Internet

1
Internet

• CSE429
• Enbody

2
History

• 1969 ARPANETcommunication which could survive a
  nukeemail, discussions, file exchange
• 1972 "name_at_computer" introduced
• 1979 USENET, BITNET, CSNET,
• 1983 TCP/IP standard allowed all networks to
  communicatethe Internet was born1984 -
  1,000 connected computers1987 10,000 1989
  100,000
• 1983 enbody_at_cs.umn.edu

3
Other firsts forged email

• BBN 1972 day after first email
• Ray Tomlinson invented store-and-forward email
• As told by kalikow_at_bbna (2nd email address)
• Group bought Ray lunch to hear how email worked

4
How email started

• Put email (file) in a special, privileged folder
• A mailman program regularly checked for files
  in that folder.
• If file wasnt valid in name and internal format,
  it was ignored.
• If the file was valid, it was sent on its merry
  way (a copy was handed off to a mailman program
  on another computer repeat until it got to
  destination).
• The internal format had a HEADER with FIELDS
  (single-line objects)

5
First email

• The most important header field was TO with a
  name, then _at_, then ARPAnet name.
• If an email arrived at a destination and the name
  wasnt found, it was returned.
• It was nice to have
• SUBJECT field
• DATE field
• FROM field
• Optional were CC and BCC.
• Then two blank lines to indicate the end of the
  HEADER, and then the body of the email.

6
The wager

• We acolytes, nascent hackers all, realizing the
  future mischief that would and could be done with
  this system, immediately grinned at one another. 
  Almost without needing to discuss it, we each
  "anted up" 5 and agreed that the first who could
  forge an email and have it delivered would
  collect the pot.  I ended up holding the swag.  I
  took the stairs two at a time back to my office,
  

7
Cont

• turned on my admin privs to my timeshared
  TENEX box and verified that I could put any file
  I wanted into the privileged email-pickup
  directory. I quick wrote a message to my
  designated victim with my 2-day- old Tomlinson-
  written email client, and quick went to the Magic
  Pickup Directory and plucked it right outta there
  ASAP so I could "strategically alter" it (in
  TECO, natch) prior to my re-depositing it to my
  system's outgoing mailbox directory.

8
Cont

• I had chosen my victim/recipient, and I was in
  the process of making various amusing twiddles to
  my email file and was juuuust on the point of
  sending it out -- when my own email client
  process beeped and I received the following
  printout

9

• Date  February 4, 1972 To    KALIKOW_at_BBNA
  From  RNIXON_at_WHITEHOUSE Subj  YOUR ARREST AND
  EXECUTION Bcc   MILLER_at_BBNC Sir I have
  issued a bill of attainder against your person. 
  You will be arrested within the hour and shot at
  dawn. /R.M.Nixon President of the United
  States

10
First Spam

• Spam got it's name from Monty Python.
• The first spam email was sent on May 01 1978 by a
  DEC marketing representative to every ARPANET
  address on the west coast of the United States.
• It contained over 600 addresses

11

• Mail-from DEC-MARLBORO rcvd at 3-May-78
  0955-PDTDate 1 May 1978 1233-EDTFrom THUERK
  at DEC-MARLBOROSubject ADRIAN_at_SRI-KL
• To DDAY at SRI-KL, DAY at SRI-KL, DEBOER at
  UCLA-CCN,To WASHDC at SRI-KL, LOGICON at
  USC-ISI, SDAC at USC-ISI,To DELDO at USC-ISI,
  DELEOT at USC-ISI, DELFINO at USC-ISI,To
  DENICOFF at USC-ISI, DESPAIN at USC-ISI, DEUTSCH
  at SRI-KL,To DEUTSCH at PARC-MAXC, EMY at
  CCA-TENEX, DIETER at USC-ISIB,To DINES at
  AMES-67, MERADCON at SRI-KL, EPG-SPEC at
  SRI-KA,To DIVELY at SRI-KL, DODD at USC-ISI,
  DONCHIN at USC-ISIC,To JED at LLL-COMP, DORIN
  at CCA-TENEX, NYU at SRI-KA,To DOUGHERTY at
  USC-ISI, PACOMJ6 at USC-ISI,To DEBBY at
  UCLA-SECURITY, BELL at SRI-KL, JHANNON at
  SRI-KA,To DUBOIS at USC-ISI, DUDA at SRI-KL,
  POH at USC-ISI,To LES at SU-AI, EAST at
  BBN-TENEX, DEASTMAN at USC-ECL,To EBISU at
  I4-TENEX, NAC at USC-ISIE, ECONOMIDIS at
  I4-TENEX,To WALSH at SRI-KL, GEDWARDS at
  SRI-KL, WEDWARDS at USC-ISI,To NUSC at SRI-KL,
  RM at SU-AI, ELKIND at PARC-MAXC,To ELLENBY at
  PARC-MAXC, ELLIS at PARC-MAXC, ELLIS at
  USC-ISIB,

12

• DIGITAL WILL BE GIVING A PRODUCT
  PRESENTATION OF THE NEWEST MEMBERS OF THE
  DECSYSTEM-20 FAMILY THE DECSYSTEM-2020, 2020T,
  2060, AND 2060T. THE DECSYSTEM-20 FAMILY OF
  COMPUTERS HAS EVOLVED FROM THE TENEX OPERATING
  SYSTEM AND THE DECSYSTEM-10 COMPUTER
  ARCHITECTURE. BOTH THE DECSYSTEM-2060T AND 2020T
  OFFER FULL ARPANET SUPPORT UNDER THE TOPS-20
  OPERATING SYSTEM. THE DECSYSTEM-2060 IS AN UPWARD
  EXTENSION OF THE CURRENT DECSYSTEM 2040 AND 2050
  FAMILY. THE DECSYSTEM-2020 IS A NEW LOW END
  MEMBER OF THE DECSYSTEM-20 FAMILY AND FULLY
  SOFTWARE COMPATIBLE WITH ALL OF THE OTHER
  DECSYSTEM-20 MODELS.WE INVITE YOU TO COME SEE
  THE 2020 AND HEAR ABOUT THE DECSYSTEM-20 FAMILY
  AT THE TWO PRODUCT PRESENTATIONS WE WILL BE
  GIVING IN CALIFORNIA THIS MONTH. THE LOCATIONS
  WILL BETUESDAY, MAY 9, 1978 - 2 PMHYATT HOUSE
  (NEAR THE L.A. AIRPORT)LOS ANGELES,
  CATHURSDAY, MAY 11, 1978 - 2 PMDUNFEY'S ROYAL
  COACHSAN MATEO, CA(4 MILES SOUTH OF S.F.
  AIRPORT AT BAYSHORE, RT 101 AND RT 92)A 2020
  WILL BE THERE FOR YOU TO VIEW. ALSO TERMINALS
  ON-LINE TO OTHER DECSYSTEM-20 SYSTEMS THROUGH THE
  ARPANET. IF YOU ARE UNABLE TO ATTEND, PLEASE FEEL
  FREE TO CONTACT THE NEAREST DEC OFFICE FOR MORE
  INFORMATION ABOUT THE EXCITING DECSYSTEM-20
  FAMILY.

13
Internet History

• 1973 Metcalfes PhD thesis proposes Ethernet
• 1974 Cerf and Kahn - architecture for
  interconnecting networks

• Cerf and Kahns internetworking principles
• minimalism, autonomy - no internal changes
  required to interconnect networks
• best effort service model
• stateless routers
• decentralized control
• define todays Internet architecture

14
History (cont)

• 1986 NSFNet high-speed backbone
• 1991 World Wide Web (http HyperText Transfer
  Protocol)by Physicist Tim Berners-Lee at CERN
• 1993 Mosaic browser (by NCSA)
• 1993 I found my building in Norway (sabbatical)
• 1994 Enbody web page
• 1995 Internet opened to commercial use
• 1998 Google founded (by Larry Page of East
  Lansing)

15
How does it work?
16
Letter Analogy

• Write a 20-page letter to Grandma
• Number the pages
• Put each page in a separate envelope
• Drop them in the mail

17
Letter Analogy Continued

• Do letters take the same route?
• Do letters arrive at the same time?
• Do letters arrive in any particular order?
• How does Grandma handle multiple letters
  arriving?
• What if a letter gets lost?

18
Analogy Continued

• Intermediate Post Offices act like routers.
• Mail boxes are similar to ports(more later)

19
How it works

• Here's what happens to a piece of data (e.g. an
  email) when it is transferred over the Internet
• It is broken up into a whole lot of same-sized
  pieces (packets).
• A header is added to each packet that explains
  where it came from, where it is going and how it
  fits with the rest of the packets.
• Each packet is sent from computer to computer
  until it finds its way to its destination. Each
  computer along the way decides where next to send
  the packet. This could depend on things like how
  busy the other computers are when the packet was
  received. The packets may or may not all take
  the same route.
• At the destination, the packets are examined. If
  there are any packets missing or damaged, a
  message is sent asking for those packets to be
  resent. This continues until all the packets
  have been received intact.
• The packets are reassembled into their original
  form.

20
TCP/IP

• A bunch of 1s and 0s come across a wire. How do
  I interpret them?
• Each computer connected up to the Internet has
  software called TCP/IP (Transmission Control
  Protocol/Internet Protocol) which is responsible
  for receiving, sending and checking packets.
• TCP/IP is the 'glue' of the Internet. (standard)

21
(No Transcript)
22
Traceroute

• Demo on arctic
• Also, http//visualroute.visualware.com/
• Try
• uts.edu.au
• ntnu.no

23
IP

• Everything on the internet has an address
• www.hcidata.co.uk/host2ip
• www.networldmap.com/TryIt.htm
• IP address 168.212.226.204in binary form is
  10101000.11010100.11100010.11001100

24
Classes of Networks

• Class A - supports 16 million hosts on each of
  126 networks
• Class B - supports 65,000 hosts on each of 16,000
  networks
• Class C - supports 254 hosts on each of 2 million
  networks

25
Class A

• Class A Network -- binary address start with 0,
  therefore the decimal number can be anywhere from
  1 to 126. The first 8 bits (the first octet)
  identify the network and the remaining 24 bits
  indicate the host within the network. An example
  of a Class A IP address is 102.168.212.226, where
  "102" identifies the network and "168.212.226"
  identifies the host on that network.

26
Class B Network

• binary addresses start with 10, therefore the
  decimal number can be anywhere from 128 to 191.
  (The number 127 is reserved for loopback and is
  used for internal testing on the local machine.)
  The first 16 bits (the first two octets) identify
  the network and the remaining 16 bits indicate
  the host within the network. An example of a
  Class B IP address is 168.212.226.204 where
  "168.212" identifies the network and "226.204"
  identifies the host on that network.

27
Class C Network

• binary addresses start with 110, therefore the
  decimal number can be anywhere from 192 to 223.
  The first 24 bits (the first three octets)
  identify the network and the remaining 8 bits
  indicate the host within the network. An example
  of a Class C IP address is 200.168.212.226 where
  "200.168.212" identifies the network and "226"
  identifies the host on that network.

28
Class D Network

• binary addresses start with 1110, therefore the
  decimal number can be anywhere from 224 to 239.
  Class D networks are used to support
  multicasting.

29
Class E Network

• binary addresses start with 1111, therefore the
  decimal number can be anywhere from 240 to 255.
  Class E networks are used for experimentation.
  They have never been documented or utilized in a
  standard way.
• Why important?Dark Net

30
Part I Introduction

• Goal
• get context, overview, feel of networking
• more depth, detail later in course
• approach
• descriptive
• use Internet as example

• Overview
• whats the Internet
• whats a protocol?
• network edge
• network core
• access net, physical media
• performance loss, delay
• protocol layers, service models
• backbones, NAPs, ISPs
• history
• ATM network

31
Whats the Internet nuts and bolts view

• millions of connected computing devices hosts,
  end-systems
• pcs, workstations, servers
• PDAs, phones, toasters
• running network apps
• communication links
• fiber, copper, radio, satellite
• routers forward packets (chunks) of data thru
  network

32
Whats the Internet nuts and bolts view

• protocols control sending, receiving of msgs
• e.g., TCP, IP, HTTP, FTP, PPP
• Internet network of networks
• loosely hierarchical
• public Internet versus private intranet
• Internet standards
• RFC Request for comments
• IETF Internet Engineering Task Force

router
workstation
server
mobile
local ISP
regional ISP
company network
33
Whats the Internet a service view

• communication infrastructure enables distributed
  applications
• WWW, email, games, e-commerce, databases, voting,
  
• more?
• communication services provided
• connectionless
• connection-oriented
• cyberspace Gibson

34
Whats a protocol?

• human protocols
• whats the time?
• I have a question
• introductions
• specific msgs sent
• specific actions taken when msgs received, or
  other events

• network protocols
• machines rather than humans
• all communication activity in Internet governed
  by protocols

protocols define format, order of msgs sent and
received among network entities, and actions
taken on msg transmission, receipt
35
Whats a protocol?

• a human protocol and a computer network protocol

Hi
TCP connection req.
Hi
Q Other human protocol?
36
A closer look at network structure

• network edge applications and hosts
• network core
• routers
• network of networks
• access networks, physical media communication
  links

37
The network edge

• end systems (hosts)
• run application programs
• e.g., WWW, email
• at edge of network
• client/server model
• client host requests, receives service from
  server
• e.g., WWW client (browser)/ server email
  client/server
• peer-peer model
• host interaction symmetric
• e.g. teleconferencing

38
Network edge connection-oriented service

• Goal data transfer between end sys.
• handshaking setup (prepare for) data transfer
  ahead of time
• Hello, hello back human protocol
• set up state in two communicating hosts
• TCP - Transmission Control Protocol
• Internets connection-oriented service

• TCP service RFC 793
• reliable, in-order byte-stream data transfer
• loss acknowledgements and retransmissions
• flow control
• sender wont overwhelm receiver
• congestion control
• senders slow down sending rate when network
  congested

39
Network edge connectionless service

• Goal data transfer between end systems
• same as before!
• UDP - User Datagram Protocol RFC 768
  Internets connectionless service
• unreliable data transfer
• no flow control
• no congestion control

• Apps using TCP
• HTTP (WWW), FTP (file transfer), Telnet (remote
  login), SMTP (email)
• Apps using UDP
• streaming media, teleconferencing, Internet
  telephony

40
The Network Core

• mesh of interconnected routers
• the fundamental question how is data transferred
  through net?
• circuit switching dedicated circuit per call
  telephone net
• packet-switching data sent thru net in discrete
  chunks

41
Network Core Circuit Switching

• End-to-end resources reserved for call
• link bandwidth, switch capacity
• dedicated resources no sharing
• circuit-like (guaranteed) performance
• call setup required

42
Network Core Circuit Switching

• network resources (e.g., bandwidth) divided into
  pieces
• pieces allocated to calls
• resource piece idle if not used by owning call
  (no sharing)
• dividing link bandwidth into pieces
• frequency division
• time division

43
Network Core Packet Switching

• each end-end data stream divided into packets
• user A, B packets share network resources
• each packet uses full link bandwidth
• resources used as needed,

• resource contention
• aggregate resource demand can exceed amount
  available
• congestion packets queue, wait for link use
• store and forward packets move one hop at a time
• transmit over link
• wait turn at next link

44
Network Core Packet Switching
10 Mbs Ethernet
C
A
statistical multiplexing
1.5 Mbs
B
queue of packets waiting for output link
45 Mbs

• Packet-switching versus circuit switching human
  restaurant analogy
• other human analogies?

45
Packet switching versus circuit switching

• Packet switching allows more users to use network!

• 1 Mbit link (1Mbps)
• each user
• 100Kbps when active
• active 10 of time
• circuit-switching
• 10 users
• packet switching
• with 35 users, probability 10 active less that
  .0017

N users
1 Mbps link
46
Back in the Old Days
47
TDM Logical Network View
48
Packet Switching (Internet)
Packets
49
Current

• The Internet is packet switched
• Essentially all information travels the Internet
  in packets.

50
DSL vs Cable?

• How can 300KB DSL be faster than 4MB Cable? (what
  does all this mean!)

51
DSL

• DSL is built on the phone system which is circuit
  switchedat least to the phone company building.
  That is, you dont share the line with anyone.
• There it is connected to the Internet (which is
  packet switched and shared, but the capacity is
  huge).

52
Cable

• A cable shared with your neighbors.
• Worse, only one user at a time uses the cable
  (Ethernet)

53
Ethernet

• Ethernet is a protocol for communicating on a
  shared wire.
• Imagine communicating on a dorm floor by shouting
  out your door.
• If no one else is shouting, your message is heard
  clearly by everyone.
• If everyone is polite, they pay attention only to
  the message shouted to them.
• If you hear someone else shouting, you dont
  shout because you know that your message will not
  be heard so you wait for quiet before shouting.
• If two or more people begin shouting at the same
  time, you both can hear the gibberish so you both
  stop and wait a random amount of time.

54
Ethernet

• Ethernet works (it is one of the most common
  protocols)
• Dorms use Ethernet
• If too many people are trying to communicate, it
  can get messy.
• Cable works on a shared medium (the cable). Its
  performance is based on the number sharing and
  what they are doing. Companies advertise the
  speed of an empty cable.

55
Cable vs Internet

• Which is more secure?
• In a dorm you can listen to all communication on
  your floor.

56
What is Layering?

• Modular approach to network functionality
• Example

Application
Application-to-application channels
Host-to-host connectivity
Link hardware
57
Layering
User A
User B
Application
Transport
Network
Link
Host
Host
Layering technique to simplify complex systems
58
Layer Encapsulation
User A
User B
Get index.html
Connection ID
Source/Destination
Link Address
59
Encapsulation
Application (FTP, HTTP, )
Data
Header
Transport (TCP,UDP,)
Header
Internet (IP)
Header
Network (Ethernet)
60
Protocol Demultiplexing

• Multiple choices at each layer

FTP
HTTP
TFTP
NV
TCP
UDP
TCP/UDP
IP
Network
IP
IPX
Port Number
Protocol Field
Type Field
NET1
NET2
NETn

61
Security and Packets

• From, To, Port

Port
To
From
62
National Backbone Provider
e.g. BBN/GTE US backbone network
63
Security Issues

• Information in packets
• No connection to sourceunlike a phone (circuit
  switched)
• From field can be spoofed
• No connection to source
• Communication is on a shared medium
• Everyone can listensimilar to the old-fashion
  party phone lines(I used to have one in the
  1960s).

64
Denial of Service

• a human protocol and a computer network protocol

Hi
TCP connection req.
Hi
Q How is denial of service done using protcols?
65
What is a firewall?
66
Firewall
Internet
Firewall
Examine packets
67
Firewall packet inspection

• Is the to address for my network or computer?
• Is the from address on a black list?
• Is the packet type acceptable?E.g. protocol such
  as Telnet.
• Is the port allowed?Ports are associated with
  applications.
• Do I recognize the packet as bad?

68
Firewall states

• Is this packet part of communication started from
  my computer/network?
• Is the protocol being followed correctly?
• Win-XP firewall has states

69
Firewalls check outgoing traffic

• Is a disallowed application on my
  computer/network trying to talk to the
  Internet?E.g. trojan horse
• Is the from address not my computer or not on
  my network?

70
Network Address Translation (NAT)
10.42.6.9
35.9.20.20
NAT
Client
Server

• (Linux calls it masquerading)

71
What good is it?
72
Firewall
OnlyPort 80 open
Intranet
Internet
Firewall
Firewall
web server
DMZ
73
Security

• Firewalls are not a panacea Many attacks are
  removed, but many remain.
• For example, a bug in an allowed application will
  pass through the firewall. An
  application-specific attack such as Slammer would
  get through a firewall.
• Some service may be overlooked. UDP was
  considered safe until Slammer.

74
Simple virus example

• Email attachment arrives from a friend.
• Pretends to be picture, but is an executable
  program.
• You click on it, and the program runs.
• From Day 1The Ten Immutable Laws of Security1.
  If a bad guy can persuade you to run his program
  on your computer, its not your computer
  anymore.
• Program reads your address book, and sends itself
  to your friends.

75
Defense

• Social Engineering dont open attachments
  shoot first, ask questions later
• Do not run as Administrator.Create a
  non-administrator account.A rogue program in an
  Administrator account is allowed to do much more
  damage.
• An anti-virus program can check emails for known
  viruses and take action before you click on the
  attachment.

76
Buffer Overflow attack

• This is a real attack used on a commercial
  computer.

77
Login Attack

• Name?
• Password?
• Look up name and password in a table.
• For security table is encrypted.

78
Simple Encryption ROT13

• ABCDEFGHIJKLMNOPQRSTUVWXYZ
• D ?
• D Q
• U ?
• U H
• Wrap-around
• In math it is called modulo (D 13) mod 26
• www.rot13.com

79
ROT13 is used for Internet jokes

• Why did the chicken cross the road?
• gb cebir gb gur cbffhz gung vg pbhyq or qbar

80
Well use it for my password table
NAME
PASSWORD
In reality passwords use a one-way function for
example if you know that x2 25, what is x?
81
Login procedure

• Get name.
• Look up encrypted password in table.
• Get password.
• Encrypt password.
• Compare encrypted password with value from table.
• If equal, allow them in.

PASS TBL
E(PASS)
PASS
NAME
82
Login procedure attack

• Get name.
• Look up encrypted password in table.
• Get password.
• Encrypt password.
• Compare encrypted password with value from table.
• If equal, allow them in.

PASS TBL
E(PASS)
PASS
NAME
83
Buffer Overflow attack

• http//www.cse.msu.edu/enbody/overflow.htm

84
Today

• Internet
• Packets (vs. circuits)
• DSL vs. Cable
• Firewalls
• Virus
• Denial of Service