Essential Concepts

PantherEthics
COMPUTER NETWORK

A computer network is a group of two or more computers linked

together so that communication between individual computers is
made possible. Some of the common types of computer network
include:
• Local Area Network (LAN)
This is a type of computer network where interconnected
computers are situated very close to each other say for example,
inside the same building.
• Wide Area Network (WAN)
This is a type of computer network where interconnected
computers are separated by a large distance (a few km to few
hundreds of km) and are connected using telephone lines or radio
waves.
Internet

The Internet is the largest network which interconnects

various LANs and WANs. It is a global system of various
interconnected computer networks belonging to government
or private organizations.
• NETWORK HOST
A network host (or simply referred to as a host) can be any
computer or network device connected to the computer
network. This computer can be a terminal or a web server
offering services to its clients.
NETWORK PROTOCOL

• A network protocol (or just referred to as protocol) is a set

of rules and conventions that are necessary for the
communication between two network devices. For example,
two computers on a network can communicate only if they
agree to follow the protocols.
 Internet Protocol (IP Address)
An Internet Protocol address ( IP address) is a unique number assigned to
each computer or device (such as printer) so that each of them can be
uniquely identified on the network.
• Types of IP Address:
Private IP Address: A private IP address is the one that is assigned to a
computer on the Local Area Network (LAN). A typical example of private IP
address would be something like:
192.168.0.2
Public IP Address: A public IP address is the one that is assigned to a
computer connected to the Internet. An example public IP address would be
something like: 59.93.115.125
In most cases a computer gets connected to the ISP network using a private
IP. Once a computer is on the ISP network it will be assigned a public IP
address using which the communication with the Internet is made possible.
Hyper Text Transfer Protocol (HTTP)

The Hyper Text Transfer Protocol provides a standard for communication

between web browsers and the server. It is one of the most widely used
protocol on the Internet for requesting documents such as web pages and
images.
Example: http://www.Hack4Being.com
• File Transfer Protocol (FTP)
The File Transfer Protocol provides a standard for transferring files
between two computers on the network. FTP is most widely used
in carrying out upload/download operations between a server and
a workstation.
Example: ftp://www.Hack4Being.com
Simple Main Transfer Protocol
(SMTP)
• The Simple Mail Transfer Protocol provides a standard for sending e-mails
from one server to another. Most e-mail systems that send mail over the
Internet use SMTP to exchange messages between the server.
• Telnet
Telnet is a network protocol that allows you to connect to remote hosts on the
Internet or on a local network. It requires a telnet client software to
implement the protocol using which the connection is established with the
remote computer. In most cases telnet requires you to have a username and
a password to establish connection with the remote host. Occasionally, some
hosts also allow users to make connection as a guest or public. After the
connection is made, one can use text based commands to communicate with
the remote host. The syntax for using the telnet command is as follows:
telnet port
Example: telnet 127.0.0.1 25
SSH (Secure Shell)

SSH is a protocol similar to telnet which also facilitates

connection to remote hosts for communication. However,
SSH has an upper hand over telnet in terms of security.
Telnet was primarily designed to operate within the local
network and hence does not take care of security. On the
other hand SSH manages to offer total security while
connecting to remote hosts on a remote network or
Internet.
NETWORK PORT

A computer may be running several services on it like HTTP (web server),

SMTP, FTP
and so on. Each of these services are uniquely identified by a number called
network port (or simply referred to as port). If a computer wants to avail a
specific service from another computer, it has to establish a connection to it
on the exact port number where the intended service is running.
For example, if a terminal is to request a web document from a remote
server using HTTP, it has to first establish a connection with the remote
server on port 80 (HTTP service runs on port 80) before placing the request.
In simple words, port numbers can be compared to door numbers where
each door grants access to a specific service on a computer. The following
table shows a list of popular services and their default port numbers:
Name of Service/Protocol Port
Number

• HTTP – 80
• HTTPS - 443
• FTP - 21
• SMTP - 25
• TELNET - 23
• SSH -22
• DNS -53
• POP3 -110
NETWORK PACKET

A network packet (data packet, datagram or simply called as

packet) is a basic unit of data sent from one host to another
over a network. When data (such as a mail, message or a file)
has to be transmitted between two hosts, it is fragmented into
small structures called packets and are reassembled at the
destination to make the original data chunk.
Each packet consists of the fragmented data along with the
necessary information that will help it get to its destination
such as the sender’s IP address, intended receiver’s IP
address, target port number, the total number of packets the
original data chunk has been broken into and the sequence
number of the particular packet.
DOMAIN NAME SYSTEM (DNS)

A Domain Name System or Domain Name Service (DNS) is a network protocol whose job is
to map domain names such as “hack4being.com” to its corresponding IP address like
“216.239.38.21”.
Since Internet is the mother of millions of computers each having a unique IP address, it
becomes impossible for people to remember the IP address of each and every computer
they want to access. So, in order to make this process simpler the concept of domain
names was introduced. As a result users can easily access any website just by typing their
domain names in the browser’s address bas such as “google.com” or “yahoo.com” without
having to remember their actual IP addresses.
However, since the network protocol understands only the IP address and not the domain
names, it is necessary to translate the domain name back to its corresponding IP address
before establishing a connection with the target server. This is where DNS comes in handy.
Your Internet Service Provider has a DNS server which maintains a huge
record of existing domain names and their corresponding IP addresses.
Each time you type the URL such as “http://www.google.com” on your
browser’s address bar, your computer will use the DNS server from the
ISP and translates the domain name “google.com” to its corresponding IP
address to make a connection with the Google’s server. All this process
will happen in a split second
behind the scenes and hence goes unnoticed.
How DNS Works?

Let us understand the working of Domain Name System using the following
example: Whenever you type a URL such as “http://www.Hack4Being.com” on
your browser’s address bar, your computer will send a request to the local
name server (the ISP DNS server) to resolve the domain name to its
corresponding IP address. This request is often referred to as a DNS query.
The local name server will receive the query to find out whether it contains the
matching name and IP address in its database. If found, the corresponding IP
address (response) is returned. If not, the query is automatically passed on to
another DNS server that is in the next higher level of DNS hierarchy. This
process continues until the query reaches the DNS server that contains the
matching name and IP address. The IP address (response) then flows back the
chain in the reverse order to your computer.
FIREWALL

Firewalls are basically a barrier between your computer (or a

network) and the Internet (outside world). A firewall can be
simply compared to a security guard who stands at the
entrance of your house and filters the visitors coming to your
place. He may allow some visitors to enter while deny others
whom he suspects of being intruders. Similarly a firewall is a
software program or a hardware device that filters the
information (packets) coming through the Internet to your
personal computer or a computer network.
How Firewall Works?

Firewalls may decide to allow or block network traffic between devices based on
the rules that are pre-configured or set by the firewall administrator. Most personal
firewalls such as Windows firewall operate on a set of pre-configured rules which
are most suitable under normal circumstances, so that the user need not worry
much about configuring the firewall. Personal firewalls are easy to install and use
and hence preferred by end-users to secure their personal computers. However, in
order to meet customized needs large networks and companies prefer those
firewalls that have plenty of options to configure.
For example, a company may set up different firewall rules for FTP servers, telnet
servers and web servers. In addition, the company can even control how the
employees connect to the Internet by blocking access to certain websites and
restricting the transfer of files to other networks. Thus, in addition to security, a firewall can
give the company a tremendous control over how people use their network.
Firewalls use one or more of the following methods
to control the incoming and outgoing traffic in a
network:

1. Packet Filtering: In this method, packets (small chunks of data) are

analysed against a set of filters. Packet filters has a set of rules that come
with accept and deny actions which are pre-configured or can be configured
manually by the firewall administrator. If the packet manages to make it
through these filters then it is allowed to reach the destination; otherwise it
is discarded.
2. Stateful Inspection: This is a newer method that doesn’t analyse the
contents of the packets. Instead, it compares certain key aspects of each
packet to a database of trusted source. Both incoming and outgoing packets
are compared against this database and if the comparison yields a
reasonable match, then the packets are allowed to travel further. Otherwise
they are discarded.
 Firewall Configuration
1. IP addresses: In any case, if an IP address outside the network is said to be unfavourable,
then it is possible to set filter to block all the traffic to and from that IP address. For example, if a
certain IP address is found to be making too many connections to a server, the administrator
may decide to block traffic from this IP using the firewall.
2. Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter
way to configure the firewalls by adding filters based on domain names. By setting up a domain
filter, a company may decide to block all access to certain domain names, or may provide access
only to a list of selected domain names.
3. Ports/Protocols: If the services running on a given port is intended for the public or network
users, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent
intruders from using the open ports for making unauthorized connections.
4. Specific words or phrases: A firewall can be configured to filter one or more specific words
or phrases so that both the incoming and outgoing packets are scanned for the words in the filter.
For example, you may set up a firewall rule to filter any packet that contains an offensive term or
a phrase that you may decide to block from entering or leaving your network.
Hardware vs. Software Firewall

Hardware firewalls provide higher level of security and hence

preferred for servers where security has the top most
priority. The software firewalls on the other hand are less
expensive and hence preferred in home computers and
laptops.
Hardware firewalls usually come as an in-built unit of a router
and provide maximum security as it filters each packet at the
hardware level itself even before it manages to enter your
computer. A good example is the Linksys Cable/DSL router.