| Date post: | 08-Apr-2018 |
| Category: |
Documents |
| Upload: | anshul-kumar |
| View: | 220 times |
| Download: | 0 times |
of 35
8/7/2019 bca 6
1/35
INTRANET
An intranet is a private computer network that uses internet protocoltechnologies to securely share any part of an organization's information oroperational systems within that organization. The term is used in contrast to
internet, a network between organizations, and instead refers to a networkwithin an organization.
Characteristics
An intranet is built from the same concepts and technologies used for theInternet, such as client server computing and the internet protocol(TCP/IP).Any of the well known Internet protocols may be found in an intranet, suchasHTTP (web services), SMTP(e-mail), and FTP (file transfer)
An intranet can be understood as a private version of the Internet, or as aprivate extension of the Internet confined to an organization. The first
intranet websites and home pages began to appear in organizations in1990 - 1991.
Intranets are also contrasted with extranets. While intranets are generallyrestricted to employees of the organization, extranets may also beaccessed by customers, suppliers, or other approved parties. Anorganization's intranet does not necessarily have to provide access to theInternet. When such access is provided it is usually through a networkgateway with a firewall, shielding the intranet from unauthorized externalaccess.
Benefits
1-Workforce productivity: Intranets can also help users to locate andview information faster and use applications relevant to their roles andresponsibilities.It also helps to improve the services provided to the users.
2-Time: With intranets, organizations can make more information availableto employees on a "pull" basis (i.e., employees can link to relevantinformation at a time which suits them) rather than being delugedindiscriminately by emails
3-Communication: Intranets can serve as powerful tools forcommunication within an organization, vertically and horizontallyByproviding this information on the intranet, staff have the opportunity to keepup-to-date with the strategic focus of the organization
4-Cost-effective: Users can view information and data via web-browser
8/7/2019 bca 6
2/35
rather than maintaining physical documents such as procedure manuals,internal phone list and requisition forms. This can potentially save thebusiness money on printing, duplicating documents, and the environmentas well as document maintenance overhead
5-Business operations and management: Intranets are also being usedas a platform for developing and deploying applications to support business
operations and decisions across the internetworked enterprise6-Promote common corporate culture: Every user is viewing the sameinformation within the Intranet
7-Enhance Collaboration: With information easily accessible by allauthorised users, teamwork is enabled.
8-Knowledge of your Audience
9-Supports a distributed computing architecture: The intranet can alsobe linked to a companys management information system, for example a
time keeping systemINTRANET VS INTERNET
1-Intranet Is A Private Network Whereas Internet Is A Public Network
2-Intranet is a local network whereas internet is a global network
3-Intranet is internal system of organization which restrict outsiderswhereas internet is
a public system ,which can be accessed by anyone.
4-Using intranet we can access internet but using internet one can notaccess intranet
5-intranet is for the internal use of organization whereas internet is used foroutside use of organization
6-intranet is cheaper in comparison to internet
7-intranet decreases production cost
8-intranet can be run over private line such as frame relay
9-intranet helps in improving linkage with the organizations bur internet cannot
10-intranet helps in enhancing communication
11-intranet helps in reducing cost of distributing information for internal use
12-both internet server and intranet server differs in their design
8/7/2019 bca 6
3/35
philosophy.
TYPES OF INTRANET
On the basis of applications or use intranet are classified as
Communications intranet
Integrating intranet
Catalogue intranet
Single sign on intranet
On the basis of functionality intranets are classified as
Database management
Bulletin board
Information access
Communication intranets-This intranet is used when the organizationsare having different geographical locations.for eg if an organization haslarge no of franchises then for communication purpose this intranet is usedas it saves the cost and increases efficiency
Integrating intranet-This intranet helps in providing common interface bylinking different departments or divisions through hypertext link.
Catalogue intranet-When multiple informations are required to be accesedthen catalogue intranets are used as it provides access to large catalogueof information.
Single sign on intranet-single sign on intranet allows the employees or
users to be secure from accessing inapprop[riate sites automatically.it isdone by using firewalls
Database management-This intranet helps in maintaining an interactivedatabase that can provide correct information at whatever time they areneeded and from any locations.when the information in the database are
8/7/2019 bca 6
4/35
required to be updated then immediately that information are updated.
Bulletin Board-It is just like a notice board of a company whereinformation may or may not be frequently updated.it allows everyone toreview the information.an example of bulletin board include pictures ofemployees,calendars events,etc.
Information Access- As The Name Suggests This intranet allows theinformation to be accesed in a simple manner .the information may beavailable on any topic for accessing.
INTRANET SOFTWARE HARDWARE REQUIREMENTS
Client Workstation
Operating System
Microsoft Windows: Microsoft Windows XP Professional
Microsoft Windows 2000
Database- NA
Processor-1.0 GHz Pentium
Monitor- SVGA with 256 or more colors minimum 800x600 resolution
Other - Internet Explorer 5.5 and Excel 97/2000/XP/2003, for FinancialReports
CD-ROM Drive- NA
Free Disk Space - 300 MB for application files
Server Requirements
Windows 2000/2003/2008 Server OS (x86 and 64bit compatible)Internet Information Server (IIS versions 5,6 or 7)Intel Pentium III, (recommended dual core or quad core processor)
1 GB minimum RAM (recommend 2 GB)600MB required for installation (recommended minimum 6 GB for uploadedcontent/documents)
Monitor- SVGA with 256 or more colors minimum 800x600 resolution
8/7/2019 bca 6
5/35
Processor- For a 50-user system:
2 Processors, Pentium 4 or Xeon 2.0 GHz
For a 100-user system:
4 Processors, Pentium 4 or Xeon 2.0 GHz
Printer- A printer capable of printing 224 characters per line
CD-ROM Drive - Required
Pointing Device - A mouse, supported by Windows
Database:
Pervasive.SQL 8.7 and 9.1 for Novell NetWare/Microsoft Windows/Linux or
Oracle 8i/9i Enterprise Edition, Standard Edition and Standard Edition Oneor Microsoft SQL Server 2000 and 2005
FILE TRANSFER PROTOCOL
File Transfer Protocol (FTP) is a standard network protocol used toexchange and manipulate files over a TCP/IP based network, such as theinternet.FTP is used to:
Promote sharing of files (computer programs and/or data).
Encourage indirect use of remote computers
Shield a user from variations in file storage systems among different
hosts. (The user does not need to know what the type of file systemis.)
Transfer data reliably, and efficiently
WORKING OF FTP
A client makes a connection to the server using TCP port 21. Thisconnection, called the control connection, remains open for the duration ofthe session, with a second connection on port 20 opened as required totransfer file data.Commands are sent by the client over the control
connection in ASCII .The server responds on the control connection with three digit status codesin ASCII with an optional text message, for example "200" (or "200 OK.")means that the last command was successful. A file transfer in progressover the data connection can be aborted using an interrupt message sent
8/7/2019 bca 6
6/35
over the control connection
FTP can be run in active mode or passive mode, which control how thesecond connection is opened. In active mode the client sends the serverthe IP address port number that the client will use for the data connection,and the server opens the connection. Passive mode was devised for usewhere the client is behind a firewall and unable to accept incoming TCP
connections. The server sends the client an IP address and port numberand the client opens the connection to the server
While transferring data over the network, four data representations can beused, of which only two are common:
ASCII mode: only for plain text. (Any other form of data will becorrupted)
BINARY mode: the sending machine sends each file for byte and assuch the recipient stores the bytestream as it receives it. (The FTP
standard calls this "IMAGE" or "I" mode)The other two, EBCDIC and local file type are essentially obsolete.
WHAT IS ENCRYPTION?
Encryption is the conversion of data into a form, called a cipher text,that cannot be easily understood by unauthorized people.In cryptography,encryption is the process of transforming information(referred to as plaintext) using an algorithm to make it unreadable to anyone except thosepossessing special knowledge, usually referred to as akey..
Decryption is the process of converting encrypted data back into itsoriginal form, so it can be understood.
There are two basic techniques for encrypting information: symmetricencryption(also called secret key encryption) and asymmetricencryption(also called public key encryption).
Symmetric EncryptionSymmetric Encryption (also known as symmetric-key encryption,
single-key encryption, one-key encryption and private key encryption) is atype of encryption where the same secret key is used to encrypt anddecrypt information or there is a simple transform between the two keys.
8/7/2019 bca 6
7/35
A secret key can be a number, a word, or just a string of random letters.Secret key is applied to the information to change the content in a particularway. This might be as simple as shifting each letter by a number of placesin the alphabet. Symmetric algorithms require that both the sender and thereceiver know the secret key, so they can encrypt and decrypt allinformation.
There are two types of symmetric algorithms: stream algorithms(streamciphers) and block algorithms(block ciphers)
8/7/2019 bca 6
8/35
Types of Symmetric algorithms (Symmetric-key algorithms)
Symmetric algorithms (Symmetric-key algorithms) use the same key forencryption and decryption. Symmetric-key algorithms can be divided intoStream algorithms (Stream ciphers) and Block algorithms (Block ciphers).
1-Stream cipherStream ciphers encrypt the bits of information one at a time - operate on
1 bit (or sometimes 1 byte) of data at a time (encrypt data bit-by-bit).Stream ciphers are faster and smaller to implement than block ciphers,however, they have an important security gap. If the same key stream isused, certain types of attacks may cause the information to be revealed.
2-Block CiphersBlock cipher (method for encrypting data in blocks) is a symmetric
cipher which encrypts information by breaking it down into blocks andencrypting data in each block. A block cipher encrypts data in fixed sizedblocks (commonly of 64 bits). The most used block ciphers are TRIPLEDES and AES
Some examples of popular symmetric algorithms:AES,DES,IDEA,TRIPLE DES
(i)AES
AES stands for Advanced Encryption Standard. AES is a symmetric keyencryption technique which replaces the commonly used Data EncryptionStandard (DES).
The AES algorithm usesthree key sizes: a 128-, 192-, or 256-bitencryption key. Each encryption key size causes the algorithm to behaveslightly differently, so the increasing key sizes not only offer a largernumber of bits with which you can scramble the data, but also increase thecomplexity of the cipher algorithm
(ii)Data Encryption Standard (DES)
Data Encryption Standard (DES) is a block cipher with 64-bit block size thatuses 56-bit keysDue to recent advances in computer technology, someexperts no longer consider DES secure against all attacks; since thenTriple-DES (3DES) has emerged as a stronger method. Using standardDES encryption, Triple-DES encrypts data three times and uses a different
8/7/2019 bca 6
9/35
key for at least one of the three passes giving it a cumulative key size of112-168 bits.
(iii)IDEA
IDEA stands for International Data Encryption Algorithm. IDEA is asymmetric encryption algorithm that was developed by Dr. X. Lai and Prof.J. Massey to replace the DES standard. Unlike DES though it uses a 128bit key. This key length makes it impossible to break by simply trying everykey.
(iii)Triple DES
Triple DES is a variation of Data Encryption Standard (DES). It uses a 64-bit key consisting of 56 effective key bits and 8 parity bits. The size of theblock for Triple-DES is 8 bytes. Triple-DES encrypts the data in 8-bytechunks. The idea behind Triple DES is to improve the security of DES byapplying DES encryption three times using three different keys
Asymmetric Encryption (Public Key Encryption)
Asymmetric encryption uses different keys for encryption and decryption.The decryption key is very hard to derive from the encryption key. Theencryption key is public so that anyone can encrypt a message. However,the decryption key is private, so that only the receiver is able to decrypt themessage. It is common to set up "key-pairs" within a network so that eachuser has a public and private key. The public key is made available toeveryone so that they can send messages, but the private key is only made
available to the person it belongs to.Asymmetric key encryption is muchslower than symmetric key encryption and hence they are only used for keyexchanges and digital signatures.
How Asymmetric Encryption (Public Key Encryption) works:The sender and the reciever must have the same software. The
receiver makes a pair of keys - public key and private key .Public key canbe used by anyone with the same software to encrypt a message. Publickeys can be freely distributed without worrying since it is only used toscramble (encrypt) the data.
The sender does not need the recipient's password to use his or herpublic key to encrypt data. The recipient's other key is a private key thatonly he or she can use when decrypting the message. Private key shouldnever be distributed since the private key assures that only the intendedrecipient can unscramble (decrypt) data intended for him or her.
To uderstand assymetric encryption better please read an example:
8/7/2019 bca 6
10/35
For example, Jack makes public key A and private key A, and Jill makespublic key B and private key B. Jack and Jill exchange their public keys.Once they have exchanged keys, Jack can send an encrypted message toJill by using Jill's public key B to scramble the message. Jill uses herprivate key B to unscramble it. If Jill wants to send an encrypted messageto Jack, she uses Jack's public key A to scramble her message, which
Jack can then unscramble with his private key A. Asymmetric cryptographyis typically slower to execute electronically than symmetric cryptography.
Some examples of popular assymmetric algorithms:RSA,DSA,PGP
(I)RSA
RSA is the best known public key algorithm, named after its inventors:Rivest, Shamir and Adleman. RSA uses public and private keys that arefunctions of a pair of large prime numbers. Its security is based on thedifficulty of factoring large integers. The RSA algorithm can be used forboth public key encryption and digital signatures. The keys used forencryption and decryption in RSA algorithm, are generated using random
data. The key used for encryption is a public key and the key used fordecryption is a private key. Public keys are stored anywhere publiclyaccessible. The sender of message encrypts the data using public key, andthe receiver decrypts it using his/her own private key. That way, no oneelse can intercept the data except receiver.
(II)DSA
The Digital Signature Algorithm (DSA) is a United States FederalGovernment standard or FIPS for digital signatures. It was proposed by theNational Institute of Standards and Technology (NIST) in August 1991 for
use in their Digital Signature Standard (DSS).(III)PGP
PRETTY GOOD PRIVACY a public key system for encrypting electronicmail using the RSA public key cypher. It encrypts the message using theIDEA cypher with a randomly generated key. It then encrypts the key using
8/7/2019 bca 6
11/35
the recipients public key. When the recipient receives the message, PGPuses his private RSA key to decrypt the IDEA key and then uses that IDEAkey to decrypt the message.
PASSWORDS SECURITY
Passwords are keys you use to access your accounts, personalinformation, software applications, etc. Passwords help to ensure that onlyauthorized users access PCs, bank accounts, email accounts, etc.Password is very much like a key. It gives you access to your accounts,emails, sensitive informaiton, software, etc.
Strong passwords is an important aspect of computer and informationsecurity. Easy-to-guess passwords could seriously compromise yousecurity and put your secure information at risk. To ensure informationsecurity you should create strong secure passwords and keep them in a
safe and secure way.
General password construction tipsThese are the specific rules to which your password must conform in orderto be accepted as a strong password:1. Passwords should not be based on well-known or easily accessiblepersonal information. You should never use personal information as a partof your password. It is very easy for others to guess things like yourbirthday date, mother's name, your last name, pet's name and otherpersonaldetails.
2. Password length - password size does matter.Each character you add toyour password length increases its security. Your passwords should be 12or more characters in length. The more characters your password contains,the more difficult it can be to guess.3. Use random combination of upper-case and lower-case letters anddigits.4. Passwords shouldn't contain dictionary and/or foreign words.5. Regularly change your passwords. You should change your password atleast every 30 - 60 days. The more important the password is, the more
frequently the password should be changed. Old passwords should not bere-used for a period of 6 months.6. Don't use the same password for different accounts7. You can use a passphrase as a part of password - use a sentence youcan easily remember and create a password using the first letter from eachword. Note: you should combine it with other measures, such as password
8/7/2019 bca 6
12/35
length, upper-case and lower-case letters and digits.8. To improve the strength of your password, you can also use look-alikesubstitutions of numbers or symbols such as to replace an 'l' with a '1', etc.
How to remember passwords
The simplest way to remember passwords is to create passwords yourself.If you create a password yourself, you know the way it is formed, and it iseasier to remember. Of course, the harder the password is, the better thesecurity is. But such passwords are difficult to remember.Like most computer users, you have at least half a dozen of passwords toremember - e-mail, ICQ, bank accounts, dial-up, etc. Remembering all ofthem is not easy. That's why some users create passwords that are easilyto remember (using your birth date, dog's name, or some other obviouschoice) and, unfortunately, so easily guessable, others use the samepassword for all websites or try storing all their passwords in one textdocument or write down passwords in notebook, which all is not safe.
Easily guessable passwords can become a great weakness in yourcomputer security.
SSL
Secure socket layer protocol is an internet protocol for secure exchange ofinformation between a web browser and a web server.it provides two basicsecurity services-authentication and confidentiality
The SSL layer is located between application layer and transport layer.SSL
has three sub protocols-Handshake protocol,record protocol and alertprotocol
Handshake protocol-The handshake protocol is actually made up of fourphases
1-Establishing security capabilities-steps involved are
A)client Hello B)server Hello
2-Server authentication and key exchange- steps involved are
A)certificate B)server key exchange
C)certificate request D)server hello done3-Client authentication and key exchange -steps involved are
A)certificate B)client key exchange
C)certificate verify
8/7/2019 bca 6
13/35
4-Finish
Record protocol-This protocol provides two services to an SSL connectionas follows-
A)Confidentiality-This is achieved by using secret key that is defined by
handshake protocolB)Integrity-Handshake protocol also defines a shared secret key(MAC)that is used for assuring message integrity.
SSL Protocol works in following steps-
1-Fragmentation
2-Compression
3-Addition of MAC
4-Encryption
5-Append header
Alert protocol-When either client or server detects an error,the detectingparty sends an alert message to other party.If error is fatal, both partiesimmediately close the SSL connection.
If the error are not severe,it does not result in termination ofconection.instead handle the error and continue.
Closing and Resuming SSL Connection
Each party sends a close notifyalert to another party before closing the
connection.This results in graceful closure of connection.
After receiving this alert the party must immediately stop its work andsends its own close notifyalert and ends the connection from its side
If SSL Connection results without close notifyfrom either party ,it can notbe resumed
SECURITY POLICY
A good security policy generally takes care of four key aspects
Affordability-cost and effort in security implementation
Functionality-mechanism of providing security
Cultural issues-whether the policy gets well with peoplessexpectations,working style.
8/7/2019 bca 6
14/35
Legality-whether the policy meets the legal requiremts.
Once security policy is in place ,the following points should be ensured
a) Explanation of policies to all concerned
b) Outline everybodys responsibilities
c) Use simple language in all communication
d) Provision for exception and periodic reviews
Some of the important security principles are discussed below
1-Confidentiality It specifies that only the sender and intended receivershould be able to access the contents of the message.
A message send by user A for user B must be received only by B.If anyother user C gets access to the message, which is not desired then itdefeats the purpose of confidentiality.So this attack which results in loss ofconfidentiality is known as interception.
2-Authentication- It ensures that the origin of the message is correctlyidentified. Receiver B must ensure that the message has came fromA.user B must ne sure that any other user C posing as A has not sent themessage.
If any other user C posing as user A send the message to user B then itresults in loss of proper authentication mechanism.this type of attack iscalled as fabrication.
3-Integrity- It ensures that no one has changed the content of themessage.If user A has send the message to B ,and before reaching to
B,any third user C changed or modified the content of the message aboutwhich A and B does not know,then this type of attack is known asmodification.
4-Non Repudiation there are some situation where user after sendingthe message refuses that he/she has send the message.For example Asends the funds transfer request to bank B over the internet.After the banktransfers the fund A could claim that he/she never sent the funds transfermessage to the bank..
The principle of non repudiation defeats such possibilities of denyingsomething ,having done it.Non Repudiation does not aloow the sender ofthe message to claim of not sending the message.
5-Access Control- It determines who should be able to access what.inother words we should specify that user A can view the records but cannot
8/7/2019 bca 6
15/35
update it.however B might be allowed to make updates as well.
Access Control specifies and control who can access what.
6-Availibility It states that the information should be available toauthorized user ,at all times.If due to intentional action of unauthorized userC ,an authorized user A does not get the information on time then such anattack on the information is called as interruption.
FIREWALL
Firewall is a device which ensures that inside information remainsinside the organizations network and also prevents the outsider attackers
from entering inside a corporate network.A firewall is a device installed between the internal network of an
organization and the rest of the Internet. It is designed to forward somepackets and filter (not forward) others.
All the traffic between the network and internet must pass through thefirewall.The Firewall decides if the traffic an be allowed to flow or whether itmust be stopped from proceeding further.
The characteristics of good firewall implementation can be describedas follows-
All traffic from inside to outside or outside to inside must pass throughfirewall.
Only authorized traffic should be allowed to pass through.
The firewall itself must be strong .
Type Of Firewall
Packet Filter
Proxy Server
Packet filter-
8/7/2019 bca 6
16/35
A packet filter performs following functions
Receive each packets as it arrives
Pass the packet through rules,based on IP adress and header of the
packet. Let us take an example to understand it more clearlyA table is used to decide which packet should be accepted and whichshould be rejected as shown below .
The rules specified in packet filter works as follows
Incoming packets from network 131.34.0.0 are blocked for security.
Incoming packets from network on telnet server (port no 23) areblocked.
Incoming packets intended for internal host 194.78.20.8 are blocked.
Outgoing packets intended for http (port 80) are banned.A packet filter firewall filters at network or transport layer.
8/7/2019 bca 6
17/35NETWORK 1
NETWORK 2
FI
REWALL 1
FIREWALL 2
Proxy firewall-
When user client sends a message,the proxy firewall runs a server process
to receive the request.the server opens the packet at application level and
find out if request is legitimate.If it is ,the server act as a client and send
message to real server.If it is not an error message is sent to external
user.Thus request of external users are filtered based on content of
application layer.
A proxy firewall filters at application layer.VIRTUAL PRIVATE NETWORK
VPN is a mechanism of employing encryption,authentication andintegrity protection so that we ca use public network as if it is privatenetwork.VPN combines the advantage of public and private network (cheapand easily available) with those of private network(secure and reliable).
The term virtual means that it depends on use of virtual connectionwhich are temporary and do not have any physical presence.
The architechure of VPN is shown below.
X
Y
VPNTUNNEL
8/7/2019 bca 6
18/35
SOURCEADDRESS
DESTINATIONADDRESS
FIG:VPN BETWEEN TWO PRIVATE NETWORK
We have two network.network1 and network 2.network 1 connects tointernet via firewall 1 and network 2 connects to intrnet via firewall2.Boththe firewall are virtually connected via internet
Suppose Host X on network 1 want to send data packet to Host Y on
network 2.The transmission works as follows;
1-Host X creates packet .Insert its IP Address as source address and IPaddress of host Y as destination address and sends the packet.
2-Packet reaches firewall 1.It adds new header and changes source IPaddress of packet from X to its own IP address(f1).It also changesdestination IP address from Y to IP address of firewall 2(f2).It also performsencryption and authentication and sends the packet over internet.
destinationaddress
Source additional
Address header
3-Packet reaches firewall 2 via internet.It discards the outer header anddecrypt to get original packet as was created by host X.It then realizes thatpacket is meant for host Y and then delivers the packet to host Y.
X Y OTHER HEADER AND
ACTUAL DATA
X Y OTHER HEADER AND
X Y OTHER HEADER ANDF1
X Y OTHER HEADER ANDF1
8/7/2019 bca 6
19/35
destinationaddress
Sourceaddress
There are 3 main VPN Protocols
1) POINT TO POINT TUNNELING PROTOCOL(PPTP) which supportsVPN connectivity between single user and a LAN2) LAYER 2 TUNNELING PROTOCOL(L2TP) which works for bothcombinations-yser to LAN and LAN to LAN3) IPSEC
ELECTRONIC MAIL
One of the most popular Internet services is electronic mail (e-mail).Its
architecture consists of several components.
Architecture:
When the sender and the receiver of an e-mail are on the samesystem,we need only two user agents
X Y OTHER HEADER AND
8/7/2019 bca 6
20/35
When the sender and the receiver of an e-mail are on differentsystems, we need two UAs and a pair of MTAs (client and server).
When both sender and receiver are connected to the mail servervia a LAN or a WAN, we need two UAs, two pairs of MTAs and apair of MAAs.
This is the most common situation today.
8/7/2019 bca 6
21/35
Services of user agent:
Composing messages
reading messages
replying to messages
forwarding messages
handling mailboxes
SMTP,POP3/IMAP4
SMTP is used two times. Between the sender and senders mail server andbetween two mail server.it defines how commands a nd response must besend back and forth.
8/7/2019 bca 6
22/35
The protocol that supports email on the Internet is called Simple MailTransfer Protocol (SMTP).* The UA prepares the message, creates the envelope, and puts themessage in the envelope.* The email address consists of two parts: a local address (user mailbox)and a domain name. The form is localname@domainname.
* The MTA transfers the email across the Internet.* SMTP uses commands and responses to transfer messages between anMTA client and an MTA server.* The steps in transferring a mail message are connection establishment,message transfer, and connection termination
Figure 26.19 SMTP range POP3 and IMAP4
Figure - Commands and responses
SMTP is a push protocol
8/7/2019 bca 6
23/35
keyword arguments
HELLO Senders host name
FROM
Sender of the
message
RCPT TO Intended recipient ofthe message
DATA Body of the mail
VRFY Name of recipient to
be verified
TABLE: COMMANDS
TABLE: RESPONSE
Post Office Protocol, version 3 (POP3) and Internet Mail Access Protocol,version 4 (IMAP4) are protocols used by a mail server in conjunction withSMTP to receive and hold email for hosts.
POP 3 Has two modes-delete mode and keep mode.in delete mode mail is
deleted from mailboxes after each retrieval .in keep mode the mail remainsin the mailbox after retrieval.
Code Description
211 System status or help
reply
214 Help message
220 Service ready
421 Service not available
450 Mailbox not available
501 Syntax error in
parameters
502 Command not implemented
8/7/2019 bca 6
24/35
Pop 3 is deficient in several ways.it does not allow user to organize her
mail on server.the user cannot have different folders on the server.It does
not allow user to partially check the content of mail before downloading.
Figure - The exchange of commands and responses in POP3
IMAP 4 provides following extra functions
user can check email header before downloading
user can partially download email.
User can create ,rename or delete mailboxes on mail server
User can create hierarchy of mailboxes in folder for email storage.
8/7/2019 bca 6
25/35
ADDRESS MAPPING
The delivery of a packet to a host or a router requires two levels of
addressing: logical and physical. We need to be able to map a logical
address to its corresponding physical address and vice versa. This can be
done by using either static or dynamic mapping.
Figure - ARP operation
In fig system A has packets that needs to be delivered to system B with IPaddress 141.23.56.23.System A needs to send the packet to its data link
8/7/2019 bca 6
26/35
layer but does not know physical address of recipient.then it uses ARP toask for physical address of system with IP 141.23.56.23
An ARP request is broadcast;an ARP reply is unicast
The packet is received by every system on network but only system B willanswer .system B sends an ARP reply packet that includes its physical
address.now system A can send the packet it has for his destination byusing physical address it received .
Figure - ARP packet
Following are the four cases in which ARP services can be used.
1-Sender is host and wants to send a packet to another host on samenetwork.In this case logical address that must be mapped to physicaladdress is the destination IP address in datagram header
8/7/2019 bca 6
27/35
2-Sender is host and wants to send packet to another host on another
network .In this case IP address of the next router becomes the logical
address that must be mapped to physical address.
Figure - Four cases using ARP
3-Sender is a router that has received a datagram destined for host on
another network.It checks routing table to find the IP address of next router
which becomes logical address that must be mapped to physical address.
4-Sender is a router that has received a datagram destined for host on
same network.destination IP address of datagram becomes the logical
address that must be mapped to physical address.
8/7/2019 bca 6
28/35
Transmission Media
Figure 7.2 Classes of transmission media
TWISTED PAIR CABLE-
Twisted-pair cable consists of two insulated copper wires twisted together.Twisting allows each wire to have approximately the same noise
environment.* Twisted-pair cable is used in telephone lines for voice and data
communications
Figure Twisted-pair cable
8/7/2019 bca 6
29/35
Figure - UTP performance
Figure 7.4 UTP and STP cables
COAXIAL CABLE-
Coaxial cable has the following layers (starting from the center): a metallic
rod-shaped inner conductor, an insulator covering the rod, a metallic outerconductor (shield), an insulator covering the shield, and a plastic cover.
* Coaxial cable can carry signals of higher frequency ranges than twisted-
pair cable.* Coaxial cable is used in cable TV networks and traditional Ethernet LANs.
8/7/2019 bca 6
30/35
Figure 7.7 Coaxial cable
Figure 7.9 Coaxial cable performance
8/7/2019 bca 6
31/35
Table 7.2 Categories of coaxial cables
FIBRE OPTIC CABLE-
Fiber-optic cables are composed of a glass or plastic inner core surrounded
by cladding, all encased in an outside jacket.* Fiber-optic cables carry data signals in the form of light. The signal ispropagated along the inner core by reflection.* Fiber-optic transmission is becoming increasingly popular due to its noise
resistance, low attenuation, and high-bandwith capabilities.
Fiber-optic cable is used in backbone networks, cable TV networks, and
Fast Ethernet networks.
Figure 7.11 Optical fiber
8/7/2019 bca 6
32/35
WWW
ARCHITECTURE
The WWW today is a distributed client/server service, in which a client
using a browser can access a service using a server. However, the serviceprovided is distributed over many locations called sites.
Figure - Architecture of WWW
The World Wide Web is a repository of information spread all over theworld and linked together.* Hypertext and hypermedia are documents linked to one another throughthe con-cept of pointers.* Browsers interpret and display a Web document.* A browser consists of a controller, client programs, and interpreters
Figure - URL
WEB DOCUMENTS
8/7/2019 bca 6
33/35
The documents in the WWW can be grouped into three broad categories:
static, dynamic, and active. The category is based on the time at which the
contents of the document are determined.
1-Static Documents-
A static document is one in which the contents are fixed and stored in aserver. The client can make no changes in the server document.
* Hypertext Markup Language (HTML) is a language used to create staticWeb pages
Figure - Static document
2- Dynamic Document-
A dynamic Web document is created by a server only at a browser
request.
* The Common Gateway Interface (CGI) is a standard for creating andhandling dynamic Web documents.* A CGI program with its embedded CGI interface tags can be written in a
language such as C, C++, shell script, or Perl.* The server sends the output of the CGI program to the browser.* The output of a CGI program can be text, graphics, binary data, status
codes, instructions, or an address of a file
8/7/2019 bca 6
34/35
Figure 27.8 Dynamic document using CGI
3-Active Document- An active document is a copy of a program retrieved
by the client and run at the client site.
* Java is a combination of a high-level programming language, a run-time
environment, and a class library that allows a programmer to write an
active document and a browser to run it.
HTTP
The Hypertext Transfer Protocol (HTTP) is a protocol used mainly toaccess data on the World Wide Web. HTTP functions as a combination ofFTP and SMTP
HTTP uses the service of TCP on well known port 80
8/7/2019 bca 6
35/35
Figure 27.12 HTTP transaction
Figure 27.13 Request and response messages
