands for Enquiry/Acknowledgement is used when there is no wrong receiver available on the link and having a dedicated path between the two devices so that the device capable of receiving the transmission is the intended one.

END/ACK coordinates which device will start the transmission and whether the recipient is ready or not.

Working of END/ACK

The transmitter transmits the frame called an Enquiry (ENQ) asking whether the receiver is available to receive the data or not.

The receiver responses either with the positive acknowledgement(ACK) or with the negative acknowledgement(NACK) where positive acknowledgement means that the receiver is ready to receive the transmission and negative acknowledgement means that the receiver is unable to accept the transmission.

Following are the responses of the receiver:

o If the response to the ENQ is positive, the sender will transmit its data, and once all of its data has been transmitted, the device finishes its transmission with an EOT (END-of-Transmission) frame.

o If the response to the ENQ is negative, then the sender disconnects and restarts the transmission at another time.

o If the response is neither negative nor positive, the sender assumes that the ENQ frame was lost during the transmission and makes three attempts to establish a link before giving up.

Poll/Select

The Poll/Select method of line discipline works with those topologies where one device is designated as a primary station, and other devices are secondary stations.

Working of Poll/Select

o In this, the primary device and multiple secondary devices consist of a single transmission line, and all the exchanges are made through the primary device even though the destination is a secondary device.

o The primary device has control over the communication link, and the secondary device follows the instructions of the primary device.

o The primary device determines which device is allowed to use the communication channel. Therefore, we can say that it is an initiator of the session.

o If the primary device wants to receive the data from the secondary device, it asks the secondary device that they anything to send, this process is known as polling.

o If the primary device wants to send some data to the secondary device, then it tells the target secondary to get ready to receive the data, this process is known as selecting.

Select

o The select mode is used when the primary device has something to send.

o When the primary device wants to send some data, then it alerts the secondary device for the upcoming transmission by transmitting a Select (SEL) frame, one field of the frame includes the address of the intended secondary device.

o When the secondary device receives the SEL frame, it sends an acknowledgement that indicates the secondary ready status.

o If the secondary device is ready to accept the data, then the primary device sends two or more data frames to the intended secondary device. Once the data has been transmitted, the secondary sends an acknowledgement specifies that the data has been received.

Poll

o The Poll mode is used when the primary device wants to receive some data from the secondary device.

o When a primary device wants to receive the data, then it asks each device whether it has anything to send.

o Firstly, the primary asks (poll) the first secondary device, if it responds with the NACK (Negative Acknowledgement) means that it has nothing to send. Now, it approaches the second secondary device, it responds with the ACK means that it has the data to send. The secondary device can send more than one frame one after another or sometimes it may be required to send ACK before sending each one, depending on the type of the protocol being used.

Flow Control

o It is a set of procedures that tells the sender how much data it can transmit before the data overwhelms the receiver.

o The receiving device has limited speed and limited memory to store the data. Therefore, the receiving device must be able to inform the sending device to stop the transmission temporarily before the limits are reached.

o It requires a buffer, a block of memory for storing the information until they are processed.

Two methods have been developed to control the flow of data:

o Stop-and-wait

o Sliding window

Stop-and-wait

o In the Stop-and-wait method, the sender waits for an acknowledgement after every frame it sends.

o When acknowledgement is received, then only next frame is sent. The process of alternately sending and waiting of a frame continues until the sender transmits the EOT (End of transmission) frame.

Advantage of Stop-and-wait

The Stop-and-wait method is simple as each frame is checked and acknowledged before the next frame is sent.

Disadvantage of Stop-and-wait

Stop-and-wait technique is inefficient to use as each frame must travel across all the way to the receiver, and an acknowledgement travels all the way before the next frame is sent. Each frame sent and received uses the entire time needed to traverse the link.

Sliding Window

o The Sliding Window is a method of flow control in which a sender can transmit the several frames before getting an acknowledgement.

o In Sliding Window Control, multiple frames can be sent one after the another due to which capacity of the communication channel can be utilized efficiently.

o A single ACK acknowledge multiple frames.

o Sliding Window refers to imaginary boxes at both the sender and receiver end.

o The window can hold the frames at either end, and it provides the upper limit on the number of frames that can be transmitted before the acknowledgement.

o Frames can be acknowledged even when the window is not completely filled.

o The window has a specific size in which they are numbered as modulo-n means that they are numbered from 0 to n-1. For example, if n = 8, the frames are numbered from 0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7,0,1........

o The size of the window is represented as n-1. Therefore, maximum n-1 frames can be sent before acknowledgement.

o When the receiver sends the ACK, it includes the number of the next frame that it wants to receive. For example, to acknowledge the string of frames ending with frame number 4, the receiver will send the ACK containing the number 5. When the sender sees the ACK with the number 5, it got to know that the frames from 0 through 4 have been received.

Sender Window

o At the beginning of a transmission, the sender window contains n-1 frames, and when they are sent out, the left boundary moves inward shrinking the size of the window. For example, if the size of the window is w if three frames are sent out, then the number of frames left out in the sender window is w-3.

o Once the ACK has arrived, then the sender window expands to the number which will be equal to the number of frames acknowledged by ACK.

o For example, the size of the window is 7, and if frames 0 through 4 have been sent out and no acknowledgement has arrived, then the sender window contains only two frames, i.e., 5 and 6. Now, if ACK has arrived with a number 4 which means that 0 through 3 frames have arrived undamaged and the sender window is expanded to include the next four frames. Therefore, the sender window contains six frames (5,6,7,0,1,2).

Receiver Window

o At the beginning of transmission, the receiver window does not contain n frames, but it contains n-1 spaces for frames.

o When the new frame arrives, the size of the window shrinks.

o The receiver window does not represent the number of frames received, but it represents the number of frames that can be received before an ACK is sent. For example, the size of the window is w, if three frames are received then the number of spaces available in the window is (w-3).

o Once the acknowledgement is sent, the receiver window expands by the number equal to the number of frames acknowledged.

o Suppose the size of the window is 7 means that the receiver window contains seven spaces for seven frames. If the one frame is received, then the receiver window shrinks and moving the boundary from 0 to 1. In this way, window shrinks one by one, so window now contains the six spaces. If frames from 0 through 4 have sent, then the window contains two spaces before an acknowledgement is sent.

Error Control

Error Control is a technique of error detection and retransmission.

Categories of Error Control:

Stop-and-wait ARQ

Stop-and-wait ARQ is a technique used to retransmit the data in case of damaged or lost frames.

This technique works on the principle that the sender will not transmit the next frame until it receives the acknowledgement of the last transmitted frame.

Four features are required for the retransmission:

o The sending device keeps a copy of the last transmitted frame until the acknowledgement is received. Keeping the copy allows the sender to retransmit the data if the frame is not received correctly.

o Both the data frames and the ACK frames are numbered alternately 0 and 1 so that they can be identified individually. Suppose data 1 frame acknowledges the data 0 frame means that the data 0 frame has been arrived correctly and expects to receive data 1 frame.

o If an error occurs in the last transmitted frame, then the receiver sends the NAK frame which is not numbered. On receiving the NAK frame, sender retransmits the data.

o It works with the timer. If the acknowledgement is not received within the allotted time, then the sender assumes that the frame is lost during the transmission, so it will retransmit the frame.

Two possibilities of the retransmission:

o Damaged Frame: When the receiver receives a damaged frame, i.e., the frame contains an error, then it returns the NAK frame. For example, when the data 0 frame is sent, and then the receiver sends the ACK 1 frame means that the data 0 has arrived correctly, and transmits the data 1 frame. The sender transmits the next frame: data 1. It reaches undamaged, and the receiver returns ACK 0. The sender transmits the next frame: data 0. The receiver reports an error and returns the NAK frame. The sender retransmits the data 0 frame.

o Lost Frame: Sender is equipped with the timer and starts when the frame is transmitted. Sometimes the frame has not arrived at the receiving end so that it can be acknowledged neither positively nor negatively. The sender waits for acknowledgement until the timer goes off. If the timer goes off, it retransmits the last transmitted frame.

Sliding Window ARQ

SlidingWindow ARQ is a technique used for continuous transmission error control.

Three Features used for retransmission:

o In this case, the sender keeps the copies of all the transmitted frames until they have been acknowledged. Suppose the frames from 0 through 4 have been transmitted, and the last acknowledgement was for frame 2, the sender has to keep the copies of frames 3 and 4 until they receive correctly.

o The receiver can send either NAK or ACK depending on the conditions. The NAK frame tells the sender that the data have been received damaged. Since the sliding window is a continuous transmission mechanism, both ACK and NAK must be numbered for the identification of a frame. The ACK frame consists of a number that represents the next frame which the receiver expects to receive. The NAK frame consists of a number that represents the damaged frame.

o The sliding window ARQ is equipped with the timer to handle the lost acknowledgements. Suppose then n-1 frames have been sent before receiving any acknowledgement. The sender waits for the acknowledgement, so it starts the timer and waits before sending any more. If the allotted time runs out, the sender retransmits one or all the frames depending upon the protocol used.

Two protocols used in sliding window ARQ:

o Go-Back-n ARQ: In Go-Back-N ARQ protocol, if one frame is lost or damaged, then it retransmits all the frames after which it does not receive the positive ACK.

Three possibilities can occur for retransmission:

o Damaged Frame: When the frame is damaged, then the receiver sends a NAK frame.

In the above figure, three frames have been transmitted before an error discovered in the third frame. In this case, ACK 2 has been returned telling that the frames 0,1 have been received successfully without any error. The receiver discovers the error in data 2 frame, so it returns the NAK 2 frame. The frame 3 is also discarded as it is transmitted after the damaged frame. Therefore, the sender retransmits the frames 2,3.

o Lost Data Frame: In Sliding window protocols, data frames are sent sequentially. If any of the frames is lost, then the next frame arrive at the receiver is out of sequence. The receiver checks the sequence number of each of the frame, discovers the frame that has been skipped, and returns the NAK for the missing frame. The sending device retransmits the frame indicated by NAK as well as the frames transmitted after the lost frame.

o Lost Acknowledgement: The sender can send as many frames as the windows allow before waiting for any acknowledgement. Once the limit of the window is reached, the sender has no more frames to send; it must wait for the acknowledgement. If the acknowledgement is lost, then the sender could wait forever. To avoid such situation, the sender is equipped with the timer that starts counting whenever the window capacity is reached. If the acknowledgement has not been received within the time limit, then the sender retransmits the frame since the last ACK.

Selective-Reject ARQ

o Selective-Reject ARQ technique is more efficient than Go-Back-n ARQ.

o In this technique, only those frames are retransmitted for which negative acknowledgement (NAK) has been received.

o The receiver storage buffer keeps all the damaged frames on hold until the frame in error is correctly received.

o The receiver must have an appropriate logic for reinserting the frames in a correct order.

o The sender must consist of a searching mechanism that selects only the requested frame for retransmission.

Error Detection

When data is transmitted from one device to another device, the system does not guarantee whether the data received by the device is identical to the data transmitted by another device. An Error is a situation when the message received at the receiver end is not identical to the message transmitted.

Types Of Errors

Single-Bit Error:

The only one bit of a given data unit is changed from 1 to 0 or from 0 to 1.

In the above figure, the message which is sent is corrupted as single-bit, i.e., 0 bit is changed to 1.

Single-Bit Error does not appear more likely in Serial Data Transmission. For example, Sender sends the data at 10 Mbps, this means that the bit lasts only for 1 ?s and for a single-bit error to occurred, a noise must be more than 1 ?s.

Single-Bit Error mainly occurs in Parallel Data Transmission. For example, if eight wires are used to send the eight bits of a byte, if one of the wire is noisy, then single-bit is corrupted per byte.

Burst Error:

The two or more bits are changed from 0 to 1 or from 1 to 0 is known as Burst Error.

The Burst Error is determined from the first corrupted bit to the last corrupted bit.

The duration of noise in Burst Error is more than the duration of noise in Single-Bit.

Burst Errors are most likely to occurr in Serial Data Transmission.

The number of affected bits depends on the duration of the noise and data rate.

Error Detecting Techniques:

The most popular Error Detecting Techniques are:

o Single parity check

o Two-dimensional parity check

o Checksum

o Cyclic redundancy check

Single Parity Check

o Single Parity checking is the simple mechanism and inexpensive to detect the errors.

o In this technique, a redundant bit is also known as a parity bit which is appended at the end of the data unit so that the number of 1s becomes even. Therefore, the total number of transmitted bits would be 9 bits.

o If the number of 1s bits is odd, then parity bit 1 is appended and if the number of 1s bits is even, then parity bit 0 is appended at the end of the data unit.

o At the receiving end, the parity bit is calculated from the received data bits and compared with the received parity bit.

o This technique generates the total number of 1s even, so it is known as even-parity checking.

Drawbacks Of Single Parity Checking

o It can only detect single-bit errors which are very rare.

o If two bits are interchanged, then it cannot detect the errors.

Two-Dimensional Parity Check

o Performance can be improved by using Two-Dimensional Parity Check which organizes the data in the form of a table.

o Parity check bits are computed for each row, which is equivalent to the single-parity check.

o In Two-Dimensional Parity check, a block of bits is divided into rows, and the redundant row of bits is added to the whole block.

o At the receiving end, the parity bits are compared with the parity bits computed from the received data.

Drawbacks Of 2D Parity Check

o If two bits in one data unit are corrupted and two bits exactly the same position in another data unit are also corrupted, then 2D Parity checker will not be able to detect the error.

o This technique cannot be used to detect the 4-bit errors or more in some cases.

Checksum

A Checksum is an error detection technique based on the concept of redundancy.

It is divided into two parts:

Checksum Generator

A Checksum is generated at the sending side. Checksum generator subdivides the data into equal segments of n bits each, and all these segments are added together by using one's complement arithmetic. The sum is complemented and appended to the original data, known as checksum field. The extended data is transmitted across the network.

Suppose L is the total sum of the data segments, then the checksum would be ?

1. The Sender follows the given steps:

2. The block unit is divided into k sections, and each of n bits.

3. All the k sections are added together by using one's complement to get the sum.

4. The sum is complemented and it becomes the checksum field.

5. The original data and checksum field are sent across the network.

Checksum Checker

A Checksum is verified at the receiving side. The receiver subdivides the incoming data into equal segments of n bits each, and all these segments are added together, and then this sum is complemented. If the complement of the sum is zero, then the data is accepted otherwise data is rejected.

1. The Receiver follows the given steps:

2. The block unit is divided into k sections and each of n bits.

3. All the k sections are added together by using one's complement algorithm to get the sum.

4. The sum is complemented.

5. If the result of the sum is zero, then the data is accepted otherwise the data is discarded.

Cyclic Redundancy Check (CRC)

CRC is a redundancy error technique used to determine the error.

Following are the steps used in CRC for error detection:

o In CRC technique, a string of n 0s is appended to the data unit, and this n number is less than the number of bits in a predetermined number, known as division which is n+1 bits.

o Secondly, the newly extended data is divided by a divisor using a process is known as binary division. The remainder generated from this division is known as CRC remainder.

o Thirdly, the CRC remainder replaces the appended 0s at the end of the original data. This newly generated unit is sent to the receiver.

o The receiver receives the data followed by the CRC remainder. The receiver will treat this whole unit as a single unit, and it is divided by the same divisor that was used to find the CRC remainder.

If the resultant of this division is zero which means that it has no error, and the data is accepted.

If the resultant of this division is not zero which means that the data consists of an error. Therefore, the data is discarded.

Let's understand this concept through an example:

Suppose the original data is 11100 and divisor is 1001.

CRC Generator

o A CRC generator uses a modulo-2 division. Firstly, three zeroes are appended at the end of the data as the length of the divisor is 4 and we know that the length of the string 0s to be appended is always one less than the length of the divisor.

o Now, the string becomes 11100000, and the resultant string is divided by the divisor 1001.

o The remainder generated from the binary division is known as CRC remainder. The generated value of the CRC remainder is 111.

o CRC remainder replaces the appended string of 0s at the end of the data unit, and the final string would be 11100111 which is sent across the network.

CRC Checker

o The functionality of the CRC checker is similar to the CRC generator.

o When the string 11100111 is received at the receiving end, then CRC checker performs the modulo-2 division.

o A string is divided by the same divisor, i.e., 1001.

o In this case, CRC checker generates the remainder of zero. Therefore, the data is accepted.

Error Correction

Error Correction codes are used to detect and correct the errors when data is transmitted from the sender to the receiver.

Error Correction can be handled in two ways:

o Backward error correction: Once the error is discovered, the receiver requests the sender to retransmit the entire data unit.

o Forward error correction: In this case, the receiver uses the error-correcting code which automatically corrects the errors.

A single additional bit can detect the error, but cannot correct it.

For correcting the errors, one has to know the exact position of the error. For example, If we want to calculate a single-bit error, the error correction code will determine which one of seven bits is in error. To achieve this, we have to add some additional redundant bits.

Suppose r is the number of redundant bits and d is the total number of the data bits. The number of redundant bits r can be calculated by using the formula:

2^r>=d+r+1

The value of r is calculated by using the above formula. For example, if the value of d is 4, then the possible smallest value that satisfies the above relation would be 3.

To determine the position of the bit which is in error, a technique developed by R.W Hamming is Hamming code which can be applied to any length of the data unit and uses the relationship between data units and redundant units.

Hamming Code

Parity bits: The bit which is appended to the original data of binary bits so that the total number of 1s is even or odd.

Even parity: To check for even parity, if the total number of 1s is even, then the value of the parity bit is 0. If the total number of 1s occurrences is odd, then the value of the parity bit is 1.

Odd Parity: To check for odd parity, if the total number of 1s is even, then the value of parity bit is 1. If the total number of 1s is odd, then the value of parity bit is 0.

Algorithm of Hamming code:

o An information of 'd' bits are added to the redundant bits 'r' to form d+r.

o The location of each of the (d+r) digits is assigned a decimal value.

o The 'r' bits are placed in the positions 1,2,.....2^k-1.

o At the receiving end, the parity bits are recalculated. The decimal value of the parity bits determines the position of an error.

Relationship b/w Error position & binary number.

Let's understand the concept of Hamming code through an example:

Suppose the original data is 1010 which is to be sent.

Total number of data bits 'd' = 4

Number of redundant bits r : 2^r>= d+r+1

                           2^r>= 4+r+1

Therefore, the value of r is 3 that satisfies the above relation.

Total number of bits = d+r = 4+3 = 7;

Determining the position of the redundant bits

The number of redundant bits is 3. The three bits are represented by r1, r2, r4. The position of the redundant bits is calculated with corresponds to the raised power of 2. Therefore, their corresponding positions are 1, 2¹, 2².

1. The position of r1 = 1

2. The position of r2 = 2

3. The position of r4 = 4

Representation of Data on the addition of parity bits:

Determining the Parity bits

Determining the r1 bit

The r1 bit is calculated by performing a parity check on the bit positions whose binary representation includes 1 in the first position.

We observe from the above figure that the bit positions that includes 1 in the first position are 1, 3, 5, 7. Now, we perform the even-parity check at these bit positions. The total number of 1 at these bit positions corresponding to r1 is even, therefore, the value of the r1 bit is 0.

Determining r2 bit

The r2 bit is calculated by performing a parity check on the bit positions whose binary representation includes 1 in the second position.

We observe from the above figure that the bit positions that includes 1 in the second position are 2, 3, 6, 7. Now, we perform the even-parity check at these bit positions. The total number of 1 at these bit positions corresponding to r2 is odd, therefore, the value of the r2 bit is 1.

Determining r4 bit

The r4 bit is calculated by performing a parity check on the bit positions whose binary representation includes 1 in the third position.

We observe from the above figure that the bit positions that includes 1 in the third position are 4, 5, 6, 7. Now, we perform the even-parity check at these bit positions. The total number of 1 at these bit positions corresponding to r4 is even, therefore, the value of the r4 bit is 0.

Data transferred is given below:

Suppose the 4^th bit is changed from 0 to 1 at the receiving end, then parity bits are recalculated.

R1 bit

The bit positions of the r1 bit are 1,3,5,7

We observe from the above figure that the binary representation of r1 is 1100. Now, we perform the even-parity check, the total number of 1s appearing in the r1 bit is an even number. Therefore, the value of r1 is 0.

R2 bit

The bit positions of r2 bit are 2,3,6,7.

We observe from the above figure that the binary representation of r2 is 1001. Now, we perform the even-parity check, the total number of 1s appearing in the r2 bit is an even number. Therefore, the value of r2 is 0.

R4 bit

The bit positions of r4 bit are 4,5,6,7.

We observe from the above figure that the binary representation of r4 is 1011. Now, we perform the even-parity check, the total number of 1s appearing in the r4 bit is an odd number. Therefore, the value of r4 is 1.

Basic Network Attacks

Many people rely on the Internet for many of their professional, social and personal activities. But there are also people who attempt to damage our Internet-connected computers, violate our privacy and render inoperable the Internet services.

Given the frequency and variety of existing attacks as well as the threat of new and more destructive future attacks, network security has become a central topic in the field of computer networking.

How are computer networks vulnerable? What are some of the more prevalent types of attacks today?

Malware – short for malicious software which is specifically designed to disrupt, damage, or gain authorized access to a computer system. Much of the malware out there today is self-replicating: once it infects one host, from that host it seeks entry into other hosts over the Internet, and from the newly infected hosts, it seeks entry into yet more hosts. In this manner, self-replicating malware can spread exponentially fast.

Virus – A malware which requires some form of user’s interaction to infect the user’s device. The classic example is an e-mail attachment containing malicious executable code. If a user receives and opens such an attachment, the user inadvertently runs the malware on the device.

Worm – A malware which can enter a device without any explicit user interaction. For example, a user may be running a vulnerable network application to which an attacker can send malware. In some cases, without any user intervention, the application may accept the malware from the Internet and run it, creating a worm.

Botnet – A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g. to send spam.

DoS (Denial of Service) – A DoS attack renders a network, host, or other pieces of infrastructure unusable by legitimate users. Most Internet DoS attacks fall into one of three categories :

• Vulnerability attack: This involves sending a few well-crafted messages to a vulnerable application or operating system running on a targeted host. If the right sequence of packets is sent to a vulnerable application or operating system, the service can stop or, worse, the host can crash.

• Bandwidth flooding: The attacker sends a deluge of packets to the targeted host—so many packets that the target’s access link becomes clogged, preventing legitimate packets from reaching the server.

• Connection flooding: The attacker establishes a large number of half-open or fully open TCP connections at the target host. The host can become so bogged down with these bogus connections that it stops accepting legitimate connections.

DDoS (Distributed DoS) – DDoS is a type of DOS attack where multiple compromised systems, are used to target a single system causing a Denial of Service (DoS) attack. DDoS attacks leveraging botnets with thousands of comprised hosts are a common occurrence today. DDoS attacks are much harder to detect and defend against than a DoS attack from a single host.

Packet sniffer – A passive receiver that records a copy of every packet that flies by is called a packet sniffer. By placing a passive receiver in the vicinity of the wireless transmitter, that receiver can obtain a copy of every packet that is transmitted! These packets can contain all kinds of sensitive information, including passwords, social security numbers, trade secrets, and private personal messages. some of the best defenses against packet sniffing involve cryptography.

IP Spoofing – The ability to inject packets into the Internet with a false source address is known as IP spoofing, and is but one of many ways in which one user can masquerade as another user. To solve this problem, we will need end-point authentication, that is, a mechanism that will allow us to determine with certainty if a message originates from where we think it does.

Man-in-the-Middle Attack – As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data.

Compromised-Key Attack – A key is a secret code or number necessary to interpret secured information. Although obtaining a key is a difficult and resource-intensive process for an attacker, it is possible. After an attacker obtains a key, that key is referred to as a compromised key. An attacker uses the compromised key to gain access to a secured communication without the sender or receiver being aware of the attack.

Phishing – The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

DNS spoofing – Also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver’s cache, causing the name server to return an incorrect IP address.

What is virus?

A computer virus is a malicious program that self-replicates by copying itself to another program. In other words, the computer virus spreads by itself into other executable code or documents.

Types of Viruses

A virus is a fragment of code embedded in a legitimate program. Virus are self-replicating and are designed to infect other programs. They can wreak havoc in a system by modifying or destroying files causing system crashes and program malfunctions. On reaching the target machine a virus dropper(usually trojan horse) inserts the virus into the system.

Various types of virus :

File Virus : This type of virus infects the system by appending itself to the end of a file. It changes the start of a program so that the control jumps to its code. After the execution of its code, the control returns back to the main program. Its execution is not even noticed. It is also called Parasitic virus because it leaves no file intact but also leaves the host functional.

Boot sector Virus : It infects the boot sector of the system, executing every time system is booted and before operating system is loaded. It infects other bootable media like floppy disks. These are also known as memory virus as they do not infect file system.

boot sector virus flowchart

Macro Virus : Unlike most virus which are written in low-level language(like C or assembly language), these are written in high-level language like Visual Basic. These viruses are triggered when a program capable of executing a macro is run. For example, macro virus can be contained in spreadsheet files.

Source code Virus : It looks for source code and modifies it to include virus and to help spread it.

Polymorphic Virus : A virus signature is a pattern that can identify a virus(a series of bytes that make up virus code). So in order to avoid detection by antivirus a polymorphic virus changes each time it is installed. The functionality of virus remains same but its signature is changed.

Encrypted Virus : In order to avoid detection by antivirus, this type of virus exists in encrypted form. It carries a decryption algorithm along with it. So the virus first decrypts and then executes.

Stealth Virus : It is a very tricky virus as it changes the code that can be used to detect it. Hence, the detection of virus becomes very difficult. For example, it can change the read system call such that whenever user asks to read a code modified by virus, the original form of code is shown rather than infected code.

Tunneling Virus : This virus attempts to bypass detection by antivirus scanner by installing itself in the interrupt handler chain. Interception programs, which remain in the background of an operating system and catch viruses, become disabled during the course of a tunneling virus. Similar viruses install themselves in device drivers.

Multipartite Virus : This type of virus is able to infect multiple parts of a system including boot sector,memory and files. This makes it difficult to detect and contain.

Armored Virus : An armored virus is coded to make it difficult for antivirus to unravel and understand. It uses a variety of techniques to do so like fooling antivirus to believe that it lies somewhere else than its real location or using compression to complicate its code.

System security

Prerequisite – Basic Network Attacks, Types of Viruses

Security of a computer system is a crucial task. It is a process of ensuring confidentiality and integrity of the OS.

A system is said to be secure if its resources are used and accessed as intended under all the circumstances, but no system can guarantee absolute security from several of the various malicious threats and unauthorized access.

Security of a system can be threatened via two violations:

Threat: A program which has the potential to cause serious damage to the system.

Attack: An attempt to break security and make unauthorized use of an asset.

Security can be compromised via any of the breaches mentioned:

Breach of confidentiality: This type of violation involves the unauthorized reading of data.

Breach of integrity: This violation involves unauthorized modification of data.

Breach of availability: It involves an unauthorized destruction of data.

Theft of service: It involves an unauthorized use of resources.

Denial of service: It involves preventing legitimate use of the system. As mentioned before, such attacks can be accidental in nature.

Security System Goals –

Henceforth, based on the above breaches, the following security goals are aimed:

Integrity:

The objects in the system mustn’t be accessed by any unauthorized user & any user not having sufficient rights should not be allowed to modify the important system files and resources.

Secrecy:

The objects of the system must be accessible only to a limited number of authorized users. Not everyone should be able to view the system files.

Availability:

All the resources of the system must be accessible to all the authorized users i.e only one user/process should not have the right to hog all the system resources. If such kind of situation occurs, denial of service could happen. In this kind of situation, a malware might hog the resources for itself & thus preventing the legitimate processes from accessing the system resources.

Threats can be classified into the following two categories:

Program Threats:

A program written by a cracker to hijack the security or to change the behaviour of a normal process.

System Threats:

These threats involve the abuse of system services. They strive to create a situation in which operating-system resources and user files are misused. They are also used as a medium to launch program threats.

Types of Program Threats –

Virus:

An infamous threat, known most widely. It is a self-replicating and a malicious thread which attaches itself to a system file and then rapidly replicates itself, modifying and destroying essential files leading to a system breakdown.

Further, Types of computer viruses can be described briefly as follows:

– file/parasitic – appends itself to a file

– boot/memory – infects the boot sector

– macro – written in a high-level language like VB and affects MS Office files

– source code – searches and modifies source codes

– polymorphic – changes in copying each time

– encrypted – encrypted virus + decrypting code

– tunneling – installs itself in the interrupt service routines and device drivers

– multipartite – infects multiple parts of the system

Trojan Horse:

A code segment that misuses its environment is called a Trojan Horse. They seem to be attractive and harmless cover program but are a really harmful hidden program which can be used as the virus carrier. In one of the versions of Trojan, User is fooled to enter its confidential login details on an application. Those details are stolen by a login emulator and can be further used as a way of information breaches.

Trap Door:

The designer of a program or system might leave a hole in the software that only he is capable of using, the Trap Door works on the similar principles. Trap Doors are quite difficult to detect as to analyze them, one needs to go through the source code of all the components of the system.

Logic Bomb:

A program that initiates a security attack only under a specific situation.

Types of System Threats –

Aside from the program threats, various system threats are also endangering the security of our system:

Worm:

An infection program which spreads through networks. Unlike a virus, they target mainly LANs. A computer affected by a worm attacks the target system and writes a small program “hook” on it. This hook is further used to copy the worm to the target computer. This process repeats recursively, and soon enough all the systems of the LAN are affected. It uses the spawn mechanism to duplicate itself. The worm spawns copies of itself, using up a majority of system resources and also locking out all other processes.

Port Scanning:

It is a means by which the cracker identifies the vulnerabilities of the system to attack. It is an automated process which involves creating a TCP/IP connection to a specific port. To protect the identity of the attacker, port scanning attacks are launched from Zombie Systems, that is systems which were previously independent systems that are also serving their owners while being used for such notorious purposes.

Denial of Service:

Such attacks aren’t aimed for the purpose of collecting information or destroying system files. Rather, they are used for disrupting the legitimate use of a system or facility.

These attacks are generally network based. They fall into two categories:

– Attacks in this first category use so many system resources that no useful work can be performed.

For example, downloading a file from a website that proceeds to use all available CPU time.

– Attacks in the second category involves disrupting the network of the facility. These attacks are a result of the abuse of some fundamental TCP/IP principles.

fundamental functionality of TCP/IP.

Security Measures Taken –

To protect the system, Security measures can be taken at the following levels:

Physical:

The sites containing computer systems must be physically secured against armed and malicious intruders. The workstations must be carefully protected.

Human:

Only appropriate users must have the authorization to access the system. Phishing(collecting confidential information) and Dumpster Diving(collecting basic information so as to gain unauthorized access) must be avoided.

Operating system:

The system must protect itself from accidental or purposeful security breaches.

Networking System:

Almost all of the information is shared between different systems via a network. Intercepting these data could be just as harmful as breaking into a computer. Henceforth, Network should be properly secured against such attackss.

DNS, Cache why DNS is needed? [BWDB-2018]

** Difference between DNS server and DNS cache. What is the important of DNS cache in World wide web?

DNS server

A DNS server is a type of name server that manages, maintains and processes Internet domain names and their associated records. In other words, a DNS server is the primary component that implements the DNS (Domain Name System) protocol and provisions domain name resolution services to Web hosts and clients on an IP-based network.

What Is DNS Cache?

DNS cache refers to the temporary storage of information about previous DNS lookups on a machine’s OS or web browser. Keeping a local copy of a DNS lookup allows your OS or browser to quickly retrieve it and thus a website’s URL can be resolved to its corresponding IP much more efficiently. The basic function of different cache types is all more or less the same. However, if you need a more comprehensive explanation of cache, check out our cache definition article.

What is non repudiation in network security? [Bangladesh Water Devolapment Board-2018]

What is non-repudiation in network security

Network security is generally responsible for ensuring that electronic communications are Valid and authentic between two parties. No repudiation is the assurance that someone cannot deny something. Typically,1Non repudiation refers to the ability to ensure that a party to a contract or a communication can not deny the authenticity of their signature on document or the sending of a message that they originated.

Non-repudiation does not allow the sender or receiver of a1 message to refuse the claim of not sending or receiving that message.

Network Given an IP address is 240.133.10.2018.Find out network address, number of host and subnetmask. [Bangladesh Water Devolapment Board-2018]

1. NetworkAddress: 240.0.0.0

2. Sub netmask: 255.0.0.0

3. No of subnet=2^0=1

4. No of host=1*2^24

OSI Model, Which layer is responsible for Routing? [Bangladesh Water Devolapment Board-2018]

Which OSI layer is responsible for routing between networks?

A.Network

B.Transport

C.Physical

D.Data Link

Answer: A

The Network Layer is responsible for routing between networks

Why Binary Logic is used in computer/dogotal system [Bangladesh Water Devolapment Board-2018]

Binary is much easier to do math in than normal numbers because you only are using two symbols 1 and 0 instead of ten symbols: 0, 1, 2,3,4,5,6,7,8 and 9. Digital systems are nothing but a device which executes instruction. By using binary logic, it is easy for instructor and device to instruct and executes instruction. By using binary logic, it is easy for instuctor and device to instruct and executes instructions. Technically, Computes use binary because they can only read and store an on or off charge. So, using 0 as "off" and 1 as "on" We can use numbers in electrical wiring. A single switch can be on or off, enabling the storage of 1 bit of information. This is the key reason why binary is used in digital systems.

What is OSI model? Which layers are important for data transfer and user interaction? [Bangladesh Water Devolapment Board-2018]

Answer:

The Open Systems Interconnection model (OSImodel) is a conceptual model that characterises and standardises the communication functions of a telecommunication or computing system without regard to its underlying internal structure and technology.There are seven layers in OSI model.

Layer7: The application layer

Layer6: The presentation layer

Layer5: The session layer.

Layer 4: The transport layer

Layer3: The network layer

Layer2: The data-link layer

Layer1: The physical layer.

From all the layers, application layeris responsible for user interactions and datalinklayeris

Responsible for data transfer between connected nodes.

Bit of MAC IP address. [AME Bangladesh Bank-2017]

MAC, Media Access Control, address is a globally unique identifier assigned to network devices, and therefore it is often referred to as hardware or physicaladdress. MAC addresses are 6-byte (48-bits) in length, and are written in MM:MM:MM:SS:SS:SS format

If 24 bit network address then what is the number of usable host address.

What is used for remote login?[AME Bangladesh Bank-2017]

Secure Shell (SSH), another remote login protocol, is based on UNIX programs.SSH uses TCP for communications but is more powerful and flexible than TELNETand allows the user to more easily execute a single command on a remote client.SSH has the following advantages over TELNET.

Class Starting IP Address Ending IP Address # of Hosts

A 10.0.0.0 10.255.255.255 16,777,216

B 172.16.0.0 172.31.255.255 1,048,576

C 192.168.0.0 192.168.255.255 65,536

Private networks can use IP addresses anywhere in the following ranges:

C 192.168.0.0/24 - 192.168.255.255/24 (65,536 IP addresses)

B 172.16.0.0/16 - 172.31.255.255/24 (1,048,576 IP addresses)

A 10.0.0.0/8 - 10.255.255.255/8 (16,777,216 IP addresses)

Public ip address

40.X.X.X example 40.30.20.10

Public ip address assign by company.

Public IP address

Class	Starting to	Ending to
Class - A	1.0.0.0/8	9.255.255.255/8
Class - A	11.0.0.0/8	126.255.255.255/8
Class-B	128.0.0.0/16	172.15.255.255
Class-B	172.32.0.0/16	191.255.255.255
Class-C	192.0.0.0	192.167.255.255
Class-C	192.169.0.0	223.255.255.255

Can a Private Ip Address Connect to the Internet?

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. Instead, access to such devices must be brokered by a router or similar device that supports Network Address Translation (NAT). NAT hides the private IP numbers but can selectively transfer messages to these devices, affording a layer of security to the local network.

Standards groups created private IP addressing to prevent a shortage of public IP addresses available to Internet service providers and subscribers.

In ipv6 no need network address translation (NAT).

MAC Address – How to get MAC address from windows OS?

Windows NT, 2000, XP, Vista, Windows 7

1. Click Start then Run (in Windows 7, Start and type in the Search Programs and Files box.)

2. Enter: cmd

3. Enter: ipconfig /all
If the output scrolls off your screen, and it will on Vista and Windows 7, use: ipconfig /all | more

4. The Physical Address is your MAC address; it will look like 00-15-E9-2B-99-3C. You will have a physical address for each network connection that you have.

The is the ipconfig output on Windows XP. My XP computer has two network connections -- an ethernet connection, labeled Local Area Connection, and a wireless connection, labeled Wireless Network Connection (the wireless connection isn't currently set up).

How to Determine the Broadcast Address and Network address for your Network? Suppose u IP address is 192.168.100.4/24 Subnet mask 255.255.255.0/24

Convert binary 11000000.10101000.011000100.0000100

Subnet binary 11111111.11111111.11111111.00000000

Remain class ip 192.168.100.X but last octed would be different. 11111111

That means broadcast ip will be 192.168.100.255/24

Broadcast address = network portion as it is and host portion will be 1.

Network address = network portion as it is and host portion will be 0

So Network address for the given IP address is = 192.168.100.0/24

Subnetting is dividing the network into smaller network groups and by doing this, using the IP Address Block more efficient.

For Subnetting, Subnet Masks are used. Subnets masks are 32 bit addresses like IP Addresses. Subnet Masks are used with IP Addresses. The 1s represents the network parts, and 0s represents the host parts.

We can show Subnet Masks with four octets like IP addresses (255.255.255.0) or we can show it like /X . Here, for the 255.255.255.0 Subnet Mask, we can use /24. This means that the first 24 bit is full of 1s and it is network part.

In Subnetting, there are two important terms. These are :

CIDR (Classless Inter Domain Routing)
VLSM (Variable Lenght Subnet Mask)

CIDR (Classless Inter Domain Routing) is the term that is used for using IP addresses independent from their traditional IP Classes. In other words, CIDR is using IP addresses without classes.

VLSM (Variable Lenght Subnet Mask) is the term that is used for using different Subnet Mask for different sun networks. In aother words, it is the mechanism that allows different Subnet Masks and provide division of a network into sub networks. It is like Subnet of subnets.

Special Subnets

In Subnetting some Subnet Masks are used specifically sometimes. These are /24, /30, /31/ and /32.

• /24 is the Subnet Mask that is usually used in the local networks by default.
• /32 is the Subnet Mask used generally on Loopback and System interfaces.
• /31 is the Subnet Mask used on point-to-point links.
• /30 is also widely used in Service Provider Networks for point-to-point connections.

Loopback Interface is the “virtual” interfaces. There can be many Loopback interfaces in a Router. Loopback Interfaces are used for its “always up and never physically down” characteristics generally. We give these Loopback Interfaces a /32 Loopback IP address.

In class A, B and C: -

· First 8, 16 and 24 bits are reserved for network portion respectively.

· Last 2 bits (31 & 32) are reserved for host portion.

Reserved network bits and host bits cannot be used in Subnetting.

After excluding reserved network bits and host bits, remaining bits are considered as Subnetting eligible host bits.

How to determine the number of subnets and the number of hosts per subnet

Two formulas can provide this basic information:

Number of subnets = 2^s (Second subnet formula: Number of subnets = 2^s - 2)

Number of hosts per subnet = 2^h - 2

Both formulas calculate the number of hosts or subnets based on the number of binary bits used. For example if you borrow three bits from the host portion of the address use the number of subnets formula to determine the total number of subnets gained by borrowing the three bits. This would be 2 or 2 x 2 x 2 = 8 subnets

To determine the number of hosts per subnet you would take the number of binary bits used in the host portion and apply this to the number of hosts per subnet formula If five bits are in the host portion of the address this would be 2 or 2 x 2 x 2 x 2 x 2 = 32 hosts.

begin with the bigest network. If biggest network host need 6 bits remining 2 bits would be number of subnet.

Subnetting Example 4

In this example, we will see our network’s needs and according to these needs, we will determine our IP Address Prefixes.

We will use the below topology. And we have given 192.168.1.0/24 IP Address.

As you can see, in this topology, there are four subnets and each subnets host address need is also given.

Subnet1 = 28hosts
Subnet2 = 52 hosts
Subnet3 = 15 hosts
Subnet4 = 5 hosts

First of all we have to arrange in decending order according to hosts address.

To overcome this Subnetting issue, firstly we determine the host bits for each subnet.

Subnet2 = 52 hosts we need 6 host bits 2^6=64 addresses

Subnet1 = 28hosts    we need 5 host bits 2^5=32 addresses
Subnet3 = 15 hosts   We need 5 hosts bits 2^5=32 addresses
Subnet4 = 5 hosts     we need 3 host bits 2^3=8 addresses

For the second subnet; we need 6 host bits. With 6 bits we can have 2^6=64 addresses. This means that there are 64-2 usable host addresses.

For the first subnet; we need 5 host bits.With 5 bits we can have 2^5=32 addresses. This means that there are 32-2=30 usable host addresses.

For the third subnet; we need 5 host bits. With 5 bits we can have 2^5=32 addresses. You can think that we can use 2^4=16 address. But we can not. Because, one of the address is used for broadcast address and the other is for network address.This means that there are 14 usable addresses.

For the fourth subnet; we need 3 host bits. With 3 bits we can have 2^3=8 addresses. This means that there are 8-2=6 usable host addresses.

Now let’s pick it up.

For second subnet, our Subnet Mask will be /26 (26 network bits and 6 host bits. 6+26=32)
For first subnet, our Subnet Mask will be /27 (27 network bits and 5 host bits. 5+27=32)

For third subnet, our Subnet Mask will be /27 (27 network bits and 5 host bits. 5+27=32)
For fourth subnet, our Subnet Mask will be /29 (29 network bits and 3 host bits. 3+29=32)

Here, the router interfaces will also need IP address. So, for each subnet, one IP address will be go to the Router interface.

Remember, we have given an IP address 192.168.1.0/24. Let’s divide this Prefix accourding to the above values.

Let’s begin with the bigest network. If we use /26 with 192.168.1.0 like 192.168.1.0/26, then we will have 4 subnets. Like 192.168.1.00/000000/26, 192.168.1.01/000000/26, 192.168.1.10/000000/26, 192.168.1.11/000000/26, The given Subnet was 24 and our new subnet is 26. 26-24=2 and 2^2=4 subnets.

192.168.1.0/26                      192.168.1.00/000000/26
192.168.1.64/26                    192.168.1.01/000000/26
192.168.1.128/26                  192.168.1.10/000000/26
192.168.1.192/26                  192.168.1.11/000000/26

We will use the first one for the Subnet 2. (192.168.1.0/26)

Now, for the first and third subnet, let’s use the second block (192.168.1.64/26) and divide it again.If we divide it by borrowing a bit again, then we will have two subnets.

192.168.1.64/27 192.168.1.01/0/00000/27 01000000=64
192.168.1.96/27 192.168.1.01/1/00000/27 01100000=96

We can use these two Prefixes for first and second subnet.

And lastly, for the small subnet, we can use the above thirt block (192.168.10.128/26). We will divide it again.Because we need only 5 host address.

When we divide again, we will have the below small subnets, and we can use the first one for our fourth and last Subnet.

192.168.1.128/29                  192.168.1.10/000/000
192.168.1.136/29                  192.168.1.10/001/000
192.168.1.144/29                  192.168.1.10/010/000
192.168.1.152/29                  192.168.1.10/011/000
192.168.1.160/29                  192.168.1.10/100/000
192.168.1.168/29                  192.168.1.10/101/000
192.168.1.176/29                  192.168.1.10/110/000
192.168.1.184/29                  192.168.1.10/111/000

As you can see, with this Subnetting, we have used our IP Block very efficiently. The unused remainning blocks can be used in the future. What are these remainning blocks let’s remember. The remainning blocks are the last block of /26 subnets that is 192.168.1.11/000000/26 and the last 7 block of /29 those are 192.168.1.10001000-192.168.1.10111000= 7subnets.

At the end our subnets will be like below:

192.168.1.0/26          subnet2
192.168.1.64/27        subnet1
192.168.1.96/27        subnet3
192.168.1.128/29      subnet4

This is VLSM (Variable Lenght Subnet Mask). Its meaning is using subnet of subnets or dividing a network into smaller network with using diffeent subnet masks.

What is the benefit of using subnetting?

Think about 172.16.100.0/24 prefix and 172.16.100.0/28 prefix.

if we use a given address with a higher Subnet Mask value like given in the second example, we will have more networks. In other words, we can divide the network into smaller pieces. So, we will not waste the IP Addresses. Smaller networks that has few hosts do not need more addresses. With Subnetting, using a small network with few host addresses is a way of best practice of a network engineer.

Before the usage of an IP Prefix, it is better to check your needs for now and for the future. How many subnets and hosts you need and you will need in the future? According to these needs, you can determine Subnetting and divide your IP Prefix into smaller parts.

Zero th subnet range is 165.100.00000000.00/000000 - 165.100.00000000.00/111111- (165.100.0. 0- 165.100.0.63)

1th subnet range is 165.100.00000000.01/000000 - 165.100.00000000.01/111111- (165.100.0. 64- 165.100.0.127)

2th subnet range is 165.100.00000000.10/000000 - 165.100.00000000.10/111111 - (165.100.0. 128- 165.100.0.191)

3th subnet range is 165.100.00000000.11/000000 - 165.100.00000000.11/111111 - (165.100.0. 192- 165.100.0.255)

4th subnet range is 165.100.00000001.00/000000 - 165.100.00000001.00/111111 - (165.100.1. 0- 165.100.1.63)

5th subnet range is 165.100.00000001.01/000000 - 165.100.00000001.01/111111 – (165.100.1. 64- 165.100.1.127)

6th subnet range is 165.100.00000001.10/000000 - 165.100.00000001.10/111111 - (165.100.1. 128- 165.100.1.191)

…………………….

15^th subnet range is 165.100.00000011.11/000000 - 165.100.00000011.11/111111-(165.100.3.192-165.100.3.255)

Subnetting Problem 3

Number of needed subnets 2

Network Address 195.223.50.0

Address class ?

Default subnet mask ?

Custom subnet mask?

Total number of subnets?

Total number of host addresses ?

Number of usable addresses?

What is the 3rd subnet range?

What is the subnet number for the 2nd subnet?

What is the subnet broadcast address for the 1st subnet?

What are the assignable addresses for the 3rd subnet?

The following table lists the important differences between IPv4 and IPv6.

IPv4	IPv6s
IPv4 addresses are 32 bit length.	IPv6 addresses are 128 bit length.
IPv4 addresses are binary numbersrepresented in decimals.	IPv6 addresses are binary numbers represented in hexadecimals.
IPSec support is only optional.	Inbuilt IPSec support.
Fragmentation is done by sender and forwarding routers.	Fragmentation is done only by sender.
No packet flow identification.	Packet flow identification is available within the IPv6 header using the Flow Label field.
Checksum field is available in IPv4 header	No checksum field in IPv6 header.
Address Resolution Protocol (ARP) is available to map IPv4 addresses to MAC addresses.	Address Resolution Protocol (ARP) is replaced with a function of Neighbor Discovery Protocol (NDP).
Broadcast messages are available.	Broadcast messages are not available. Instead a link-local scope "All nodes" multicast IPv6 address (FF02::1) is used for broadcast similar functionality.
Internet Group Management Protocol (IGMP) is used to manage multicast group membership.	IGMP is replaced with Multicast Listener Discovery (MLD) messages.

Sample Exercise

Given the Class C network of 204.15.5.0/24, subnet the network in order to create the network in Figure with the host requirements shown.

Looking at the network shown in Figure , you can see that you are required to create five subnets. The largest subnet must support 28 host addresses. Is this possible with a Class C network? and if so, then how?

You can start by looking at the subnet requirement. In order to create the five needed subnets you would need to use three bits from the Class C host bits. Two bits would only allow you four subnets (2²).

Since you need three subnet bits, that leaves you with five bits for the host portion of the address. How many hosts does this support? 2⁵ = 32 (30 usable). This meets the requirement.

Therefore you have determined that it is possible to create this network with a Class C network. An example of how you might assign the subnetworks is:

netA: 204.15.5.0/27      host address range 1 to 30

netB: 204.15.5.32/27     host address range 33 to 62

netC: 204.15.5.64/27     host address range 65 to 94

netD: 204.15.5.96/27     host address range 97 to 126

netE: 204.15.5.128/27    host address range 129 to 158

What is the maximum number of valid hosts one will have from the network 192.168.239.0/26

The correct answer is: 62

Which letter VLAN would the host 192.168.148.5 be placed? For your answer simply select the letter of the Vlan (i.e. 'A')

The correct answer is: B

What is the network address and subnet mask (in CIDR noration) of the hidden (xxx.xxx.xxx.xxx/xx) subnet? The whole network has a network address and subnet mask of 192.168.0.0/23

The correct answer is: 192.168.1.32/30

The block size for a subnet is 256-subnet mask value. Start at zero and count in block sizes. Every block size will be a new network address. Find the block size of the highest subnet and see what the next block will be.

Question: What valid host range is the IP address 172.16.96.116/22 a part of?

Answer: 172.16.96.1 through to 172.16.99.254

Question: What is the broadcast address of the network 192.168.7.32/28?

Answer: 192.168.7.47

Question: What valid host range is the IP address 172.21.133.120/28 a part of?

Answer: 172.21.133.113 through to 172.21.133.126

Question: Which subnet does host 192.168.75.19 255.255.255.224 belong to?

Answer: 192.168.75.0

Question: Which subnet does host 10.216.75.165/20 belong to?

Answer: 10.216.64.0

Question: What is the last valid host on the subnetwork 172.19.16.0 255.255.254.0?

Answer: 172.19.17.254

Question: What is the broadcast address of the network 172.23.166.0/24?

Answer: 172.23.166.255

Question: What valid host range is the IP address 172.19.24.226/23 a part of?

Answer: 172.19.24.1 through to 172.19.25.254

Question: Which subnet does host 172.16.136.91 255.255.254.0 belong to?

Answer: 172.16.136.0

Question: How many subnets and hosts per subnet can you get from the network 172.19.0.0/23?

Answer: 128 subnets and 510 hosts

Question: You are designing a subnet mask for the 192.168.108.0 network. You want 5 subnets with up to 20 hosts on each subnet. What subnet mask should you use?

Answer: 255.255.255.224

Question: What is the last valid host on the subnetwork 10.179.208.0 255.255.240.0?

Answer: 10.179.223.254

Question: Which subnet does host 172.22.38.147 255.255.255.240 belong to?

Answer: 172.22.38.144

Question: What is the first valid host on the subnetwork that the node 172.24.165.168 255.255.254.0 belongs to?

Answer: 172.24.164.1

What are the network address, broadcast address, and the subnet mask for a host with the IP Address below?

Top of Form

IP Address: 199. 149. 42. 207/ 23

Bottom of Form

[Correct Answers]

Network Address: 199.149.42.0

Broadcast Address: 199.149.43.255

Sunbet Mask: 255.255.254.0

What are the network address, broadcast address, and the subnet mask for a host with the IP Address below?

Top of Form

IP Address: 42. 108. 149. 182/ 21

Bottom of Form

[Correct Answers]

Network Address: 42.108.144.0

Broadcast Address: 42.108.151.255

Sunbet Mask: 255.255.248.0

Networking Security

What is DNS? Purpose of the root services in DNS

What is DNS?

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

How does DNS work?

The process of DNS resolution involves converting a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1). An IP address is given to each device on the Internet, and that address is necessary to find the appropriate Internet device - like a street address is used to find a particular home. When a user wants to load a webpage, a translation must occur between what a user types into their web browser (example.com) and the machine-friendly address necessary to locate the example.com webpage.

In order to understand the process behind the DNS resolution, it’s important to learn about the different hardware components a DNS query must pass between. For the web browser, the DNS lookup occurs “ behind the scenes” and requires no interaction from the user’s computer apart from the initial request.

There are 4 DNS servers involved in loading a webpage:

• DNS recursor - The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.

• Root nameserver - The root server is the first step in translating (resolving) human readable host names into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations.

• TLD nameserver - The top level domain server (TLD) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “com”).

• Authoritative nameserver - This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request.

What's the difference between an authoritative DNS server and a recursive DNS resolver?

Both concepts refer to servers (groups of servers) that are integral to the DNS infrastructure, but each performs a different role and lives in different locations inside the pipeline of a DNS query. One way to think about the difference is the recursive resolver is at the beginning of the DNS query and the authoritative nameserver is at the end.

Recursive DNS resolver

The recursive resolver is the computer that responds to a recursive request from a client and takes the time to track down the DNS record. It does this by making a series of requests until it reaches the authoritative DNS nameserver for the requested record (or times out or returns an error if no record is found). Luckily, recursive DNS resolvers do not always need to make multiple requests in order to track down the records needed to respond to a client; caching is a data persistence process that helps short-circuit the necessary requests by serving the requested resource record earlier in the DNS lookup.

Authoritative DNS server

Put simply, an authoritative DNS server is a server that actually holds, and is responsible for, DNS resource records. This is the server at the bottom of the DNS lookup chain that will respond with the queried resource record, ultimately allowing the web browser making the request to reach the IP address needed to access a website or other web resources. An authoritative nameserver can satisfy queries from its own data without needing to query another source, as it is the final source of truth for certain DNS records.

It’s worth mentioning that in instances where the query is for a subdomain such as foo.example.com or blog.cloudflare.com, an additional nameserver will be added to the sequence after the authoritative nameserver, which is responsible for storing the subdomain’s CNAME record.

There is a key difference between many DNS services and the one that Cloudflare provides. Different DNS recursive resolvers such as Google DNS, OpenDNS, and providers like Comcast all maintain data center installations of DNS recursive resolvers. These resolvers allow for quick and easy queries through optimized clusters of DNS-optimized computer systems, but they are fundamentally different than the nameservers hosted by Cloudflare.

Cloudflare maintains infrastructure-level nameservers that are integral to the functioning of the Internet. One key example is the f-root server network which Cloudflare is partially responsible for hosting. The F-root is one of the root level DNS nameserver infrastructure components responsible for the billions of Internet requests per day. Our Anycast network puts us in a unique position to handle large volumes of DNS traffic without service interruption.

What are the steps in a DNS lookup?

For most situations, DNS is concerned with a domain name being translated into the appropriate IP address. To learn how this process works, it helps to follow the path of a DNS lookup as it travels from a web browser, through the DNS lookup process, and back again. Let's take a look at the steps.

Note: Often DNS lookup information will be cached either locally inside the querying computer or remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When DNS information is cached, steps are skipped from the DNS lookup process which makes it quicker. The example below outlines all 8 steps when nothing is cached.

The 8 steps in a DNS lookup:

1. A user types ‘example.com’ into a web browser and the query travels into the Internet and is received by a DNS recursive resolver.

2. The resolver then queries a DNS root nameserver (.).

3. The root server then responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for example.com, our request is pointed toward the .com TLD.

4. The resolver then makes a request to the .com TLD.

5. The TLD server then responds with the IP address of the domain’s nameserver, example.com.

6. Lastly, the recursive resolver sends a query to the domain’s nameserver.

7. The IP address for example.com is then returned to the resolver from the nameserver.

8. The DNS resolver then responds to the web browser with the IP address of the domain requested initially.

Once the 8 steps of the DNS lookup have returned the IP address for example.com, the browser is able to make the request for the web page:

9. The browser makes a HTTP request to the IP address.

10. The server at that IP returns the webpage to be rendered in the browser (step 10).

Taxonomoy of attacks

A. Active attack

a. Interruption

1. DOS(Denial of Service)

denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled2. DDOS(Distributed Denial of Services)

3. DRDOS(Distributed DoS with Reflectors)

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

4. SQL Injection Attack

SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).^[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

b. Fabrication

1. Replay Attack

2. Masquerading

c. Modification

1. Man of the middle attack

B. Passive attack

a. Interruption

1. Release of message

When you send a message to you friend, you want that only that person can read the message. Using certain security
mechanism, we can prevent release of message contents. For example we can encode the message using algorithm.

2. Traffic analysis

If many message are passes through a single channel then user get confused can give some information to attacker as it think
that message is come from the his party.

3. Sniffing

Sniffing is a method to sniff the transferred data that was send by the sender. It just tries to find out what type of message or data is transferred by sender without the permission of sender.

4. Keyloggers

Different type of attack

· Eavesdropping

· Snooping

· Interception

· Modification Attacks

· Repudiation Attacks

· Denial-of-service (DoS) Attacks

· Distributed denial-of-service (DDoS) Attacks

· Back door Attacks

· Spoofing Attacks

· Man-in-the-Middle Attacks

· Replay Attacks

· Password Guessing Attacks

Another fews:-

· Sniffing

· Port Scanning

· TCP Syn or TCP ACk Attack

· TCP Sequence number attack

· TCP Hijacking

· ICMP Attacks

· Smurf Attacks

· ICMP Tunelling

Difference between Active Attack and Passive Attack:

ACTIVE ATTACK	PASSIVE ATTACK
Active attack tries to change the system resources or affect their operation.	Passive attack tries to read or make use of information from the system but does not influence system resources
Occurs	does not take place
Always causes damage to the system.	Do not cause any harm
Integrity and availability	Confidentiality
The entity (victim) gets informed about the attack	The entity is unaware of the attack
The transmission is captured by physically controlling the portion of a link.	Just need to observe the transmission.
Detection	Prevention

Eavesdropping - This is the process of listening in or overhearing parts of a conversation. It also includes attackers listening in on your network traffic. Its generally a passive attack, for example, a coworker may overhear your dinner plans because your speaker phone is set too loud. The opportunity to overhear a conversation is coupled with the carelessness of the parties in the conversation.

Figure – Eavesdropping

WHAT IS A MITM ATTACK

A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.

Figure - man in the middle attack

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons,by disguising as a trustworthy entity in an electronic communication.

Figure – phishing attacks

Spoofing: - Spoofing is another type of active attack. In this type of attack, unauthorized persons pretend to be legitimate users and gain access to network and steal important information. Spoofing can take place in variety of forms. One form of spoofing is to send fake e-mails from fake address and capture login names, passwords and account information. Another form of spoofing is IP spoofing, where the IP packets are used to send the data over the network.

Difference Between Phishing and Spoofing

Phishing and Spoofing are the types of attacks that often used in a similar sense. The prior difference between phishing and spoofing is that in phishing the scammer tries to trick the victim with an intent to steal the confidential details resulting in financial gain. On the other hand, spoofing doesn’t always involve financial gain, but the forging is similar.

Comparison Chart

Phishing	Spoofing
Phishing scammer spoof trustworthy organizations and people in order to gain the trust of their targets and steal information.	Spoofing defrauders are not necessarily trying to steal any information but may rather be trying to achieve other malicious goals.
Phishing attacks can use spoofing as the strategy.	Spoofing isn't necessarily phishing.
Phishing is accompanied with information stealing.	Spoofing not necessarily require information stealing.
Retrieval	Delivery

Phishing is a form of social engineering where the defrauder attempts to fraudulently retrieve licit users’ sensitive information by imitating electronic communication from a trusted organization in an automated manner.

Phishing attack involves three phishing steps.

· Firstly the mailer sends out a fraudulent email, SMS, VOIP, message on a social networking site to direct the users to the fraudulent website.

· Then the fraudulent website is set up, which prompt the user to provide confidential information.

· At the last step, the confidential information is used to achieve the payout.

There are various types of phishing such clone phishing, spear phishing, phone phishing etc.

Definition of Spoofing

Spoofing is similar to phishing, where the attacker stoles the identity of the licit user and pretence as another individual or organization with malicious intent, in order to breach the system’s security or to steal the users’ information. There are various kinds of spoofing attacks such as IP spoofing, Email spoofing, URL spoofing, MAC spoofing, and DNS spoofing.

Unlike phishing, spoofing attack can cause damage without stealing the information. For example, attacker A sends a forged email to the user B by using the identity of the user C. User B will perceive that the received email is from user C and will evidently reply. The spoofed email could have sent with the malicious intent.

Key Differences Between Phishing and Spoofing

1. Spoofing can be a part of phishing but is not exactly phishing.

2. In phishing, the sensitive information is stolen by the attacker. In contrast, the spoofing is not necessarily accompanied by information stealing.

3. Phishing performs fraudulent retrieval of the confidential information of the legitimate user. Conversely, spoofing makes delivery of the malicious file or message.

Spamming:- spamming is the sending of an unsolicited email. What this means is that you send an email, generally an ad of some sort, to someone sho has not requested to receive that information from you.

Snooping - This is when someone looks through your files in the hopes of finding something interesting whether it is electronic or on paper. In the case of physical snooping people might inspect your dumpster, recycling bins, or even your file cabinets; they can look under your keyboard for post-It-notes, or look for scraps of paper tracked to your bulletin board. Computer snooping on the other hand, involves someone searching through your electronic files trying to find something interesting.

Way to protect cyber attacks [SEO(ICT) at janata bank 2015]

1. Create an internal policy

2. Learn from the mistakes of others

3. Keep your computers updated

4. Use cloud services

5. Know what not to do

6. Increase employee awareness

7. Create strong password and change them frequently

8. Hire a security expert

Cyber security measure

1. Eastablish strong password

2. Eastablish role base access controls and implementation system logging

3. Maintain an accurate Inventory of control system devices and Eliminate any Exposure of this Equipment and External Networks

4. Put up a strong firewell

5. Install antivirous protection

6. Install encryption software

7. Update your laptops

8. Secure your mobile phones

9. Backup regularly

10. Monitor diligently

11. Be carefull with email, IM and surfing the web

12. Educate your employee

13. Develop a cyber security Incident response plan

Ways to prevent unauthorized access to pc via internet

1. Password

2. Get a hardware and software firewell

3. Malware protection

4. Take caution while reading e-mails

Web application attack

1. CSRF(Cross site request Forgery)

2. XSS(Cross site scripting)

3. SQL Injection (Sql injection is a code injection technique , used to attack data-driven applications, in which nefarious Sql statements are inserted into an entry field for execution)

4. Session Hijacking

Web server security & database server Security [AME Bangladesh bank 2017]

1. Remove Unnecessary services

2. Remote access

3. Separate development / testing / production environment

4. Web application content and server- side scripting

5. Permission and privileges

6. Install all security patches on time

7. Monitor and audit the server

8. User account

9. Remove all unused modules and application extensions

10. Use security tools provided with web server software

11. Use scanner

What are the steps to prevent unnecessary and unwanted email?

There are really only two ways to keep spam out of your in-box

1. Prevent

2. Filtering

Packet sniffing(snooping)	Packet spoofing
Packet sniffing refers to listening to other’s conversation.	Packet spoofing refers to actively introducing fake network traffic pretending to be someone else.
It is a passive attack (i.e. attacker cannot cause any kind of damage)	It is an active attack (i.e. attacker can insert malicious program to infect the other system)
Packet sniffing is usually done by gaining access to a computer/device through which the traffic flows (e.g. router or admin-PC)	Packet spoofing is done by sending packets with incorrect source address. The receiver the sends reply to this forged(spoofed) address. (Modifying routing tables)
Encryption is the best method to tackle sniffing	Digital signatures is a good method to tackle spoofing

Types of Security Attacks:

1. Passive Attack: It attempts to learn or make use of information from the system but does not affect system resources.

2. Active Attack: It attempts to alter system resources or affect their operation.

3. Passive Attacks:

1. Passive attacks are in the nature of eavesdropping on, or monitoring of transmissions.

2. The goal of the opponent is to obtain information that is being transmitted.

3. There are 2 types of passive attacks they are

Figure 4.1 Release of Message ContentsFigure 4.1 Release of Message Contents

Figure 4.2 Traffic analysisFigure 4.2 Traffic analysis

· Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.

· The common technique for masking content is encryption. However if the opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.

· Passive attacks are very difficult to detect because they do not involve any alteration of the data. Typically, the message traffic is not sent and received in an apparently normal fashion and the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern.

· However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus the emphasis in dealing with passive attacks is on prevention rather than detection.

A second type of passive attack, traffic analysis, is subtler (Figure 1.3b). Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.

Passive attacks are very difficult to detect because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.

Active Attacks

Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service.

A masquerade takes place when one entity pretends to be a different entity (Figure 1.4a). A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.

Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (Figure 1.4b).

What does Hacking mean?

Hacking is the act of stealing personal or private data, without the owner`s knowledge or consent, it could also include other things like stealing passwords, creating a botnet, or pretty much any act that breaches someone`s privacy, without their knowledge, or consent.

How DDOS and sql injection attacks are carried out [madrsha board-2018]

In most articles about hacking attacks, you usually learn of attacks by groups like Anonymous, LulzSec and AntiSec. And, you’ve also heard about websites and platforms that have been hacked, including, Sony for example. But, are you aware of the methods used to break down these services?

There are many tools and techniques that some hackers use to reach their goals, but I won’t give you this turnkey. Here, I’ll briefly explain the operating principle of the two most known attacks on the web:

— DDoS (Distributed) Denial of Service
— SQL injections or SQLi

DDoS attacks (Distributed) Denial of Service

First of all, what is a DDoS attack?

A Denial of Service (also known as Distributed Denial of Service, or DDoS) results in denial-of-service attack. This kind of attack is to make a service unavailable. Here, I use the example of an attack on a web server by flooding the network to prevent its operation. You understood the objective and a successful DDoS attack is to render a website inoperative for everyone.

How Does it Work?

In a DDoS attack, it’s all about logistics. Nothing like an example to explain it all

Take a good million malicious people coming together in order to sabotage X company’s affairs using its call center. They will coordinate their actions to all call company X simultaneously on Friday at 10am. The company will be bombarded with millions of phone calls and probably won’t manage it very well. The result is that legitimate customers wanting to call this company will struggle to reach them.

A DDoS attack on a web server works exactly the same way. Indeed, there’s virtually no way of knowing if the generated traffic comes from legitimate requests or hackers. This type of attack is usually very effective, but requires substantial resources following the targeted server.

SQL or SQLI Injections

What is SQL injection?

A SQL injection is an achievement – that is to say, a security flaw in an application connected to a database. Typically, such flaws leverage bad programming techniques of some developers. ^^

This attack allows a compromise on even a server database if the user using the database system rights. But unlike a DDoS attack, a SQLi attack can be easily avoided if a web application is programmed correctly.

Implementation of the attack

When you want to connect to a web site, you enter your user name and password. To test these settings, the web application will make a request of this type:

1
SELECT user_id FROM users WHERE username = ‘myuser’ AND password = ‘mypass’;

Note: The string variables must be enclosed in single quotes.

Thus, the combination of username (myuser) and password (mypass) must match a line in the table of users (users) to a user_id, which would be returned.

If no line is, no user_id is sent back. In this way, the connection with the entered password is invalid.

However, if a user enters a substitution value that can be interpreted in the query, then at that time your application is susceptible to SQL injection.

Suppose myuser ‘- entered the fields username with any password. This would give:
1
SELECT user_id FROM users WHERE username = ‘myuser’ – ‘AND password =’ mypass’;

The key to this application is the inclusion of two hyphens (-). This is actually the token to comment out an SQL query. And, so everything after the two dashes will be ignored. Here the query executed will be:
1
SELECT user_id FROM users WHERE username = ‘myuser’

As you’ve noticed, the most glaring omission here is the verification of the password! And, this is by including the username both times that the password is completely ignored. This is called a SQL injection.

The results

By imagining that the site has full control over its database, then the consequences can be quite devastating. This can give the possibility to hack, delete, create or edit database records, etc …

To illustrate the damage that can be caused, consider this type of request:
1
SELECT user_id FROM users WHERE username = ‘lama’; DROP TABLE users; – ‘AND password =’ mypass’;

Here, we’ve entered the user name input fields Lama ‘; DROP TABLE users; -. The semicolon used to end a statement and to create a new following. DROP TABLE users; will delete the users table in the database. Basically, the query executed by data base will be:
1
SELECT user_id FROM users WHERE username = ‘lama’;
2
DROP TABLE users;

Sure, SQL permissions as the hacker, can be a lot worse! As you clear the entire database, create new logins, etc…

Protect a SQL Injection

SQL injection can be easily circumvented by “disinfectant” or “escaping” the data. In English, we can translate these words to “Sanitize” or “Escape”. In this way, a chain inside a request cannot be terminated prematurely.

For example, to search the user name Wada in database, you’re forced to escape the single quote after the L. So, you can “sanitize” the chain by inserting a “.”

Returning to the previous SQL injection example with the value myuser ‘-.
1
SELECT user_id FROM users WHERE username = ‘myuser ‘ – ‘AND password =’ mypass’;

Escaping the single quote after myuser, the database will search the user name myuser ‘-. So, the query is executed fully and includes the second condition on the password.

There are several methods to escape a string in a request. With PHP, for example, you can use the mysql_real_escape_string () to escape a string in a request.
$ Sql = “SELECT user_id FROM users”;
$ Sql. = “WHERE username = ‘”. mysql_real_escape_string ( “myuser” – “). “”;
$ Sql. = “AND password = ‘”. mysql_real_escape_string ( “mypass”). “”;
$ Res = mysql_query ($ sql);

In Summary:

That is just about everything you need to know about DDoS attacks and SQL injections. And, although the attacks on the web are changing and becoming more sophisticated or moving into other types of vulnerabilities, it’s important to remember that, in general, they’re related negligence / developer (s).

Another Answer: -

Protect web infrastructure against DDoS, SQL injection, XSS, and SSL attacks [AP,madrasha Board -2018]

Attacks against the web have become more vicious than ever. Distributed Denial of Service (DDoS) attacks starve legitimate traffic of resources; SQL injection attacks pass through firewalls to steal data; Cross Site Scripting (XSS) attacks use unvalidated scripts for malicious activities; and legacy SSL protocols can reveal application data to the determined hacker. Every type of business, no matter the size or industry, requires protection to address these threats.

DDoS attacks protection:-

DDoS attacks are resource wasters—they work by saturating network infrastructure so that it is unable to process legitimate traffic, making applications inaccessible. For a business, a web application that has crashed is no different than one that is under DDoS attack.

NetScaler ADC and NetScaler AppFirewall easily thwart a variety of DDoS and DoS attacks, providing protection against tactics such as external entity references, recursive expansion, excessive nesting, and malicious messages containing either long or a large number of attributes and elements.

SQL injection attacks prevention:-

SQL injection is commonly used to steal identity data and other sensitive information. By inserting unauthorized database commands into a vulnerable web site, an attacker may gain unrestricted access to the entire contents of a backend database.

NetScaler AppFirewall identifies and mitigates against all kinds of SQL injection attacks. It also prevents all XML attacks by incorporating a rich set of XML-specific protections.

What is it?

A “denial of service” (sometimes called a “distributed denial of service” or DDoS) attack occurs when a system, in this case a web server, receives so many requests at one time that the server resources are overloaded the system simply locks up and shuts down. The goal and result of a successful DDoS attack is the websites on the target server are unavailable to legitimate traffic requests.

Executing the attack

Due to the “brute force” nature of a DDoS attack, you need to have lots of computers all coordinated to attack at the same time. Revisiting our call center example, this would require all the attackers to both know to call at 9 AM and actually call at that time. While this principle certainly will work when it comes to attacking a web server, it becomes significantly easier when zombie computers, instead of actual manned computers, are utilized.

As you probably know, there are lots of variants of malware and trojans which, once on your system, lie dormant and occasionally “phone home” for instructions. One of these instructions could, for example, be to send repeated requests to Company X’s web server at 9 AM. So with a single update to the home location of the respective malware, a single attacker can instantly coordinate hundreds of thousands of compromised computers to perform a massive DDoS attack.

The beauty of utilizing zombie computers is not only in its effectiveness, but also in its anonymity as the attacker doesn’t actually have to use their computer at all to execute the attack.

SQL Injection Attack

What is it?

A “SQL injection” (SQLI) attack is an exploit that takes advantage of poor web development techniques and, typically combined with, faulty database security. The result of a successful attack can range from impersonating a user account to a complete compromise of the respective database or server. Unlike a DDoS attack, an SQLI attack is completely and easily preventable if a web application is appropriately programmed.

Executing the attack

Whenever you login to a web site and enter your user name and password, in order to test your credentials the web application may run a query like the following:

SELECT UserID FROM Users WHERE UserName='myuser' AND Password='mypass';

Note: string values in a SQL query must be enclosed in single quotes which is why they appear around the user entered values.

So the combination of the entered user name (myuser) and password (mypass) must match an entry in the Users table in order for a UserID to be returned. If there is no match, no UserID is returned so the login credentials are invalid. While a particular implementation may differ, the mechanics are pretty standard.

So now let’s look at a template authentication query which we can substitute the values the user enters on the web form:

SELECT UserID FROM Users WHERE UserName='[user]’ AND Password='[pass]’

At first glance this may seem like a straightforward and logical step for easily validating users, however if a simple substitution of the user entered values is performed on this template, it is susceptible to an SQLI attack.

For example, suppose “myuser’–” is entered in the user name field and “wrongpass” is entered in the password. Using simple substitution in our template query, we would get this:

SELECT UserID FROM Users WHERE UserName='myuser'--' AND Password='wrongpass'

A key to this statement is the inclusion of the two dashes (--). This is the begin comment token for SQL statements, so anything appearing after the two dashes (inclusive) will be ignored. Essentially, the above query is executed by the database as:

SELECT UserID FROM Users WHERE UserName='myuser'

The glaring omission here is the lack of the password check. By including the two dashes as part of the user field, we completely bypassed the password check condition and were able to login as “myuser” without knowing the respective password. This act of manipulating the query to produce unintended results is a SQL injection attack.

Most Common Causes of Website Outages and Crashes:

Plugin Error

Plugins (often used interchangeably with extensions) are additional pieces of code and software that, wait for it, plug in to your website, giving it additional functions or features.

Code Breaking/Errors

Similar to the plugin error, this one involves web code being broken. However, it’s usually the fault of someone working directly on the website. If you or your website providers were making an update to the website and it broke shortly after, this is most likely the cause.

Server/Hosting Provider Error

These are a very common, yet frustrating cause of website crashes because they’re generally out of your hands, both in terms of causing them and fixing them. Your website is being hosted somewhere, and that host provider may be experiencing server troubles.

You Need More Hosting

There are different hosting plans based on the size of your website and how much traffic you get. If you’re on a small, shared host plan and your website starts to grow, don’t be surprised if your website suddenly locks up.

Massive Traffic Spike

Traffic to your website is awesome, right? Well, yes, but if the sudden influx of traffic is too large, it could crash your site

Brute Force Attacks

This is someone similar to the traffic spike except for two key differences:

• The traffic you’re receiving are spam bots and virus software

• They’re trying to break into the backend of your website

Expired Domain

In case you didn’t know, your domain hosting is separate from your website hosting. If the hosting for you domain expires (which happens quite often without people realizing it), your website will stop showing up.

5 Simple Reasons for Server Hangs and Freezes:-

Network Problems

Local, regional or at the data center, rackAID receives reports every week of servers being down or frozen. Typically, clients say they cannot get to the website or get a web site not found error. In most cases, the server is fine, but there is a network problem.

System Overload

Server hang-ups due to system overload typically show up as slowly loading pages. The system may respond slowly for a period and then return to normal operation. Server slow downs typically happen at peak traffic periods, when scheduled tasks (cron jobs) run, or when certain maintenance occurs.

Configuration Errors

Nearly weekly, someone contacts us with a hung server that is offline due to mis-configuration. If you use the command line, an errant quotation can bring Apache, Sendmail or other critical systems to a halt.

Hardware Issues

I love how people like to blame the hardware. But in my experience, hardware is rearely the cause. Typically, if there are hardware problems, you will see random freezes and hangs from day one. Otherwise, the system will run great for years.

Backups

I know. I just said you need backups, but in many cases, I’ve seen backups cause servers to hang. For example, rsync, used on cPanel and many custom scripts, consumes a significant amount of CPU resources which can slow your server and even cause it to freeze up.

How to troubleshoot if you think your server is down.

A website can appear to have gone down mainly for one of the following reasons:

• A programming error on the website,

• A DNS problem, or an expired domain,

• A networking problem,

• A service on the server has crashed, (apache, mysql, iis)

• The whole server has crashed.

Check for a programming error on the website:

Browse to the website. Do you get a error message? If it says “Done” or “Loaded,” rather than “Waiting…” or “Connecting…,” then the server and its software are performing correctly, but there is a programming error or misconfiguration. Check the Apache error log for clues. Has an apache or php configuration change been made recently? Check with your developers if you are updating your site.

Check for a DNS problem:

Many times web sites are down due to dns issues. Dns is the gps of the web and without you can get lost quickly. Here are a few things to check.

Who-is lookup: Make sure the domain is still currently registered and not expired? A whois will also show you the current nameservers (authoratative dns servers for the domain).

Check for a networking problem:

One of the first things to check is if you can reach your server over the internet. The quickest way to do this is to ping the server and see if you get a reply. (If you have ICMP disabled or blocked in your firewall, then a ping will not help you in troubleshooting)

2nd: Check to see if its a networking issue between you and your server.

Check for services on your server:

If your able to ping and traceroute to your server, lets check some individual services on it. Log into it and check to see if your basic services are running. You could log into your control panel (plesk or whm if available and go to service management and see if any have stopped.) On a linux server you could log in via ssh and type the following: service httpd status to see the status of apache.

Check if your server is down:

Finally, if your not able to even connect to your server, chances are it is down. Your best bet is to have it rebooted. You can initiate a reboot via your account at Serverportal.com under Support > Reboot Request.

7 Steps To Successfully Troubleshoot A Windows Network

Whether you have a small Windows network in your house with only one PC or a large Windows enterprise network with thousands of PCs and servers, troubleshooting Windows networking can be challenging.

Step 1 – Know Your Infrastructure

While you can blindly perform troubleshooting, you will be much more successful by first knowing your infrastructure (what is connected to what and how it is designed). If this is a Windows enterprise network, perhaps you are lucky and you can locate a network diagram.

Step 2 – Learn About Your Network

If you don’t know your infrastructure design and there’s no documentation to reference, you can start troubleshooting by learning about your network infrastructure from a few common network diagnostic tools. There is actually a lot to be learned by simply running IPCONFIG and/or the LAN details Windows GUI.

Figure 1: IPCONFIG

Figure 2: Windows Network Connection Details

From these two commands, you learn a lot:

• Whether the network interface is up or down (physical network connectivity)

• How you are to obtain an IP address – DHCP or static

• Whether you have an IP address, no IP address, or an automatically obtained IP address (those that start with 169.254.x.x, or APIPA)

• Your default gateway

• Whether you have DNS servers configured and what they are

Step 3 – Network Connection Is Down

If you look at the OSI model, the physical layer (layer 1) is at the bottom. If layer 1 doesn’t work then NOTHING else is going to work. It is best to troubleshoot from the “bottom up” (from layer 1 up to the higher layers).

Figure 3: Media State Issue

Step 4 – No IP Address

Whether you have no IP address (0.0.0.0) or an automatic private IP address (APIPA, starting with 169.254.x.x), it doesn’t matter. You’ll have to obtain an IP address before you can use the network. If you are set to use DHCP (likely the default) and your DHCP server is down then that is the reason that you don’t have an IP address.

Step 5 – No DNS Servers

If you don’t have any DNS servers configured then you’ll be able to communicate on the network with IP addresses only. You should be able to ping your default gateway, your DHCP server, and other servers on the network. However, you won’t be able to do any of that by name.

Options to solve this problem:

· Determine why the DHCP server isn’t providing DNS server IPs

· Manualy configure the DNS server IPs if you know them

· Configure public Internet DNS servers like the Google public DNS servers (like 8.8.4.4)

Step 6 – No Default Gateway

If you have no default gateway IP address configured, this will prevent you from communicating on another IP subnet (like the Internet) but not from communicating on your local LAN. Thus, even with no IP default gateway configured, you should be able to work as normal with local servers. In fact, configuring a default gateway is optional if you don’t need to reach an external network.

Step 7 – Misconfigured Subnet Mask

If you have an incorrectly configured IP subnet mask then you’ll get some unpredictable results. You either need to manually configure it (if you are using static IP addresses) or check the DHCP server to see why it gave you the wrong subnet mask.

What is Network Security?

If the field of internet security is attractive to you, you need to know the important distinction between network security and cyber security. If you think of a company as castle fortified against outside threats, network security is concerned about maintaining peace and calm within the walls of the castle.

· IDs and passwords - making certain they are effective and updated frequently

· Firewalls - keeping outside threats at bay

· Internet access - monitoring the sites employees visit on the company's computers

· Encryption - making certain that company information is useless to anyone outside the company

· Backups - scheduling regular backups of company information in case of a hardware malfunction or successful outside threat

· Scans - conducting regular virus and malware scans to detect any outside infection

Where Does Cyber Security Differ?

Cyber security is much more concerned with threats from outside the castle. Where network security is worried about what is going on within the castle walls, cyber security is watching who is trying to pass through the gate or breach the parapets. The two areas have a lot of overlap, but their areas of concern are quite different. The cyber security specialist is the crusading knight defending the kingdom. Cyber security focuses on the barbarians at the gate and how the castle connects to the world around it.

· Network protection - detecting and protecting against outside attempts to get into the network

· Up-to-date information - staying informed on how attackers and hackers are improving their efforts

· Intelligence - identifying the sources of outside attacks and protecting against them

· Applications - monitoring the use of applications to avoid unintended breaches from within

HTTP and HTTPS: What do they do, and how are they different?

You click to check out at an online merchant. Suddenly your browser address bar says HTTPS instead of HTTP. What's going on? Is your credit card information safe?

Good news. Your information is safe. The website you are working with has made sure that no one can steal your information.

Instead of HyperText Transfer Protocol (HTTP), this website uses HyperText Transfer Protocol Secure (HTTPS).

Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

They use the "code" on a Secure Sockets Layer (SSL), sometimes called Transport Layer Security (TLS) to send the information back and forth.

How does HTTP work? How is HTTPS different from HTTP? This tutorial will teach you about SSL, HTTP and HTTPS.

What is a firewall?

A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. If you can’t start Windows Firewall or you are getting an error, use our free tool to diagnose and fix problems.

Firewall Diagram

What Firewalls Do?

Basically, firewalls need to be able to perform the following tasks:

· Defend resources

· Validate access

· Manage and control network traffic

· Record and report on events

· Act as an intermediary

What is WiMAX and How Does it Differ from WiFi?

When speaking about wireless networks, you might have heard the term WiMAX increasingly used as a technology that will replace WiFi. If you are curious on what the differences between these two are, then this article is meant to exactly answer your questions.

WiMAX stands for “Worldwide Interoperability for Microwave Access” and is a standard-based technology for providing a wireless alternative to cable and DSL connections.

This however is also one of the usages of WiFi. Although WiFi wireless devices are mainly used for short-range wireless connection of end user devices such as laptops, tablets and smartphones, they are also used for site-to-site interconnections.

Wifi 1

Before I explain the core difference of the two, let’s first take a look at the table below which gives some of the basic differences between the two wireless standards:

Specifications	WiMAX	WiFi
IEEE Standard	802.16x	802.11x
Versions of standard	802.16a, 802.16d and 802.16e	802.11b, 802.11g, 802.11n
Official Release	1997	2004
Frequency bands supported	2.5,3.5 and 5.8GHz supported	2.4 GHz and 5 GHz supported
Data rate	30-40Mbps, but lately updated to 1Gbps	54Mbps, but lately up to 1.2Gbps
Channel Bandwidth	Flexible (1.25 to 20 MHz)	10 or 20 or 40 MHz
Normal Ranges	30+ Km	100m for end-user devices (up to 5Km for outdoor point to point connections)

What is the main technical benefit of WiMAX?

WiMAX is not a replacement technology to WiFi – instead, while WiFi is the de-facto global standard for wireless interconnection of end-user devices, WiMAX has addressed a specific technical deficiency of WiFi for interconnection of multiple sites.

Wifi 2

The main drawback of WiFi technology for a point-to-multipoint connection is that it is a connectionless type of protocol named CSMA/CA (Carrier sense multiple access with collision avoidance). Without going into deep technical details, this means that as in WiFi networks all the devices of the network share the same frequency channel, to prevent collision in data transmissions, each device “listens” to make sure no other device is transmitting and then it transmits its data. I.e. there is no centralized management in the network. While this makes the network setup very simple and straightforward (which is a benefit for end-user devices), it creates major problems in larger networks especially when the distances are increased.

IEEE Standards: Wi-Fi has been defined under IEEE 802.11x standards where x is various Wi-Fi versions. WiMAX is standardized under 802.16y family of wireless networking where y refers to various WiMAX versions.

Versions of the Standard: Depending on several factors such as frequency, range, encryption, application etc., Wi-Fi has several versions of it such as 802.11b, 802.11g, 802.11n.

On the similar factors, WiMAX has a number of different versions too:802.16a, 802.16d and 802.16e are some popular WiMAX versions.

Frequency Band: Wi-Fi has been defined under ISM bands where user has to pay no extra charging for utilizing those bands. On the contrast, there is no bar on frequency usage in the WiMAX. This means that WiMAX protocols might work in the ISM bands or they might use a licensed frequency version for which the user probably would be charged.

Range: An ideal Wi-Fi based network reaches around 100metres as it maximum range whereas an ideal WiMAX network can reach about 80-90kilometers in terms of range.

Data Transfer Rates: Wi-Fi based networking can transfer data at speeds up to 54mbps. On the other hand, WiMAX networks exchange data at speeds upto 40mbps. In WiMAX, data transfer rates have more variation as distances to be covered are quite larger.

Channel Bandwidth: Wi-Fi networks have a channel bandwidth of 20MHz, whereas WiMAX networks have a flexible bandwidth option which ranges from 1.25MHz to 20MHz.

Bandwidth Efficiency: This term refers to bits of information sent per second per unit frequency. This is a measure of how qualitatively the channel is managed by the network. Bandwidth efficiency of a WiMAX channel (upto 5bps/s/Hz) is theoretically twice as efficient as Wi-Fi based networks (upto 0.44bps/s/Hz for 802.11a and 2.7bps/s/Hz for b/g/n standards).

Difference in MAC Layer: MAC layer is an essential part of an OSI model. It defines communication procedures that a protocol uses. Wi-Fi’s MAC layer uses CSMA/CA protocol which is not connection oriented while that in WiMAX is connection oriented.

Encryption Techniques: Encryption techniques in WiMAX include Triple Data Encryption Algorithm and Advanced Encryption Standards. On the other hand, in Wi-Fi, encryption techniques are Advanced Encryption Standard (AES) and RC4.

Authentication: Authentication is process under Network Security where connection is checked for its identity before being established. Both these wireless networking technologies apply different set of protocols for authentication purposes.

What are the Core Banking system issues

In around 80% of cases, financial institutions run core banking systems they built themselves; pre-internet era systems designed for 9 to 5 branch banking and patched up over time to meet changing technology and customer needs. This has left them with major issues:

· Risk and complexity - A typical universal bank runs more than 180 badly-documented applications, restricting flexibility but also creating thousands of points of failure

· Scalability - Banking systems can't keep up with the exponential growth in volumes brought about by the digitization of banking, and soon the Internet of Things

· High expenditure and opportunity cost - According to Celent, the cost of maintaining ageing legacy banking systems eats up more than 75% of banks' IT budgets, leaving little for value-enhancing expenditure

· An expectations gap - Customers want financial institutions to perform the role of infomediaries, helping them to make better financial and commercial decisions. To achieve this, banks need real-time, integrated systems

TEMENOS T24 has an Open Architecture

TEMENOS T24 is built on open architecture and is claimed to offer low cost of ownership and uses established standards such as HTTP, XML and J2EE. The design of TEMENOS T24 offers multiple application server support offering horizontal scalability and supporting huge numbers of users with inherent non-stop resilience. TEMENOS T24 was designed to remove the need to run End Of Day processing.

Temenos' Open Standards allows for the most flexibility in converting legacy systems.

TEMENOS T24 runs on:

· Open hardware

· Open database

· Open J2EE application server

· Open user interface through browser,

· HTML and XSLT

· Open connectivity through XML and

· Web Services

· Open C language code

· Open Java development environment

The T24 system is based on established industry standards as promoted by independent bodies and not on the particular interpretation of these standards by other vendors.

What is the difference between digitization and digitalization?

Digitization is a term we’ve been all using for ages. Yet, at the same time, as the example in the beginning shows, not always in the right context, at least in my view.

Here is another one, by way of example. Someone wanted to digitize his workforce. Sounds scary, doesn’t it? In my mind it creates this image of a huge machine that is brought in to turn all workers into bits and bytes instead of atoms (more about the bits versus atoms idea by the way in our post on the information age).

Source:

Tutorial point- https://www.tutorialspoint.com/

Java T point- https://www.javatpoint.com/

Geeksforgeeks- https://www.geeksforgeeks.org

Techopedia - https://www.techopedia.com/

guru99- https://www.guru99.com/

techterms - https://techterms.com/

webopedia - https://www.webopedia.com/

study - https://study.com/

wikipedia - https://en.wikipedia.org/

cprogramming - https://www.cprogramming.com/

w3schools - https://www.w3schools.com/

Electronic hub- https://www.electronicshub.org/

Computer Networking

Bandwidth of digital signals

Throughput

Protocol

TCP/IP

CDMA

GPRS

OSI Model

Characteristics of OSI Model:

Functions of the OSI Layers

Physical layer

Functions of a Physical layer:

Data-Link Layer

Functions of the Data-link layer

Network Layer

Functions of Network Layer:

Transport Layer

Functions of Transport Layer:

Session Layer

Functions of Session layer:

Presentation Layer

Functions of Presentation layer:

Application Layer

Functions of Application layer:

What is Multiplexing?

Why Multiplexing?

History of Multiplexing

Concept of Multiplexing

Advantages of Multiplexing:

Frame format of CSMA/CD

CSMA/CD Procedure:

Multiplexing Techniques

Frequency-division Multiplexing (FDM)

Wavelength Division Multiplexing (WDM) Wavelength Division Multiplexing is same as FDM except that the optical signals are transmitted through the fibre optic cable.

Time Division Multiplexing

Synchronous TDM

Asynchronous TDM

Switching

Why is Switching Concept required?

Advantages of Switching:

Disadvantages of Switching:

NIC

There are two types of NIC:

Digital Signature

Signing the Whole Document

Digital Signature is used to achieve the following three aspects:

Following are the steps taken by PGP to create secure e-mail at the sender site:

PGP at the Sender site (A)

PGP at the Receiver site (B)

Data Link Controls

Line Discipline

Flow Control

Error Control

Error Detection

Types Of Errors

Single-Bit Error:

Burst Error:

Error Detecting Techniques:

Single Parity Check

Two-Dimensional Parity Check

Drawbacks Of 2D Parity Check

Checksum

Checksum Generator

Checksum Checker

Cyclic Redundancy Check (CRC)

CRC Generator

CRC Checker

Error Correction

Hamming Code

Algorithm of Hamming code:

Relationship b/w Error position & binary number.

Determining the position of the redundant bits

Determining the Parity bits

Determining the r1 bit

Determining r2 bit

Determining r4 bit

R1 bit

R2 bit

R4 bit

Windows NT, 2000, XP, Vista, Windows 7

Wavelength Division Multiplexing (WDM)

Wavelength Division Multiplexing is same as FDM except that the optical signals are transmitted through the fibre optic cable.