What we will cover

What is the InternetClient/server examplesDeciphering alphabet soup: ISP, DHCP, DNS,

http, https, HTML, smtp, pop3, telnet, ftp, sftp, ssh

Network security:How to send anonymous emailsHow to hack into a systemHow a Firewall worksEncrypted communications

Internet HistoryThe Internet is a global network of interconnected computers, enabling users to share information along multiple channels.

http://en.wikipedia.org/wiki/InternetStarted in 1969 as ARPANET funded by DARPA (Defense Advanced Research Projects Agency)Build as packet switching network to recover from a nuclear attack by automatically rerouting data through surviving links

“When I took office, only high energy physicistshad ever heard of what is called the World WideWeb... Now even my cat has it's own page.”Bill Clinton

The User Perspective

have little laptop at home in NJwant to exchange information

with big server in California (or Japan or …)

Basic SetupEach computer must have a unique identifier

IP number and IP nameComputers must be able to exchange data

(electrons, photons, drum beats)Wireless cards, fiber optics, or Ethernet connectionsUnit of data is “bit” (“zero” or “one”, on/off, 2 states)

Everyone involved must speak the same languageTCPIP (Transmission Control Protocol/Internet

Protocol)

Network Member IdentifierEvery computer on the Internet has at least one

unique identifier, usually two:IP Number: #.#.#.#, where # is an 8 bit number

What is the range for each sub-number? How many machines can be on the Internet? What is your computer’s IP number?

• IP Name for easy reference What is your computer’s IP name?

• Homework:• What is the IP number of “google”• What is the IP number of “www.shu.edu”• What is the IP name of “149.150.254.102”

ISPDHCP

Router A Router

B

DNS

www.google.com

fiber optic lines

ISP: Internet ServiceProvider

DHCP: Dynamic HostConfig. Protocol

DNS: Domain Name Server

The Data: IP Packetwww.google.co

m(66.102.1.147)

(149.150.254.102)

The Data: IP Packetwww.google.co

m(66.102.1.147)

(149.150.254.102)

The ProtocolA mutually agreed-upon convention or standard that controls or enables the connection, communication, and data transfer between computing endpoints.

http://en.wikipedia.org/wiki/Protocol_(computing)

Regulates the data exchange and interpretationDefines who says what at which timeDefines how to interpret data that is exchangedRegulates what constitutes an error and what to do if one occurs

Client – Server ModelCommunication on the Internet usually takes

place between a client and a server program/computer:Server program: program without a user interface

running on a “large” computer with access to many resources (also called the server computer)

Client program: a program with extensive interface capabilities but few resources running on a “small” computer (also called the client computer)

One server computer usually run several server programs, each of which can service multiple client programs simultaneously

Client – Server Example (1)I want to view the main web page from www.shu.edu

Server computer: www.shu.eduClient computer: 192.168.1.2

Server program: web server program (httpd) running on www.shu.edu with access to lots of stored web pages

Client program: Internet Explorer or Firefox with extensive formatting and display capabilities but no data to display

Client – Server Example (2)I want to view the main web page from www.shu.edu

Client: start IE and enter: http://www.shu.edu/Client sends packet to DNS: who is www.shu.eduDNS sends packet back: www.shu.edu = 149.150.51.69Client sends packet to 149.150.51.69: give me main

pageServer: receives request for page from 192.168.1.2

Retrieves the web page from disk (or database)Sends data to 192.168.1.2: here is the data

Client: formats data and display it nicely

Client – Server Example (3)I want to view the main web page from

www.shu.edu

Client: sends “give me main page”Server: sends data to 192.168.1.2http (Hypertext Transport Protocol): regulates

how a web server and client communicateClient: formats data and display it nicely

HTML (Hypertext Markup Language): defines how text is supposed to look and where to place it

Client – Server Example (4)I want to view the main web page from

www.shu.eduAction http 1.0 specs

http uses port 80 by general agreement

Client: “give me main page”

GET / HTTP/1.0

Server: returns data fixed header: how many bytes are coming, type of datapage text ...

Client – Server Example (5)

Telnet: universal text client used to connect to

another computer and work on that computer in text-based mode

usually connects to a “telnet server” but can also connect to any server computer and any server program

shows text data in ‘raw’ unformatted form

Client – Server: TelnetA Telnet client is build into Windows:

Click on “Start”Pick “Run …” and type “cmd”Type “telnet”

if you get error message in Vista, open Control Panel, select “Programs”, click “Turn Windows features on or off”, and check “Telnet client” (not “Telnet server”). Then try again.

To open a connection to www.shu.edu, type:open www.shu.edu (will this work – why not?)

Optional: to save a log of your session, type:set logfile log.txt

Telnet’ing to a Web ServerStart “telnet” and type:

open www.shu.edu 80

Next type carefully and without errors (you might not see what you type on the screen – type anyway, including the empty line and capitals):

GET / HTTP/1.0

You have issued a request according to the Hypertext Transfer Protocol, version 1.0, for the root web page /

How email worksEmail systems have two parts, and consequently work with two server programs and two protocols:

Retrieving emailuses either pop3 (Post Office Protocol version 3 on port 110) or IMAP (Internet message access protocol on port 143)

Sending emailuses smtp (simple mail transport protocol on port 25)

An smtp ConversationSpeaker Text

Server: 220 Simple Mail Transfer Service ready

Client: HELO mycomputer.mydomain

Server: 250 kitten.shu.eduClient: MAIL FROM:<Smith@shu.edu>

Server: 250 OKClient: RCPT TO:<Jones@shu.edu>

Server: 250 OK

Client: DATAServer: 354 Start mail input; end with <CRLF>.<CRLF>

Client: Blah blah blah...

Server: 250 OKClient: QUIT

Homework1. Capture a web page from a web server2. Send me an (anonymous) email using Telnet

(note that the SHU smtp server will only allow a connection if you are located on campus – how does it know?)

Hacking 101Identify a target system

Find an open port

Check which server program services that port

Learn about vulnerabilities of that server

program

Exploit vulnerability for evil purposes

Firewall ProtectionEvery packet transported over the

Internet contains the protocol (port), sender address, and destination address

A firewall is a device that inspects every incoming (and outgoing) packet and includes rules to block data depending on the port, sender, or destination

A firewall is typically integrated into a home wireless router

Most firewalls do not check the content of a packet

ISP

SPAM ProtectionEvery Internet packet contains the

port, sender, destination, and content (data) – usually unencrypted

A SPAM filter is a device that inspects all email packets and includes rules to block messages depending on the content of the email.

A SPAM filter is typically integrated into you ISP or email provider

SPAM filters typically read your email!

ISP

Privacy/Content ProtectionAll Internet traffic is public!To protect content, the data portion of IP

packets must be encryptedTo protect data between your wireless

router and your laptop, use e.g. WPA wireless encryption

To protect data after it leaves your router, you must use encrypted services (https instead of http or sftp instead of ftp)

Note: no standard encryption for email!

Sending email is like passing a postcard along a chain of hundreds of people with a note: “to Jane – do not read if you’re not Jane”

ISP

EncryptionEncryption is usually based on a key that used to encrypt and decrypt a message.

Pre-Shared Key (PSK) Encryption:both parties know a single key (e.g. WPA encryption:

both your router and your computers know the key)Public Key Encryption:

each party has two keys, a public and a private one. They swap public keys: Bob uses Annie’s public key to send her an encrypted message, she can decrypt it using her private key

based on difficulty of factoring huge numbers into large primes and ease of multiplying them

See http://www.explainthatstuff.com/encryption.html

Public Key Encryption requires:large “semi”-prime number x = p qExample:public key x = 15 => private key is:Homework: Find factorization of RSA-100, which is1522605027922533360535618378132637429718068114961380688657908494580122963258952897654000350692006139

More Info: http://en.wikipedia.org/wiki/Public-

key_cryptographyhttp://en.wikipedia.org/wiki/RSA_numbers http://primes.utm.edu/mersenne/Enigma by Robert Harris, and Enigma the Movie