"antivirus" is protective software designed to defend your computer against malicious software.

Malicious software, or "malware" includes: viruses, Trojans, keyloggers, hijackers, dialers, and other code that vandalizes or steals your computer contents. In order to be an effective defense, your antivirus software needs to run in the background at all times, and should be kept updated so it recognizes new versions of malicious software.

Significance
 Every computer connected to the Internet or on a network needs to have an antivirus program installed. Virus prevention is an essential component needed by everyon

Viruses
 A virus is a software program that infects computers without the owners' permission. Viruses are different from other forms of malware in that viruses are spread from one computer to the next.

Antivirus
 Antivirus software scans for infections on a computer. Some antivirus programs include automated scheduled scannings and additional features.

Types of Antivirus
Commercial antivirus and Internet security programs are available, such as Norton and McAfee. Free programs include AVG Free and Avira.

What are Routing Protocols?
A routing protocol is the implementation of a routing algorithm in software or hardware. A routing protocol uses metrics to determine which path to utilize to transmit a packet across an internetwork. The metrics used by routing protocols include:
• • • • • • Number of network layer devices along the path (hop count) Bandwidth Delay Load MTU Cost

Routing protocols store the results of these metrics in a routing table.

Interior vs. Exterior Routing Protocols

Some routing protocols are designed for use within an organization, while other routing protocols are designed for use between organizations. The current lead Interior Gateway Protocol (IGP) is OSPF. Other Interior Gateway Protocols include IS-IS, RIP, and EIGRP. The current lead Exterior Gateway Protocol is BGP. The current revision of BGP is BGP4. There are no other Exterior Gateway Routing protocols in current competition with BGP4.

Distance Vector vs. Link State Routing Protocols
Routing protocols such as RIP and EIGRP are Distance Vector routing protocols. These are called Distance Vector protocols because they base routing decisions on the "distance" of the remote destination in terms of the number of network layer hops which the packet will have to traverse. OSPF and IS-IS are Link State routing protocols. They are called Link State protocols because they base routing decisions on messages received from other routers in the internetwork which give information about state of the links connected to them.

---------------What Is an IP Address?
An IP address is an address used to uniquely identify a device on an IP network. An IP network is nothing but a connection of multiple computers forming a network. An IP address can be given to any kind of network component that has to communicate over the network, such as computers, servers, routers, switches, etc. Any two computers, or any other network devices, cannot communicate with each other if they do not have an assigned IP address. They are designed to uniquely identify each network device and allow them to communicate with each other, regardless of the physical location of the sender and receiver. Hence, an IP address is the unique identity of any network device where each one should have their own IP address defined. On the Internet, computers are recognized by their IP addresses only. IP addresses have an equal significance as the postal addresses have for human beings. Can you send a letter to anyone if you do not know where he/she lives? This should explain the importance of an “IP address”.

An IP address is 32 (thirty two) bits in length, which can be divided into a network portion and a host portion with the help of a subnet mask. It is represented in form of four octets, where 1 octet = 8 bits. Each octet is converted to a decimal format and is separated by a dot (‘.’). For this reason, an IP address is said to be expressed in a ‘dotted decimal format’. Examples of IP addresses in decimal format: 10.1.1.1, 255.255.255.255, 220.3.1.5 The value in each octet ranges from 0 to 255 in decimal format. The ‘dotted decimal format’ is used to make it easier for the humans to read and remember the numbers, but computers use IP addresses in a binary format only. Example of an IP address in binary format: 10011101.11100010.10101110.11101000
Public IP Address : It is a unique IP address assigned by IANA (Internet Assigned Network Authority). Duplication of the public IP addresses is impossible; hence these addresses need to be bought.

Summary: Every device on an TCP/IP network must have a unique IP address. IP addresses are assigned, either automatically by DHCP, or by manual configuration. Given that IP address must be unique for every computer attached to the internet,how is it possible that we do not plug in IP addresses for the computer we want to connect? Well, every device connected to the internet must have a unique IP, it's true. And they're assigned one of two ways: static or dynamic. But there's also a useful trick that lets multiple computers share a single IP address ... and that trick is called a router. • Static IP addresses are exactly that: static or unchanging. They are assigned by your network administrator or ISP, and yes, you do have to configure the computer or other internet device manually to respond to that specific address. But, as you point out, most folks don't need to do that. So how do they get their IP addresses? Enter the dynamic IP address and "DHCP" or Dynamic Host Configuration Protocol.

Using DHCP (which is the default for Windows TCP/IP connections) the computer broadcasts a special request for an IP address to the network. An upstream device, commonly belonging to your ISP, responds with an IP address that the computer then configures itself to use. Especially when many computers aren't connected continuously, this allows the ISP to reuse the IP addresses of computers that have disconnected from the internet. If you need your computer to be identifiable on the internet ... for example if you're running a web server or want people to be able to connect to your machine, you'll probably need or use a static IP address. On the other hand, if all you do is connect out to surf or read email, as most users do, then a dynamic IP address is the easiest to configure. Routers are devices that allow multiple computers to "share" a single IP address. The device that's connected to the internet is the router, and it has a unique IP address. The router can then act as the DHCP server to the local network handing out local IP addresses to the computers connected to it. As traffic flows across the router, it does the job of translating the IP addresses from the local addresses it has assigned, to the external IP address it was assigned, and routing the right bits of data to the right computer ... hence the name. One of the many side effects of using a router is that it can be assigned a static address on the internet, d hand out dynamic IP addresses locally, vice versa, or any combination.

It is done at Start, Settings, Control, Panel, Network, the Properties of the instance of the TCP/IP protocol bound to (associated with) the network adapter, IP Address Tab. They are known as static IP addresses. 192.168.0.1 is usually assigned to the computer with the Internet sharing software and 192.168.0.2, 192.168.0.3, etc. are usually assigned to the client computers. The subnet mask should be 255.255.255.0 on all of the computers. You will need to enable DNS (domain name service) in the DNS Configuration tab and enter the IP addresses of your ISP’s (Internet Service Provider) DNS servers. Most ISPs have a primary and secondary DNS server and that info is usually provided in the paperwork the ISP sent you when you signed-up. It is also usually available on the ISPs web site. I do not like proxy servers. NATs (Network Address Translators) are easier to install. Discussion of other solutions starts at http://duxcw.com/faq/ics/waysshare.htm. Technically, a "public" address would be an address that anyone can use. Such as: 192.168.x.y These public address that anyone can use are "classful" or based on older Class A,B, and C IP networks. These "public" ranges would be the 10.x.y.z network (/slash 8) 172.16.x.y - 172.22.x.y (i could be wrong, off the top of my head) and 192.168.x.y (/slash 16) These are reserved and have no global significance.

Shown below is the Public IP Address Range & Private IP Address Range. Public IP Address Range: Class A(Netid.hostid.hostid.hostid) : 1.0.0.0 to 126.0.0.0 Class B(Netid.Netid.hostid.hostid) : 128.0.0.0 to 191.0.0.0 Class C(Netid.Netid.Netid.hostid) : 192.0.0.0 to 223.0.0.0 Class D(Multicast) : 224.0.0.0 to 239.0.0.0 Class E(For Research) : 240.0.0.0 to 255.0.0.0 Private IP Address Range: Class A(/8) : 10.0.0.0 to 10.255.255.255 Class B(/12) : 172.16.0.0 to 172.31.255.255 Class C(/16) : 192.168.0.0 to 192.168.255.255 Note: /8 = First 8 Bits are used for Network ID /12 = First 12 Bits are used for Network ID /16 = First 16 Bits are used for Network ID
Application layer: Provides a means for the user to access information on the network through an application. This layer is the main interface for the user to interact with the application and therefore the network. The application layer is the OSI layer closest to the end user, which means that both the OSI application layer and the user interact directly with the software application. This layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. When identifying communication partners, the application layer determines the identity and availability of communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network resources for the requested communication exist. In synchronizing communication, all communication between applications requires cooperation that is managed by the application layer. Some examples of application layer implementations include Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).

Or The Application Layer is the highest layer of the OSI architecture, the purpose of which is to serve as a window between correspondent application processes so that they may exchange information on the open environment. The progams which use the Application Layer are known as Application Processes. A user program may interface directly with the Presentation Layer in which case it must include protocol modules to initialise communication with peer application

processes, establish the appropriate Presentation context and transfer files or messages. Alternatively, the user process may include available modules which suppport commonly required application related services. Such modules are referred to as Application Specific Elements and are defined as an integrated set of functions which together provide one or more application related communication capabilities. These capabilities are defined by a protocol in a very similar manner to that used to specify a service provided by the layer below. The protocol may specify direct use of presentation layer services and/or those provided by other ASEs. The grouping of a user process (or application entity), relevant ASEs and interfaces between them is known as an application process.

Application Layer protocols are classified into Common Application Specific Elements (CASE) and Specific Application Specific Elements (SASE). CASE elements are commonly required by user elements and SASEs, whereas SASEs are only included in an application process when their particular service is specifically required. For more information on SASEs Group Xs project can be consulted (LINK). There are four CASEs currently defined. These are...
1. Association Control ACSE, 2. Reliable Transfer RTSE, 3. Remote Operations ROSE and 4. Recovery CCR. • • • •

ACSE (Padraig Butler) enables users to establish or terminate an association between application processes. RTSE (Caroline O'Reilly) enables reliable transfer of information between peers. ROSE (Emma Kilcoyne) enables users to initate operations at a remote site. CCR (Dave Barry) enables users to recover from failure during execution of a task.

• •
1.2 Presentation layer: Manages the presentation of the information in an ordered and meaningful

manner. This layer's primary function is the syntax and semantics of the data transmission. It converts local host computer data representations into a standard network format for transmission on the network. On the receiving side, it changes the network format into the appropriate host computer's format so that data can be utilized independent of the host computer. ASCII and EBCDIC conversions, cryptography, and the like are handled here. The presentation layer provides a variety of coding and conversion functions that are applied to application layer data. These functions ensure that information sent from the application layer of one system would be readable by the application layer of another system. Some examples of presentation layer coding and conversion schemes include common data representation formats, conversion of character representation formats, common data compression schemes, and common data encryption schemes. Common data representation formats, or the use of standard image, sound, and video formats, enable the interchange of application data between different types of computer systems. Using different text and data representations, such as EBCDIC and ASCII, uses conversion schemes to exchange information with systems. Standard data compression schemes enable data that is compressed. or encrypted at the source device to be properly decompressed, or deciphered at the destination. Presentation layer implementations are not typically associated with a particular protocol stack. Some well-known standards for video include QuickTime and Motion Picture Experts Group (MPEG). QuickTime is an Apple Computer specification for video and audio, and MPEG is a standard for video compression and coding. Among the well-known graphic image formats are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format (TIFF). GIF is a standard for compressing and coding graphic images. JPEG is another compression and coding standard for graphic images, and TIFF is a standard coding format for graphic images.

Presentation Layer Functions Here are some of the specific types of data handling issues that the presentation layer handles:

Translation: Networks can connect very different types of computers together: PCs, Macintoshes, UNIX systems, AS/400 servers and mainframes can all exist on the same network. These systems have many distinct characteristics and represent data in different ways; they may use different character sets for example. The presentation layer handles the job of hiding these differences between machines. Compression: Compression (and decompression) may be done at the presentation layer to improve the throughput of data. (There are some who believe this is not, strictly speaking, a function of the presentation layer.) Encryption: Some types of encryption (and decryption) are performed at the presentation layer. This ensures the security of the data as it travels down the protocol stack. For example, one of the most popular encryption schemes that is usually associated with the presentation layer is the Secure Sockets Layer (SSL) protocol. Not all encryption is done at layer 6, however; some encryption is often done at lower layers in the protocol stack, in technologies such as IPSec.

Or

We deal with the following aspects of the presentation layer:

OSI Definition of Presentation Layer and ISO Presentation Service A quick run through the OSI Definition of the Presentation Layer, outlining among other things the services provided by the presentation layer and the functions of the presentation layer. The ISO Presentation Service is covered in detail.

ISO Presentation Protocol and Concepts Presentation Layer Concepts and the ISO Presentation Layer. There is no mention of data encryption here because the actual presentation protocol is concerned only with the syntax of messages during their transfer across the network. Abstract Syntax and Transfer Syntax Application exchanges involve transmitting data structures which may be complicated. OSI introduced the notion of abstract syntax and transfer syntax. Included is a comparison between BER (Basic Encoding Rules) and Sun Microsystems' XDR (External Data Representation). Data Encryption and Data Compression Data Encryption is used to prevent listening or masquerading. In the context of the OSI Reference Model, the most appropriate layer to perform such encryption is the presentation layer. Data compression is done if required. Summarizes the features of peer-to-peer and server-based networks:
Feature Size Peer-to-peer Network Good for up to 10 users Server-based Network

Limited only by server and network hardware
Offers extensive user security

Security

Users are responsible for their own security Is administered by the user of each computer

Administration

Is centrally administered

Peer to Peer everybody is equal, security is slack, and you can only have a few comps on network server based offers better security, monitor users, more technical and time consuming to set-up, less likely to cause problems if set-up correctly, any amount of comps etc....

In a Peer to peer network, all nodes are equal. They are both client and server. Most P2P networks use a mesh topology. In the client/server model, the data is centralised with all data residing on a single node (the server) clients request the data and the server sends it. Data on one client must pass through the server to be available to another client. Most client/server networks use a star topology. Client Server has the advantage of centralised management and data integrity whilst P2P has the advantage of faster data transfer and avoids network bottlenecks.

What Is DHCP?
DHCP, the Dynamic Host Configuration Protocol, describes the means by which a system can connect to a network and obtain the necessary information for communication upon that network. FreeBSD versions prior to 6.0 use the ISC (Internet Systems Consortium) DHCP client (dhclient(8)) implementation. Later versions use the OpenBSD dhclient taken from OpenBSD 3.7. All information here regarding dhclient is for use with either of the ISC or OpenBSD DHCP clients. The DHCP server is the one included in the ISC distribution.

29.5.2 What This Section Covers
This section describes both the client-side components of the ISC and OpenBSD DHCP client and server-side components of the ISC DHCP system. The client-side program, dhclient, comes integrated within FreeBSD, and the server-side portion is available from the net/iscdhcp3-server port. The dhclient(8), dhcp-options(5), and dhclient.conf(5) manual pages, in addition to the references below, are useful resources.

29.5.3 How It Works
When dhclient, the DHCP client, is executed on the client machine, it begins broadcasting requests for configuration information. By default, these requests are on UDP port 68. The server replies on UDP 67, giving the client an IP address and other relevant network information such as netmask, router, and DNS servers. All of this information comes in the form of a DHCP “lease” and is only valid for a certain time (configured by the DHCP server maintainer). In this manner, stale IP addresses for clients no longer connected to the network can be automatically reclaimed.

DHCP clients can obtain a great deal of information from the server. An exhaustive list may be found in dhcp-options(5).

Short for Dynamic Host Configuration Protocol, a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses. Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. Many ISPs use dynamic IP addressing for dial-up users.
Attenuation is a general term that refers to any reduction in the strength of a signal. Attenuation occurs with any type of signal, whether digital or analog. Sometimes called loss, attenuation is a natural consequence of signal transmission over long distances. The extent of attenuation is usually expressed in units called decibels (dBs).

Attenuation and distortion
As a signal travels from one device to another it has two problems to overcome. The first is that it gets weaker the further it travels, because some of its energy is absorbed by the transmission medium. This effect is known as attenuation. The extent of attenuation depends on the distance it has to travel and on the type of medium it is travelling through. An amplifier can be used to boost the signal power at the transmitter and receiver, and if necessary at various points in the transmission link, so that signal power can be maintained at a usable level. The second problem is that the signal can become distorted by external influences as it travels along the communication path. This can be caused by other signals travelling in the vicinity, or by waves of energy such as solar energy, lightning, and pulses of energy from electrical machinery. You might have come across instances of distortion in your own domestic equipment. For example, I have a small TV in my bedroom and when I use my hairdryer nearby I can see spots and lines on the TV screen that are caused by the electromagnetic energy generated by the motor in the hairdryer. If I place my mobile phone next to my radio I often hear ‘beeps’ on my radio as the phone sends signals to the phone network. Unless distortion can be removed from the signal at the receiving end then any amplification to overcome the problems of attenuation will also amplify any distortion in the received signal. Binary signals are quite resistant to distortion because they represent only two states that can usually be distinguished quite easily from any unwanted effects.
TCP Header Format

TCP segments are sent as internet datagrams. The Internet Protocol header carries several information fields, including the source and destination host addresses [2]. A TCP header follows the internet header, supplying information specific to the TCP protocol. This division allows for the existence of host level protocols other than TCP. • Source Port and Destination Port

• • • • • • •

Sequence Number - The number assigned to the first byte of data in the current message Acknowledgment Number - Contains the sequence number of the next byte of data the sender of this packet expects from the other host Data Offset - Indicates the number of 32-bit words in the TCP header Reserved - For future use Flags - Variety of control information, including SYN, ACK and FIN bits Window - Size of the sender's receive window Checksum - Error checking Urgent Pointer - Points to the first urgent data byte in the packet

The TCP header format
16 Source Port Sequence Number Acknowledgement Number Data offset Reserved Checksum Option + Padding Data Flags Window Urgent Pointer Destination Port 16

Source Port: 16 bits
The source port number.

Destination Port: 16 bits
The destination port number.

Sequence Number: 32 bits
The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1.

Acknowledgment Number: 32 bits
If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent.

Data Offset: 4 bits

The number of 32 bit words in the TCP Header. This indicates where the data begins. The TCP header (even one including options) is an integral number of 32 bits long.

Reserved: 6 bits
Reserved for future use. URG: ACK: PSH: RST: SYN: FIN: Must be zero.

Control Bits: 6 bits (from left to right):
Urgent Pointer field significant Acknowledgment field significant Push Function Reset the connection Synchronize sequence numbers No more data from sender

Window: 16 bits
The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept.

Checksum: 16 bits
The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16 bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros. The checksum also covers a 96 bit pseudo header conceptually prefixed to the TCP header. This pseudo header contains the Source Address, the Destination Address, the Protocol, and TCP length. This gives the TCP protection against misrouted segments. This information is carried in the Internet Protocol and is transferred across the TCP/Network interface in the arguments or results of calls by the TCP on the IP. +--------+--------+--------+--------+ | Source Address | +--------+--------+--------+--------+ | Destination Address | +--------+--------+--------+--------+ | zero | PTCL | TCP Length | +--------+--------+--------+--------+ The TCP Length is the TCP header length plus the data length in octets (this is not an explicitly transmitted quantity, but is computed), and it does not count the 12 octets of the pseudo header.

Urgent Pointer: 16 bits
This field communicates the current value of the urgent pointer as a positive offset from the sequence number in this segment. The urgent pointer points to the sequence number of the octet following the urgent data. This field is only be interpreted in segments with the URG control bit set.

Options: variable
Options may occupy space at the end of the TCP header and are a multiple of 8 bits in length. All options are included in the checksum. An option may begin on any octet boundary. There are two cases for the format of an option: Case 1: Case 2: A single octet of option-kind. An octet of option-kind, an octet of option-length, and the actual option-data octets.

The option-length counts the two octets of option-kind and option-length as well as the option-data octets. Note that the list of options may be shorter than the data offset field might imply. The content of the header beyond the End-of-Option option must be header padding (i.e., zero). A TCP must implement all options. Currently defined options include (kind indicated in octal): Kind ---0 1 2 Length -----4 Meaning ------End of option list. No-Operation. Maximum Segment Size.

Specific Option Definitions End of Option List +--------+ |00000000| +--------+ Kind=0 This option code indicates the end of the option list. This might not coincide with the end of the TCP header according to the Data Offset field. This is used at the end of all options, not the end of each option, and need only be used if the end of the options would not otherwise coincide with the end of the TCP header. No-Operation +--------+ |00000001| +--------+ Kind=1 This option code may be used between options, for example, to align the beginning of a subsequent option on a word boundary. There is no guarantee that senders will use this option, so receivers must be prepared to process options even if they do not begin on a word boundary.

Maximum Segment Size +--------+--------+---------+--------+ |00000010|00000100| max seg size | +--------+--------+---------+--------+ Kind=2 Length=4 Maximum Segment Size Option Data: If this option is present, then receive segment size at the TCP This field must only be sent in (i.e., in segments with the SYN option is not used, any segment 16 bits it communicates the maximum which sends this segment. the initial connection request control bit set). If this size is allowed.

Padding: variable
The TCP header padding is used to ensure that the TCP header ends and data begins on a 32 bit boundary. The padding is composed of zeros.

Sign up to vote on this title
UsefulNot useful