Chapter 4- Networks

Page 80-84By: Seem, Mohammad W,

Mohammad

The Internet

• What is the Internet?• The internet is a network of networks that is

used by organizations all over the globe such as businesses, schools, universities and so on.

• How do we connect?• Local networks such as home or business users

are connected via Inter Service Providers (ISP) which are then connected to the NSPs (Network Service providers).

• What are NSPs??• NSPs are large companies that sell access to

the internet backbone

• What is the Internet backbone• The Internet backbone is a series of high speed

links which connect major geographical areas• Backbone cables often run under the ocean

and are usually high speed fibre optic cables. They need to be high speed fibre optic cables because huge amounts of Internet traffic travels through them.

Data Routing

• How is data communicated between computers?• When an email is sent it does not go directly to

the recipient's computer, instead the data travels through many other systems before it reaches its destination.

• The internet backbone enables fast global communication, and is relatively tolerant of faults as data can be re-routed to alternative paths if needed.

Privacy issues

• Any of the systems that the data has passed through to get to its destination can potentially view or alter data. So sensitive information should not be shared over the internet. This is why online shopping and banking systems sites are protected with SSL or TSL encryption guard against electronic eavesdroppers.

Previous Internet failure

• In 2008 tens of millions of people in the middle east and Asia lost their Internet connections. This is because a primary backbone cable was cut by a ship performing work on the sea bed. 60% of the available bandwith was lost, and countries such as Egypt, India, Pakistan and Saudi Arabia were severely affected. This failure also helped highlight our growing independence on the Internet for many of our daily activities.

Domain Names

• IP addresses help computers identify each other on a network but they are not really useful for humans because they are hard to remember and they give no identification of the purpose of a computer. Instead URL’s are used, they are usually short enough to remember and provide enough details about the owner of the website.

• The URL has several parts;• Org-Mainly used by charities and non-profit

businesses• Mil-for military sites• Edu- for educational sites• Gov- for government sites• UK,US,SV,KE- for country specific TLD’s

Domain Name System (DNS)

• Domain Name System (DNS) is responsible for translating domain names that people type into their web browser address bars into IP addresses that computers can use to locate each other. It consists of servers connected to the internet whose purpose is to map these domain names to IP addresses.

• Domain Names and numeric addresses are interchangeable

• Eg. If you enter 74.125.229.51 in a web browser address bar will take you to the same place as typing www.google.com. For the computer it makes no difference but for the user it is easier to memorise the URL code. An attempt to falsely DNS data to commit crimes is called DNS poisoning.

Internet protocols• Http (Hyper Text Transfer Protocol) is the protocol used

to communicate between web servers and browsers. Every website visited starts with http which communicates to the server.

• Https is used to provide communication secure from observers. This could be used to send private data without it being open for many observers to see. A padlock icon is shown somewhere on the browser indicating that the website is secure.

• The security used in Https is either TLS (Transport Layer Security) or SSL (Secure socket Layer)

Synchronous or asynchronous Transfer

There are two types of types of data transfer that could occur between computers, synchronously or asynchronously.

• Asynchronous transfer is when the receiver and the sender do not synchronise on time. The Receiver therefore does not know when to expect the data to arrive. The sender must attach information on when the data starts and stops. This is used in simple communications but a disadvantage which be the speed in communication due to the need to indicate when the data starts and stops.

• In synchronous transfer the sender and the receiver synchronise times. This type of transfer is much faster than Asynchronous transfer.

How TTP works

• When you enter a website address in your browser, the IP address of the site is found using DNS. Your browser makes an initial request for the main page of the website with the http GET command:

• GET index.html HTTP/1.0 • In turn the web server will send a response

such as the on below:• HTTP/1.0 200 OK

• The number 200 is the HTTP code for success followed by the message ‘OK’. After this will come the contents of the requested file which the browser will display.

• If a web page has graphics in it, your browser will make individual GET requests to retrieve those files too. The web browser doesn’t return the graphics along with the initial file because you might not want the images- you might be using text-only web browsers or have switched images off in your browser.

• If you have ever seen an error message like ‘404-File not found’ in your browser then you have seen the HTTP protocol in action. 404 is the error that the web server returns instead of ‘200’ when you have requested a file that cannot be found:

HTTP/1.0 404 Not found • Receiving this response from the web server

prompts your browser to display an error message page. Using the HTTP protocol web servers and web browsers are able to communicate and send information in both directions.

Pharming (Also Domain Spoofing and DNS Poisoning)

Pharming is the common name given to a scam wherein a cyber criminal exploits a “poisons” an Internet Service Provider’s Domain Name Server (DNS) software to trick a user’s computer into visiting a seemingly legitimate website. The intent is to cause the user to believe that he or she is visiting a legitimate web site and then attempt to log in or unknowingly provide personal and confidential information that can then be used by the criminal to commit fraud or identity theft.

• For example, in its "2011 Business Banking Trust Study”, companies surveyed business owners and executives of 533 small and medium sized businesses nationwide. The results were revealing:

• 56% of businesses surveyed had experienced fraud in the preceding 12 months, and 61% of those had been victimized more than once.

Of those that experienced fraud, 75% suffered online account takeover and/or online fraud

• Fraud was also an issue, Business' banks were able to recover most of the stolen money in only 10% of the cases.60% of the cases, the defrauded businesses suffered losses

• 11/09/11• Six Estonian nationals have been arrested and

charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry. Users of infected machines were unaware that their computers had been compromised—or that the malicious software rendered their machines vulnerable to a host of other viruses.

• Beginning in 2007, the cyber ring used a class of malware called DNS Changer to infect approximately 4 million computers in more than 100 countries. There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA. The thieves were able to manipulate Internet advertising to generate at least $14 million in illicit fees. In some cases, the malware had the additional effect of preventing users’ anti-virus software and operating systems from updating, thereby exposing infected machines to even more malicious software.