Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Syllabus for interview


Published on

  • Be the first to comment

  • Be the first to like this

Syllabus for interview

  1. 1. Syllabus for Interview1) Hardware2) Networking3) CCNA4) Redhat5) It SecurityHardware1) Motherboarda) North Bridge (MCH (memory controller hub))b) South Bridge (ICH (I/O controller Hub)) Motherboard has to very important component North Bridge and south bridge.Both have different –different work. Both are chips on the mother board. Another Name of North Bridge is MCH/IMCH (memory controller hub/integratedmemory controller hub). It is used to manage communication between RAM, CPU, AGP,and chach memory. Another Name of south bridge is ICH. Rest of the component which is nothandled by the north bridge. Like PCI SLOT, USB, ISA IDE BIOS LEGACY. 1
  2. 2. ZERO LEVEL FORMATTING 1) For Zero level formatting you have to insert windows 98 cd in cdrom and restart system boot via cd rom 2) You find command prompt and go to cd rom 3) A:> G: suppose A is default prompt and G is 98 prompt 4) G:> dir 5) G:>cd Dm 6) G:DM>dir 7) G:DM>cd DmSam 8) G:DMDMSAM>DIR 9) G:DMDMSAM>DM /X/MRAID (redundant array of independent disks; originally redundant array ofinexpensive disks)RAID is a way of storing the same data in different places (thus, redundantly) on multiplehard disk . By placing data on multiple disks, I/O (input/output) operations can overlap ina balanced way, improving performance.  RAID-0: This technique has striping but no redundancy of data. It offers the best performance but no fault-tolerance.  RAID-1: This type is also known as disk mirroring and consists of at least two drives that duplicate the storage of data. There is no striping. Read performance is improved since either disk can be read at the same time. Write performance is the same as for single disk storage. RAID-1 provides the best performance and the best fault-tolerance in a multi-user system.  RAID-2: This type uses striping across disks with some disks storing error checking and correcting (ECC) information. It has no advantage over RAID-3.  RAID-3: This type uses striping and dedicates one drive to storing parity information. The embedded error checking (ECC) information is used to detect errors. Data recovery is accomplished by calculating the exclusive OR (XOR) of the information recorded on the other drives. Since an I/O operation addresses all drives at the same time, RAID-3 cannot overlap I/O. For this reason, RAID-3 is best for single-user systems with long record applications.  RAID-4: This type uses large stripes, which means you can read records from any single drive. This allows you to take advantage of overlapped I/O for read operations. Since all write operations have to update the parity drive, no I/O overlapping is possible. RAID-4 offers no advantage over RAID-5.  RAID-5: This type includes a rotating parity array, thus addressing the write limitation in RAID-4. Thus, all read and write operations can be overlapped. RAID-5 stores parity information but not redundant data (but parity information 2
  3. 3. can be used to reconstruct data). RAID-5 requires at least three and usually five disks for the array. Its best for multi-user systems in which performance is not critical or which do few write operations.  RAID-10: Combining RAID-0 and RAID-1 is often referred to as RAID-10, which offers higher performance than RAID-1 but at much higher cost. There are two subtypes: In RAID-0+1, data is organized as stripes across multiple disks, and then the striped disk sets are mirrored. In RAID-1+0, the data is mirrored and the mirrors are striped.Small Computer System Interface (SCSI)Internal memoryRam (Random access memory)Rom (Read only memory) 1. ROM - Read Only Memory 2. PROM - Programmable Read Only Memory 3. EPROM - Erasable Programmable Read Only Memory (UV RAYS) 4. EEPROM - Electrically Erasable Programmable Read Only Memory (high voltage of electric) 5. Flash EEPROM memoryBIOS=It stands for Basic input output system. It is also known as ROM (Read OnlyMemory). It is the boot firmware program on a PC, and controls the computer from thetime you start it up until the operating system takes over. When you turn on a PC, theBIOS first conduct a basic hardware check, called a Power-On Self Test (POST), todetermine whether all of the attachments are present and working. Then it loads theoperating system into your computers random access memory, or RAM. The BIOS also manages data flow between the computers operating system andattached devices such as the hard disk, video card, keyboard, mouse, and printer. The BIOS stores the date, the time, and your system configuration information ina battery-powered, non-volatile memory chip, called a CMOS (Complementary MetalOxide Semiconductor) after its manufacturing process. Although the BIOS is standardized and should rarely require updating, some olderBIOS chips may not accommodate new hardware devices. Before the early 1990s, youcouldnt update the BIOS without removing and replacing its ROM chip. ContemporaryBIOS resides on memory chips such as flash chips or EEPROM (Electrically ErasableProgrammable Read-Only Memory), so that you can update the BIOS yourself ifnecessary.POST= It stands of Power on self test. The POST is a test the computer must completeto verify all hardware is working properly before starting the remainder of the bootprocess. If the computer passes the POST the computer will often return a single beepand if unsuccessful will create a beep code that indicates the error. 3
  4. 4. NetworkingWhat is network? A network consists of two or more computers that are linked in order to shareresources (such as printers and CDs), exchange files, or allow electronic communications.The computers on a network may be linked through cables, telephone lines, radio waves,satellites, or infrared light beams. Wired and wireless both are called communicationmedia. Communication media – there are two types of communication media.1) Wired2) Wireless1) Wired- in wired communication mediaAngina three typesA) Coaxial cable (connector BNC=births novel connector) I) thin net coaxial cable (RG 58) ii) Thick net coaxial cable (RG 8)B) Twisted pair cable (RJ45) I) UTP (unshielded twisted pair cable) ii) STP (shielded twisted pair cable)c) Fiber optic cable (SC=subscriber connector, ST=straight tip connector) i) Single mode fiber optic cable ii) Multimode fiber optic cableSome important terms of networking -:1) MAC Address2) IP Address3) NIC4) HUB5) SWITCH6) ROUTER7) BRIDGE8) MODEM9) ACCESS POINT10) COLLISION DOMAIN11) BROADCAST DOMAIN12) VPN (VITUAL PRIVATE NETWORK)13) NODE14) HOST15) FIREWALL16) TRANSCIVER1) MAC Address:- (Media access control) It is also known as hardware address orphysical address of a devices. It is 12 digit hexadecimal number and 48 bit binarynumber. It is representing in hexadecimal number. Broadcast Mac address FF: FF: FF: 4
  5. 5. FF: FF: FF(layer two Broadcast address). First 6 digits are manufacture id and another sixdigit are client id which is maintained by manufacturer. MM:MM:MM:SS:SS:SS2) IP ADDRESS:- (Internet protocol ) It is logical address of a device . It is 32 bit binarynumber which is represent in decimal format and it is divided into 4 octets and each octetis separated by each other by dot (.). In a single network any ip address should not besame otherwise ip conflicted error will come. Broadcast Ip address three Broadcast address).3) NIC:-It stands for network interface card . In computer networking, a NIC providesthe hardware interface between a computer and a network. A NIC technically is networkadapter hardware in the form factor of an add-in card such as a PCI or PCMCIA card.This is the card that physically makes the connection between the computer and thenetwork cable.4) HUB:- Hub is a network connectivity device and it is work on layer one of osi modeldevices. It is work in half duplex mode. Hub received data packet from a computer andBroadcast it to all devices. In a hub one collision domain and one broadcast domain. Collision domains are found in a hub environment where each host segment connectsto a hub that represents only one collision domain and only one broadcast domain.Collision domains are also found in wireless network such as wi-fi.5) SWITCH:-Switch is also network connectivity devices; it is work on layer two of osimodel. It works on full duplex mode. A switch has 1 collision domain per interface. Andone broadcast domain. Switch create Mac table by using hardware chip ASIC(Application Specific Integrated Circuit)6) ROUTER:- A router is a internet work connectivity device that is used tocommunicate one network to another network. Routers operate at the network layer (OSIModels layer 3). The primary function of a router is to connect networks together andkeep certain kinds of broadcast traffic under control. There are several companies thatmake routers: Cisco (Linksys), Juniper, Nortel (Bay Networks), Redback, Lucent, 3com,and HP just to name a few. Restrict network broadcasts to the LAN Act as the default gateway. Move data between networks Learn and advertise loop free pathsRouter works two types of protocol Routed and Routing protocol. A routed protocol canbe routed by a router, which means that it can be forwarded from one router to another.A routed protocol contains the data elements required for a packet to be sent outside of itshost network or network segment. In other words, a routed protocol can be routed.Routed protocols are IP and IPX.Routing protocol select the best path for packet transmission of remote network. examplerip eigrp ospf is routing protocol. 5
  6. 6. 7) BRIDGE:-It is used to connect two different network segment in a Lan.A bridge device filters data traffic at a network boundary. Bridges reduce the amount oftraffic on a LAN by dividing it into two segments. Bridges operate at the data link layer(Layer 2) of the OSI model. Bridges inspect incoming traffic and decide whether toforward or discard it. An Ethernet bridge, for example, inspects each incoming Ethernetframe - including the source and destination MAC addresses, and sometimes the framesize - in making individual forwarding decisions.8) MODEM:- It is called modulator-demodulator. It is convert digital signals into analogsignals it is called modulation and transmits it. At the receiving end angina it convertanalog signal into digital signal it is called demodulation.9) ACCESS POINT :- Wireless access points (APs or WAPs) are specially configurednodes on wireless local area networks (WLANs). Access points act as a centraltransmitter and receiver of WLAN radio signals.Access points used in home or smallbusiness networks are generally small, dedicated hardware devices featuring a built-innetwork adapter, antenna, and radio transmitter. Access points support Wi-Fi wirelesscommunication standards.10) COLLISION DOMAIN:- A collision domain is an area on the network where twodevices may attempt to transmit at the same time. A hub has 1 collision domain overall.A switch has 1 collision domain per interface.11) BROADCAST DOMAIN:- A broadcast domain is a logical division of a computernetwork, in which all nodes can reach each other by broadcast at the data link layer. Abroadcast domain can be within the same LAN segment or it can be bridged to otherLAN segments. In a switch one broadcast domain. If any switch has 12 ports then one Broadcast domain and 12 collision domain init. If any hub has 12 ports then single collision domain and single broadcast domain.12)VPN:- A Virtual Private Network (VPN) is a network technology that creates a securenetwork connection over a public network such as the Internet or a private networkowned by a service provider. Large corporations, educational institutions, andgovernment agencies use VPN technology to enable remote users to securely connect to aprivate network.13) NODE:- In networks, a processing location. A node can be a computer or someother device, such as a printer. Every node has a unique network address, sometimescalled a Data Link Control (DLC) address or Media Access Control (MAC) address.A node can be a computer and terminal and any other devices.14) HOST:-In a computer network host has a unique ip address. And it has some data. Acomputer that is connected to a TCP/IP network, including the Internet. Each host has aunique IP address. 6
  7. 7. 15) FIREWALL:-Firewall is both hardware and software devices. A system designed toprevent unauthorized access to or from a private network. Firewalls can be implementedin both hardware and software, or a combination of both. Firewalls are frequently used toprevent unauthorized Internet users from accessing private networks connected to theInternet, especially internet. All messages entering or leaving the intranet pass throughthe firewall, which examines each message and blocks those that do not meet thespecified security criteria.16) TRANSCIVER =Network Transceivers, short for transmitter-receiver, are devicesthat both transmit and receive analog or digital signals. The term is used most frequentlyto describe the component in a local-area network (LAN) that actually applies signalsonto the network wire and also detects signals passing through the same wire. For manyLANs, the transceiver is built directly into the network interface card (NIC). Some typesof networks, however, require an external transceiver. Network transceivers are available in three main configurations: chip, board, ormodule style. Chip style network transceivers are the smallest type. They can easily beinserted into or removed from a network system. Board style devices are built directlyinto a network board or card. Module transceivers are external to the network, and areinstalled and function similarly to other computer peripherals, or they may function asstand-alone devices.TYPES OF NETWORK:Basically there are three types of network:-1) LAN2) WAN3) MAN1) LAN:-LAN stands for local area network. It is a computer network which is connotedwith each other and shair their resources and information but not connected to the internetis called LAN.2) WAN:-WAN stands for wide are network. A WAN spans a large geographic area,such as a state, province or country. WANs often connect multiple smaller networks,such as local area networks (LANs) or metro area networks (MANs).The worlds most popular WAN is the Internet. Some segments of the Internet, like VPN-based extranets, are also WANs in themselves. Finally, many WANs are corporate orresearch networks that utilize leased lines.WANs generally utilize different and much more expensive networking equipment thando LANs. Key technologies often found in WANs include SONET, Frame Relay,and ATM.3)MAN:- Man stand for Metropolitan area network. A network spanning a physical arealarger than a LAN but smaller than a WAN, such as a city. A MAN is typically owned anoperated by a single entity such as a government body or large corporation. 7
  8. 8. NETWORK MODEL:-There are three types of network model1) Peer to peer2) Server client3) Central computing1) PEER TO PEER =Peer-to-peer (abbreviated to P2P) refers to a computer network inwhich each computer in the network can act as a client or server for the other computersin the network, allowing shared access to files and peripherals without the need for acentral server. P2P networks can be set up in the home, a business or over the Internet.Each network type requires all computers in the network to use the same or a compatibleprogram to connect to each other and access files and other resources found on the othercomputer. P2P networks can be used for sharing content such as audio, video, data oranything in digital format.2) SERVER CLIENT =The client/server model is a computing model that actsas distributed application which partitions tasks or workloads between the providers of aresource or service, called servers, and service requesters, called clients. Often clients and 8
  9. 9. servers communicate over a computer network on separate hardware, but both client andserver may reside in the same system. A server machine is a host that is running one ormore server programs which share their resources with clients. A client does not shareany of its resources, but requests a servers content or service function. Clients thereforeinitiate communication sessions with servers which await incoming requests.3) CENTRAL COMPUTING =Centralized computing is computing done at a centrallocation, using terminals that are attached to a central computer. The computer itself maycontrol all the peripherals directly (if they are physically connected to the centralcomputer), or they may be attached via a terminal server. Alternatively, if the terminalshave the capability, they may be able to connect to the central computer over thenetwork. The terminals may be text terminals or thin clients, for example. In this type ofmodel a machine process all the data and other computer in network work like as dumpterminal they can only provide the input and see the output.NETWORK TOPOLOGYES -The specific physical, i.e., real, or logical, i.e., virtual, arrangement of the elements of anetwork. Note 1: Two networks have the same topology if the connection configurationis the same, although the networks may differ in physical interconnections, distancesbetween nodes, transmission rates, and/or signal types. Note 2: The common types ofnetwork topology are illustrated and defined in alphabetical order below. There are twotype of network topology. 1) logical and 2) physical topology . 9
  10. 10. 1)LOGICAL TOPOLOGY =Logical topology (also referred to as signal topology) is anetwork computing term used to describe the arrangement of devices on a network andhow they communicate with one another. Logical topologies are bound to network protocols and describe how data ismoved across the network. There are attempts to study the logical topology ofthe Internet by network scientists such as Albert-László Barabási.2) PHYSICL TOPOLOGY =The shape of the cabling layout used to link devices iscalled the physical topology of the network. This refers to the layout of cabling, thelocations of nodes, and the interconnections between the nodes and the cabling. Thephysical topology of a network is determined by the capabilities of the network accessdevices and media, the level of control or fault tolerance desired, and the cost associatedwith cabling or telecommunications circuits. 1. Bus Topology 2. Star Topology 3. Ring Topology 4. Mesh Topology --> Full Mesh --> Partial Mesh 5. Tree Topology 6. Hybrid Topology1)BUS TOPOLOGY =In local area networks where bus topology is used, each node isconnected to a single cable. Each computer or server is connected to the single bus cable.And it is terminated at both ends. bus topology consists of only one wire, it is ratherinexpensive to implement when compared to other topologies. However, the low cost ofimplementing the technology is offset by the high cost of managing the network.Additionally, since only one cable is utilized, it can be the single point of failure. If thenetwork cable is terminated on both ends and when without termination data transfer stopand when cable breaks, the entire network will be down.Advantages:A)Failure of one of the station does not affect others.B)Good compromise over the other two topologies as it allows relatively high rate of datatansmittion.C)Well suited for temporary networks that must be set up in a hurry.D)Easy to implement and extend.Disadvantage:A)Require a network to detect when two nodes are transmitting at the same time.B)Does not cope well with heavy traffic ratesC)Difficult to administer/troubleshoot.E)Limited cable length and number of stations.F)A cable brake can disable the entire network; no redundancy.G)Maintenance cost may be higher in the long run.H)Performance degrade as additional computers are added. 10
  11. 11. 2) STAR TOPOLOGY =In local area networks with a star topology, In Star topology,all the components of network are connected to the central device called ―hub‖ whichmay be a hub, a router or a switch. Unlike Bus topology (discussed earlier), where nodeswere connected to central cable, here all the workstations are connected to central devicewith a point-to-point connection. So it can be said that every computer is indirectlyconnected to every other node by the help of ―hub, Switch‖. All the data on the star topology passes through the central device beforereaching the intended destination. Hub acts as a junction to connect different nodespresent in Star Network, and at the same time it manages and controls whole of thenetwork. Depending on which central device is used, ―hub‖ can act as repeater or signalbooster. Central device can also communicate with other hubs of different network.Unshielded Twisted Pair (UTP) Ethernet cable is used to connect workstations to centralnode.Advantages :1)New system can be added easily and quickly.2)A single cable fail no break down entire network.3)It is easy to troubleshoot.Disadvantages :1)It is costly because of large amount of cable is required.2)It has single point of fail ( Hub, Switch and Access Point)3) RING TOPOLOGY =In Ring Topology, all the nodes are connected to each-other insuch a way that they make a closed loop. Each workstation is connected to two othercomponents on either side, and it communicates with these two adjacent neighbors. Datatravels around the network, in one direction. Sending and receiving of data takes place by 11
  12. 12. the help of TOKEN.Token Passing (in brief) : Token contains a piece of information which along with datais sent by the source computer. This token then passes to next node, which checks if thesignal is intended to it. If yes, it receives it and passes the empty to into the network,otherwise passes token along with the data to next node. This process continues until thesignal reaches its intended destination.The nodes with token are the ones only allowed to send data. Other nodes have to waitfor an empty token to reach them. This network is usually found in offices, schools andsmall buildings. RING AND TOKEN RINGAdvantages of Ring Topology1) This type of network topology is very organized. Each node gets to send the datawhen it receives an empty token. This helps to reduces chances of collision. Also in ringtopology all the traffic flows in only one direction at very high speed.2) Even when the load on the network increases, its performance is better than thatof Bus topology.3) There is no need for network server to control the connectivity between workstations.4) Additional components do not affect the performance of network.5) Each computer has equal access to resources.Disadvantages of Ring Topology1) Each packet of data must pass through all the computers between source anddestination. This makes it slower than Star topology.2) If one workstation or port goes down, the entire network gets affected. 12
  13. 13. 3) Network is highly dependent on the wire which connects different components.4) MAU‘s and network cards are expensive as compared to Ethernet cards and hubs.4) MASH TOPOLOGY =In a mesh network topology, each of the network node,computer and other devices, are interconnected with one another. Every node not onlysends its own signals but also relays data from other nodes. In fact a true mesh topologyis the one where every node is connected to every other node in the network. This type oftopology is very expensive as there are many redundant connections, thus it is not mostlyused in computer networks. It is commonly used in wireless networks. Flooding orrouting technique is used in mesh topology.Types of Mesh Network topologies:-1)FULL MESH TOPOLOGY: In this, like a true mesh, each component is connected to every other component. Even after considering the redundancy factor and cost of this network, its main advantage is that the network traffic can be redirected to other nodes if one of the nodes goes down. Full mesh topology is used only for backbone networks. 2)PARTIAL MESH TOPOLOGY:This is far more practical as compared to full mesh topology. Here, some of the systemsare connected in similar fashion as in mesh topology while rests of the systems are onlyconnected to 1 or 2 devices. It can be said that in partial mesh, the workstations are‗indirectly‘ connected to other devices. This one is less costly and alsoreducesredundancy. Mesh Topology DiagramAdvantages of Mesh topology1) Data can be transmitted from different devices simultaneously. This topology canwithstand high traffic.2) Even if one of the components fails there is always an alternative present. So datatransfer doesn‘t get affected. 13
  14. 14. 3) Expansion and modification in topology can be done without disrupting other nodes.Disadvantages of Mesh topology1) There are high chances of redundancy in many of the network connections.2) Overall cost of this network is way too high as compared to other network topologies.3) Set-up and maintenance of this topology is very difficult. Even administration of thenetwork is tough.5) TREE TOPOLOGY = Tree Topology integrates the characteristics of Star and BusTopology. Earlier we saw how in Physical Star network Topology, computers (nodes) areconnected by each other through central hub. And we also saw in Bus Topology, workstation devices are connected by the common cable called Bus. After understanding thesetwo network configurations, we can discuss tree topology better. In Tree Topology, thenumber of Star networks are connected using Bus. This main cable seems like a mainstem of a tree, and other star networks as the branches. It is also called Expanded StarTopology. Ethernet protocol is commonly used in this type of topology. The diagrambelow will make it clear.Advantages of Tree Topology1. It is an extension of Star and bus Topologies, so in networks where these topologiescant be implemented individually for reasons related to scalability, tree topology is thebest alternative.2. Expansion of Network is possible and easy.3. Here, we divide the whole network into segments (star networks), which can be easilymanaged and maintained.4. Error detection and correction is easy.5. Each segment is provided with dedicated point-to-point wiring to the central hub.6. If one segment is damaged, other segments are not affected.Disadvantages of Tree Topology1. Because of its basic structure, tree topology, relies heavily on the main bus cable, if itbreaks whole network is crippled.2. As more and more nodes and segments are added, the maintenance becomes difficult.3. Scalability of the network depends on the type of cable used. 14
  15. 15. 6) HYBRIDE TOPOLOGY = Before starting about Hybrid topology, we saw thata network topology is a connection of various links and nodes, communicating with eachother for transfer of data. We also saw various advantages and disadvantagesof Star, Bus, Ring, Mesh and Tree topologies. Now lets discuss what Hybrid Networktopology is and why it finds its application in Wide Area Networks. Hybrid, as the namesuggests, is mixture of two different things. Similarly in this type of topology weintegrate two or more different topologies to form a resultant topology which has goodpoints(as well as weaknesses) of all the constituent basic topologies rather than havingcharacteristics of one specific topology. This combination of topologies is done accordingto the requirements of the organization.For example, if there exists a ring topology in one office department while a bus topologyin another department, connecting these two will result in Hybrid topology. Rememberconnecting two similar topologies cannot be termed as Hybrid topology. Star-Ring andStar-Bus networks are most common examples of hybrid network.Lets see the benefits and drawbacks of this networking architecture Hybrid Network Topology ImageAdvantages of Hybrid Network Topology1) Reliable : Unlike other networks, fault detection and troubleshooting is easy in thistype of topology. The part in which fault is detected can be isolated from the rest ofnetwork and required corrective measures can be taken, WITHOUT affecting thefunctioning of rest of the network.2) Scalable: Its easy to increase the size of network by adding new components, withoutdisturbing existing architecture.3) Flexible: Hybrid Network can be designed according to the requirements of theorganization and by optimizing the available resources. Special care can be given to 15
  16. 16. nodes where traffic is high as well as where chances of fault are high.4) Effective: Hybrid topology is the combination of two or more topologies, so we candesign it in such a way that strengths of constituent topologies are maximized while thereweaknesses are neutralized. For example we saw Ring Topology has good data reliability(achieved by use of tokens) and Star topology has high tolerance capability (as each nodeis not directly connected to other but through central device), so these two can be usedeffectively in hybrid star-ring topology.Disadvantages of Hybrid Topology1) Complexity of Design: One of the biggest drawback of hybrid topology is its design.Its not easy to design this type of architecture and its a tough job for designers.Configuration and installation process needs to be very efficient.2) Costly Hub: The hubs used to connect two distinct networks, are very expensive.These hubs are different from usual hubs as they need to be intelligent enough to workwith different architectures and should be function even if a part of network is down.3) Costly Infrastructure: As hybrid architectures are usually larger in scale, theyrequire a lot of cables, cooling systems, sophisticate network devices, etc. CABLES (PHYSICAL MEADIA)There are three types of cable 1) COAXIAL CABLE 2) TWISTED PAIR CABLE 3) FIBER OPTIC CABLE1) COAXIAL CABLE = A type of wire that consists of a center wire surrounded byinsulation and then a grounded shield of braided wire. The shield minimizes electricalEMI (Electromagnetic interference) and radio frequency interference.Coaxial cabling is the primary type of cabling used by the cable television industry and isalso widely used for computer networks, such as Ethernet. Although more expensive thanstandard telephone wire, it is much less susceptible to interference and can carry muchmore data.There two types of coaxial cable:- A) Tinnet coaxial cable( RG58) B) Tick net coaxial cable (RG 8) 16
  17. 17. CABLE = TINNET CABLE = TICK NET10 BASE 2 10 BASE 2SINGNAL = BASEBAND / DIGITAL SINGNAL = BASEBAND/DIGITALSPEED = 10 MBPS SPEED = 10 MBPSLENGTH = 18.5 METER LENGTH =500 METERSCONNECTOR = BNC CONNECTOR = AUI, VAMPIREDIAMETER = 0.25 CM DIAMETER = 0.96 CMBNC =British novel connectorAUI = Attachment User interfaceRG = Radio Government2) TWISTED PAIR CABLE= A type of cable that consists of two independentlyinsulated wires twisted around one another. The use of two wires twisted together helpsto reduce crosstalk and electromagnetic induction. While twisted-pair cable is used byolder telephone networks and is the least expensive type of local-area network(LAN) cable, most networks contain some twisted-pair cabling at some point along thenetwork. Connector RJ45, RJ11. RJ stands for Register jack.There are two types of Twisted Pair Cable1) UTP (UNSHIELDED TWISTED PAIR CABLE)2) STP (SHIELDED TWISTED PAIR CABLE)1) UTP = UTP stands for Unshielded Twisted Pair cable. UTP cable is a 100 ohm coppercable that consists of 2 to 1800 unshielded twisted pairs surrounded by an outer jacket.They have no metallic shield. This makes the cable small in diameter but unprotectedagainst electrical interference. The twist helps to improve its immunity to electrical noiseand EMI.2) STP= a type of copper telephone wiring in which each of the two copper wires that aretwisted together are coated with an insulating coating that functions as a ground for thewires. The extra covering in shielded twisted pair wiring protects the transmission linefrom electromagnetic interference leaking into or out of the cable. STP cabling often isused in Ethernet networks, especially fast data rate Ethernets. 17
  18. 18. CROSSOVER CABLE COLOR CODDIGN 13 26FIRST END LAST ENDT568B T568AORANGE-WHITE GREEN –WHITEORANGE GREENGREEN WHITE ORANGE-WHITEBLUE BLUEBLUE-WHITE BLUE-WHITEGREEN ORANGEBROWN-WHITE BROWN-WHITEBROWN BROWNCROSS CABLE USE:- 13 AND 26FIRST END =T568B AND SECOND END = T568AIT is used to connect similar devices like PC to PC, HUB TO HUB, SWITCH TOSWITCH and ROUTER TO PC.STRIGHT THROUGH CABLE:-FIRST END =T568B AND SECOND END T568BIt is used to connect dissimilar devices like pc to hub, switch to pc, ROUTER TOSWITCH, MODEM TO PC , SWITCH TO MODEMROLLEDOVER CABLE:- It is used to connect router‘s console port to pc . Androuter‘s console port is used to configure router.First end =T568B and second end= just opposite T568B 18
  19. 19. 3) FIBER OPTIC CABLE =Fiber Optic Cable Transmit digital signals using the lightimpulse rather then analog signals. It is save from EMI. Optical fiber consists ofa core and a cladding layer, selected for total internal reflection due to the difference inthe refractive between the two. In practical fibers, the cladding is usually coated with alayer of acrylate polymer or polyimide. This coating protects the fiber from damage butdoes not contribute to its optical waveguide properties. Individual coated fibers (or fibersformed into ribbons or bundles) then have a tough resin buffer layer and/or core tube(s)extruded around them to form the cable core. Several layers of protective sheathing,depending on the application, are added to form the cable. Rigid fiber assembliessometimes put light-absorbing ("dark") glass between the fibers, to prevent light thatleaks out of one fiber from entering another. This reduces cross-talk between the fibers,or reduces flare in fiber bundle imaging applications.There are two types of Fiber optic cable-A)Single Mode Fiber Optic CableB) Multi Mode Fiber Optic Cable Single Mode Fiber Optic Cable can transmit only single light rays whilemultimode Fiber optic cable can transmit multiple light Signal. Multimode Fiber optic cable is used for short distance application and Singlemode fiber optic cable is used for long distance Fiber optic cable can transmit up to 40 Kilometers . It support bandwidth 100Mbps 1Gbps and 10Gbps. Connectors for Fiber Optic cable ST(straight Tip) and SC(Subscriber Connector)and the SC connector is developed by AT&T. Fiber optic cable is very costly and it is difficult to install, it is required a biggerinvestment in installation. 19
  20. 20. Wi-Fi: - Wi-Fi is a popular technology that allows an electronic device to exchangedata wirelessly (using radio wave) over a computer network, including high-speed Internet connections. IEEE STANDRAD 802.11PROTOCOL: - A uniform set of rules that enable two devices to connect and transmitdata to one another. Protocols determine how data are transmitted between computingdevices and over networks. They define issues such as error control and data compressionmethods. OSI (OPEN SOURCE INTERCONNECTION) MODELOSI model is seven layer conceptual models that define the communication method ofcomputer network. It defines the communication process in 7 layers. OSI model wasdeveloped by ISO (international standard organization) in 1977(in some web site itshould be 1984 1980 and 1974). First network is developed by IBM and it works onlyIBM devices. That‘s by OSI model was develop that a common platform can be given toall devices that dissimilar devices can communicate.Seven Layer of OSI model :- 20
  21. 21. 1) PHYSICAL LAYER2) DATA LINK LAYER3) NETWORK LAYER4) TRANSPORT LAYER5) SESSION LAYER6) PRESENTATION LAYER7) APPLICATION LAYERThe upper layers (application, presentation and session) of the OSI model representsoftware that implements network services like encryption and connection management.The lower layers (transport, network, data link and physical) of the OSI modelimplement more primitive, hardware-oriented functions like routing, addressing, and flowcontrol.You can remember OSI layer by All People Seem To Need Data Processing.LAYER 1- PHYSICAL LAYER:-It is layer first of OSI model. Physical layer defines the cable or physical medium itself,e.g., thinnet, thicknet, unshielded twisted pairs (UTP). All media are functionallyequivalent. The main difference is in convenience and cost of installation andmaintenance. It define electrical and optical signaling, voltage levels, data transmissionrate, as well as mechanical specifications such as cable lengths and connectors, theamount of pins and their Functions. Converters from one media to another operate at thislevel.Data unit = bitDevices = Hub, Repeater, cable, connectors, NICs, WAPs, LAN, WAN, Interface such asRS-232 ,OC-3, BRI And Antennas. It received data from data link layer in the form of Frame then converts it into bit.LAYER 2- DATA LINK LAYER:-It is second layer of OSI modelData Unit = FrameDevices = Switch, BridgeProtocol = STP, VTP, HDLC, PPP, FRAM RELAY.It takes data from network layer in the form of Packet than attached header and trailer onthis packet now it becomes frame. Its header has the information about source Mac,destination Mac, Ether type, ant it trailer has information about FCS.FCS=FCS apply algorithm on data and generate 4Byte code and at the receiving endAgain FCS apply Algorithm and Generate 4 Byte code. If code is same then no error andno modification while transmission otherwise again send data it gives flow control. The Maximum Transmission Unit (MTU). The data link layer handles the physicaland logical connections to the packets destination, using a network interface. A hostconnected to an Ethernet would have an Ethernet interface to handle connections to theoutside world, and a loop back interface to send packets to it. Layer two Broadcastaddress FF:FF:FF:FF:FF:FF . 802.5 For token ring TWO sub layer of data link layer is-A) LLC(logical link control layer)B) MAC(media access control layer) 21
  22. 22. A) LLC= The uppermost sub layer, LLC, multiplexes protocols running a top the datalink layer (Network layer), and optionally provides flow control, acknowledgment, anderror notification. The LLC provides addressing and control of the data link. It specifieswhich mechanisms are to be used for addressing stations over the transmission mediumand for controlling the data exchanged between the originator and recipient machines.Standard 802.2B)MAC=MAC may refer to the sub layer that determines who is allowed to access themedia at any one time (usually CSMA/CD). Other times it refers to a frame structure withMAC addresses inside. There are generally two forms of media access control:distributed and centralized. Both of these may be compared to communication betweenpeople. In a network made up of people speaking, i.e. a conversation, we look for cluesfrom our fellow talkers to see if any of them appear to be about to speak. If two peoplespeak at the same time, they will back off and begin a long and elaborate game of saying"no, you first". The Media Access Control sub layer also determines where one frame of data ends andthe next one starts – frame synchronization. There are four means of framesynchronization: time based, character counting, byte stuffing and bit stuffing. IEEEStanders Of data link (MAC Sublayer) layer 802.3,802.4,802.5 and 802.11. 22
  23. 23. LAYER3-NETWORK LAYERIt is layer 3 of OSI modelData Unit = PacketDevices =RouterProtocol= Routed and Routing ProtocolLayer three Broadcast address Protocol=It is define the method of Packet Transmission in InternetworkExample =IP, IPx, AppleTalkRouting Protocol=It select the best path for packet Transmission example RIP IGRPEIGRP OSPF. It received data from transport layer in the form of segment then attach header onsegment now it become packet. Its header has information about source ip address anddestination ip address. Router understands the ip address and it creates routing tables.Routing tables has information about best path for packet transmission. The network layer is the layer at which IP (Internet protocol) operates. Otherprotocols in the TCP/IP suite of protocols, which forms the basis of the Internet and mostother networks, that also operate in this layer are ICMP, IPsec, ARP, RIP, OSPF andBGP.The network layer is responsible for routing, which is moving packets (thefundamental unit of data transport on modern computer networks) across the networkusing the most appropriate paths. It also addresses messages and translates logicaladdresses (i.e., IP addresses) into physical addresses (i.e., MAC addresses).LAYER4-TRANSPORT LAYERIt is layer 4 of OSI modelData Unit = SegmentProtocol = TCP, UDP 23
  24. 24. It received data from session layer in the form of data and divided it intosegments, Each and every segment has a header, its header has information about sourceport no, destination port no, sequence no and Acknowledgement number and window etc.The Transport layer is responsible for end-to-end (source-to-destination) data delivery.The Transport layer ensures the reliable arrival of messages and provides error checkingmechanisms and data flow controls. The Transport layer provides services for both"connection-mode" transmissions and for "connectionless-mode" transmissions. Forconnection-mode transmissions, a transmission may be sent or arrive in the form ofpackets that need to be reconstructed into a complete message at the other end.Header format of Transport LayerLAYER 5- SESSION LAYERIt is fifth layer of OSI modelData Unit = Data It creates session between different communication process and it is responsiblefor the mechanism for opening, closing and managing a session between end-userapplication processes, i.e., a semi-permanent dialogue. Communication sessions consistof requests and responses that occur between applications. Session-layer services arecommonly used in application environments that make use of remote procedure 24
  25. 25. calls (RPCs). These layers also provide the dialog control between devices or nodes. It isalso control communication mode. Three are three types of communication mode.A) SimplexB) Half DuplexC) Full DuplexA) Simplex =In simplex operation, a network cable or communications channel can onlysend information in one direction; its a ―one-way street‖. In simple way only one waycommunication.B) Half Duplex=A half-duplex (HDX) system provides communication in bothdirections, but only one direction at a time (not simultaneously). Typically, once a partybegins receiving a signal, it must wait for the transmitter to stop transmitting, beforereplying (antennas are of trans-receiver type in these devices, so as to transmit andreceive the signal as well). Example cordless, Hub.C) Full Duplex= A full-duplex (FDX), or sometimes double-duplex system, allowscommunication in both directions, and, unlike half-duplex, allows this to happensimultaneously. Land-line telephone networks are full-duplex, since they allow bothcallers to speak and be heard at the same time. A good analogy for a full-duplex systemwould be a two-lane road with one lane for each direction. Example mobile call, Switch.LAYER 6-PRESENTATION LAYERIt is layer 6 th of OSI model.Data Unit=dataThe Presentation layer ‗represent‘ the data in particular format of The Application layer.It defines encryption, Compression, Conversion and coding Function. Data are passedfrom the application layer services. These data must then be formatted into agreed-uponcodes. The codes can be alphanumeric, numeric, video, audio, or program instructioncodes. The presentation layer may also be responsible for data compression andencryption. The three most common types of translation methods are bit order, byteorder, and character code translation. Encryption services provided by the OSIpresentation layer protocols include transposition, substitution, and algebraic methodsENCRIPTION = Encryption is the conversion of data into a form, called a cipher text,that cannot be easily understood by unauthorized people. Decryption is the process ofconverting encrypted data back into its original form, so it can be understood able.COMPRESSION= Compression is the process of reducing the size of a file by encodingits data information more efficiently. By doing this, the result is a reduction in thenumber of bits and bytes used to store the information. In effect, a smaller file size isgenerated in order to achieve a faster transmission of electronic files and a smaller spacerequired for its downloading.TRANSLATION= The presentation layer serves as the data translator for the network.This layer on the sending computer translates the data sent by the application layer into a 25
  26. 26. common format. At the receiving computer, the presentation layer translates the commonformat to a format known to the application layer. Character-code translation, such asfrom ASCII to EBCDIC.LAYER 7- APPLICATION LAYERIt is layer 7 of OSI modelData Unit = dataProtocol = Http, Telnet, Ftp, Tftp, Smtp, NtpThe application layer provider different services to the application. Examples of servicesprovided by this layer are file transfer, electronic messaging e-mail, virtual terminalaccess and network management. Data is often encoded using different schemes, such asASCII, EBCIDC or UNICODE. It is provide interface for different Application like ms-word, ms-outlook, Http.ASCII = American standard code for information interchangeEBCIDC= Extended binary coded decimal interchange codeUNICODE= Unique Universal and Uniform character encodingTypes of TransmissionUnicastUnicast packets are sent from host to host. The communication is from a single host toanother single host. There is one device transmitting a message destined for one receiver.In simple word one to one communication.Broadcast 26
  27. 27. Broadcast is when a single device is transmitting a message to all other devices in a givenaddress range. This broadcast could reach all hosts on the subnet, all subnets, or all hostson all subnets. Broadcast packets have the host (and/or subnet) portion of the address setto all ones. By design, most modern routers will block IP broadcast traffic and restrict itto the local subnet. In word one to all communication.MulticastMulticast is a special protocol for use with IP. Multicast enables a single device tocommunicate with a specific set of hosts, not defined by any standard IP address andmask combination. This allows for communication that resembles a conference call.Anyone from anywhere can join the conference, and everyone at the conference hearswhat the speaker has to say. The speakers message isnt broadcasted everywhere, butonly to those in the conference call itself. A special set of addresses is used for multicastcommunication. In simple word One to many communication.TYPES OF SWITCHINGPACKET SWITCHING= Packet-switched networks move data in separate, smallblocks -- packets -- based on the destination address in each packet. When received,packets are reassembled in the proper sequence to make up the message. Packet-switchednetworks handled data.CIRCUIT SWITCHING=Circuit-switched networks require dedicated point-to-pointconnections during calls. Circuit-switched networks and packet-switched networks havetraditionally occupied different spaces within corporations. Circuit-switched networkswere used for phone calls.MESSAGE SWITCHING =Sometimes there is no need for a circuit to be establishedall the way from the source to the destination. Consider a connection between the users(A and D) in the figure below (i.e. A and D) is represented by a series of links (AB, BC,and CD).A connection between two systems A & D formed from 3 linksFor instance, when a telex (or email) message is sent from A to D, it first passes over alocal connection (AB). It is then passed at some later time to C (via link BC), and fromthere to the destination (via link CD). At each message switch, the received message isstored, and a connection is subsequently made to deliver the message to the neighboringmessage switch. Message switching is also known as store-and-forward switching sincethe messages are stored at intermediate nodes en route to their destinations. 27
  28. 28. TCP/IP MODELTCP/IP =Transmission Control Protocol/Internet ProtocolA) It is developed by DOD (Department OF Defiance) in 1970B) It present the data integrity while means of data transmissionC) It is four Layer ModelThe Four Layer‘s of TCP/IPThe Transmission Control Protocol (TCP) is one of the core protocols of the InternetProtocol Suite. TCP is one of the two original components of the suite, complementingthe Internet Protocol (IP), and therefore the entire suite is commonly referred toas TCP/IP. TCP provides reliable, ordered delivery of a stream of bytes from a programon one computer to another program on another computer. TCP is the protocol used bymajor Internet applications such as the World Wide Web, email, remoteadministration and file transfer. Other applications, which do not require reliable datastream service, may use the User Datagram Protocol (UDP), which providesa datagram service that emphasizes reduced latency over reliability. TCP/IP is a Protocolsuit it means collection of protocols. TCP/IP protocols map to a four-layer conceptualmodel known as the DARPA model, named after the U.S. government agency thatinitially developed TCP/IP. The four layers of the DARPA model1) LAYER 1 – NETWORK LAYER /LINK LAYER Link layer is the lowest layer in the Internet Protocol Suite (TCP/IP), the networkingarchitecture of the Internet (RFC 1122, RFC 1123). It is the group of methodsor protocols that only operate on a hosts link. The link is the physical and logicalnetwork component used to interconnect hosts or nodes in the network and a linkprotocol is a suite of methods and standards that operate only between adjacent network 28
  29. 29. nodes of a Local area network segment or a wide area network connection. TCP/IP andOSI, the link layer is often described as a combination of the data link layer and thephysical layer in the OSI protocol stack. However, TCP/IPs layers are descriptions ofoperating scopes (application, host-to-host, network, and link) and notdetailed prescriptions of operating procedures, data semantics, or networkingtechnologies. RFC 1122 exemplifies that local area network protocols such as Ethernetand IEEE 802, and framing protocols such as Point-to-Point Protocol (PPP), ARP,RARPbelong to the link layer.2) LAYER 2 – INTERNET LAYERThe Internet layer in the TCP/IP reference model is responsible for transferring databetween the source and destination computers. The Internet layer accepts data from theTransport layer and passes the data to the Network Interface layer. The following are thefunctions of the Internet layer: Transmitting data to the Network Interface layer. Routingthe data to the correct destination. This layer takes care of sending the data through theshortest route if more than one route is available. In addition, if a route through which adatagram is to be sent has problems, the datagram is sent through an alternate route. IPencapsulates data into IP datagram‘s, which in turn are encapsulated inside NetworkInterface layer frames. IP datagram‘s are the basic units of information that are passedacross a Transmission Control Protocol/Internet Protocol (TCP/IP) network. Thedatagram header contains information, such as the source IP address and the destinationIP address. The header also contains information about which protocol will receive datafrom IP. These protocols are the User Datagram Protocol (UDP), the TransmissionControl Protocol (TCP), and ICMP. IP IPv4, IPv6, ICMP, ICMPv6, ECN, IGMP , IPsecIP DATA GRAMHEADER 29
  30. 30. 3) LAYER 3- TRANSPORT LAYERThe Transport layer transports data to and from the correct application. This process isknown as end-to-end communication. In TCP/IP the Transport layer provides a transportservice for application data. The Transport layer header includes a destination portnumber that identifies the destination application program on the remote machine and asource port number that identifies the application on the originating machine. In addition,the Transport layer handles error detection, can handle recovery problems, and regulatesthe flow of information. The way, in which the Transport layer handles error detection,the sequence of data, and flow regulation depends on which protocol is used. There aretwo main protocols that operate at the Transport layer, TCP and UDP. The TCP/IPprotocol stack features two Transport layer protocols, TCP and UDP:Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)is atransportation protocol that is one of the core protocols of the Internet protocol suite.Both TCP and UDP work at transport layer TCP/IP model and both have very differentusage.Difference between TCP and UDPTCP UDPReliability: TCP is connection-oriented Reliability: UDP is connectionlessprotocol. When a file or message send it will protocol. When you a send a data orget delivered unless connections fails. If message, you dont know if itll get there, itconnection lost, the server will request the could get lost on the way. There may belost part. There is no corruption while corruption while transferring a message.transferring a message.Ordered: If you send two messages along a Ordered: If you send two messages out, youconnection, one after the other, you know the dont know what order theyll arrive infirst message will get there first. You dont i.e. no orderedhave to worry about data arriving in thewrong order.Heavyweight: - when the low level parts of Lightweight: No ordering of messages, nothe TCP "stream" arrive in the wrong order, tracking connections, etc. Its just fire andresend requests have to be sent, and all the forget! This means its a lot quicker, and theout of sequence parts have to be put back network card / OS have to do very littletogether, so requires a bit of work to piece work to translate the data back from thetogether. packets.Streaming: Data is read as a "stream," with Datagrams: Packets are sent individuallynothing distinguishing where one packet and are guaranteed to be whole if theyends and another begins. There may be arrive. One packet per one read call.multiple packets per read call.Examples: World Wide Web (Apache TCP Examples: Domain Name System (DNSport 80), e-mail (SMTP TCP port 25 Postfix UDP port 53), streaming mediaMTA), File Transfer Protocol (FTP port 21) applications such as IPTV or movies, Voice 30
  31. 31. and Secure Shell (OpenSSH port 22) etc. over IP (VoIP), Trivial File Transfer Protocol (TFTP) and online multiplayer games etc Basic UDP informationUDP is a connectionless, stateless, and unreliable protocol. It is faster and more efficientfor many lightweight or time-sensitive purposes. Also, its stateless nature is useful forservers that answer small queries from huge numbers of clients. UDP is requiredfor broadcast (send to all on local network) andmulticast (send to all subscribers).With UDP, the application is responsible for handling message loss, duplication,sequence (delivery out of order), and loss of connection. UDP receives incoming datafrom the application and encapsulates the data into UDP datagrams. UDP datagrams havea leading header section hat contains the source and destination port numbers, followedby the data section. 16 32 bits Source port Destination port Length Checksum Data Basic TCP InformationTCP is a connection-oriented, state full , and reliable protocol. TCP is suited forsituations where large volumes of data must travel between systems, particularly acrossmultiple routers and gateways. TCP has four main features:  Virtual circuit connection  Full-duplex connection  Unstructured stream orientation  Buffered transferThe TCP segment header has more fields then UDP header. The TCP header structure isas follows: 31
  32. 32. 16 32 bits Source port Destination port Sequence number Acknowledgement numberOffset Reserved U A P R S F Window Checksum Urgent pointer Option + Padding Data TCP header structure4) LAYER 4- APPLICATION LAYERIn TCP/IP, the application layer contains all protocols and methods that fall into therealm of process-to-process communications across an Internet Protocol (IP) network.Application layer methods use the underlying transport layer protocols to establish host-to-host connections. In the OSI model, the definition of its application layer is narrowerin scope, explicitly distinguishing additional functionality above the transport layer at twoadditional levels, the session layer and the presentation layer. OSI specifies strict modularseparation of functionality at these layers and provides protocol implementations for eachlayer. Remote login category (Telnet), File transfer category (FTP, TFTP), Electronicmail category (SMTP, IMAP, POP), Support services category (DNS, RARP, BOOTP,SNMP, CMOT) 32
  33. 33. APPLICATION LAYER PROTOCOLS =1) TELNET = (PORT NO 23 /TCP) Telnet is used to access a system form remotelocation via command line. We can use telnet when it configures both sides. It isunsecured because it sends user name and password in plan text format.Example: - c :> telnet FTP = (PORT NO 20=DATA 21=CONNETION /TCP) FTP stands for file transferprotocol. It is just not a protocol it is a program and Application that allow to accessdirectory and files. Port number 20 is used to transfer data and port no 21 is used to maintainconnection (creating, managing and establishing).this protocol is used to download andupload files. FTP is built on client-server architecture and uses separate control and dataconnections between the client and the server.[1] FTP users may authenticate themselvesusing a clear-text sign-in protocol, normally in the form of a username and password, butcan connect anonymously if the server is configured to allow it. For secure transmissionthat hides (encrypts) your username and password, as well as encrypts the content, youcan try using a client that uses SSH File Transfer Protocol.FTPS=(PORT NO DATA=989/TCP/UDP, CONTROL=990 TCP/UDP) It stands for FileTransfer Protocol Secure. FTPS (also known as FTP Secure and FTP-SSL) is anextension to the commonly used File Transfer Protocol (FTP) that adds support forthe Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographicprotocols.FTPS should not be confused with the SSH File Transfer Protocol (SFTP), anincompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is alsodifferent from Secure FTP, the practice of tunneling FTP through an SSH connection.3) TFTP= (PORT NO 69/UDP) Trivat File Transfer Protocol. TFTP is used to UDPthat‘s by it is unsecured, unreliable. It is also used to download and upload files. It isfaster then FTP. TFTP has no login feature (it does not prompt for user name andpassword). original versions of TFTP only allowed transferring files up to 32 megabytesin size (some newer TFTP servers remove this restriction).4) SMTP = (PORT NO 25/TCP SMTPS=587) Simple Mail Transfer Protocol, aprotocol for sending e-mail messages between servers. Most e-mail systems that sendmail over the Internet use SMTP to send messages from one server to another By usingMTA(Mail transfer agent); the messages can then be retrieved with an e-mail client usingeither POP or IMAP. In addition, SMTP is generally used to send messages from a mailclient to a mail server. This is why you need to specify both the POP or IMAP server andthe SMTP server when you configure your e-mail application. SMTP connectionssecured by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol inits own right . SMTPS PORT NO 587. 33
  34. 34. 5) IMAP =(PORT NO 143/TCP IMAPS=993) This protocol is used to accessing e-mailfrom your local server. IMAP is a client/server protocol in which e-mail is received andheld for you by your Internet server. In other words, it permits a "client" email program toaccess remote message stores as if they were local. For example, email stored on anIMAP server can be manipulated from a desktop computer at home, a workstation at theoffice, and a notebook computer while traveling, without the need to transfer messages orfiles back and forth between these computers. IMAP over SSL (IMAPS) is assignedwell-known port number 993.6) POP = (PORT NO POP2=109/TCP, POP3=110/TCP, POP3S=995) There are twotypes of Post Office Protocol (POP2, POP3). Post Office Protocol (POP) isan application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. POP and IMAP are the two mostprevalent Internet standard protocols for e-mail retrieval. Virtually all modern e-mailclients and servers support both. The POP protocol has been developed through severalversions, with version 3 (POP3) being the current standard. Most web mail serviceproviders such as Hotmail, Email and Yahoo! Mail also provide IMAP and POP3 service.POP3 can be used with or without SMTP. Encrypted communication for POP3 is eitherrequested after protocol initiation, using the STLS command, if supported, or by POP3S,which connects to the server using Transport Layer Security (TLS) or Secure SocketsLayer (SSL) on well-known TCP port 995 (e.g. Google Gmail).7) DNS = (PORT NO 53 /TCP/UDP) It stands for Domain Name System. It is adatabase system that translates a computers fully qualified domain name into an IPaddress. To send information it uses TCP, and for Zone Transfer it uses UDP for namedfunction like to reduce the query of DNS Client. DNS server resolves Name to IP addressand IP to Name. DNS automatically converts the names we type in our Web browseraddress bar to the IP addresses of Web servers hosting those sites. DNS implements adistributed database to store this name and address information for all public hosts on theInternet. DNS assumes IP addresses do not change (are statically assigned rather thandynamically assigned). The DNS database resides on a hierarchy of special database servers. Whenclients like Web browsers issue requests involving Internet host names, a piece ofsoftware called the DNS resolver (usually built into the network operating system) firstcontacts a DNS server to determine the servers IP address. If the DNS server does notcontain the needed mapping, it will in turn forward the request to a different DNS serverat the next higher level in the hierarchy. After potentially several forwarding anddelegation messages are sent within the DNS hierarchy, the IP address for the given hosteventually arrives at the resolver, that in turn completes the request over InternetProtocol. Internet Service Providers (ISPs) maintain their own DNS servers anduse DHCP to automatically configure clients, relieving most home users of the burden ofDNS configuration. Each domain name registered with NTC Hosting comes with a complete set of DNSrecords: A, NS, MX, which you can easily manage from the user-friendly webhosting Control Panel. Along with these records, you can easily 34
  35. 35. set AAAA, TXT, SRV and CNAME records for your domain name from the ControlPanel.Recursive Query = With a recursive name query , the DNS client requires that the DNSserver respond to the client with either the requested resource record or an error messagestating that the record or domain name does not exist. The DNS server cannot just referthe DNS client to a different DNS server. Thus, if a DNS server does not have the requested information when it receives arecursive query; it queries other servers until it gets the information, or until the namequery fails. Recursive name queries are generally made by a DNS client to a DNS server, or bya DNS server that is configured to pass unresolved name queries to another DNS server,in the case of a DNS server configured to use a forwarder.Iterative Query = An iterative name query is one in which a DNS client allows the DNSserver to return the best answer it can give based on its cache or zone data. If the queriedDNS server does not have an exact match for the queried name, the best possibleinformation it can return is a referral (that is, a pointer to a DNS server authoritative for alower level of the domain namespace). The DNS client can then query the DNS server forwhich it obtained a referral. It continues this process until it locates a DNS server that isauthoritative for the queried name, or until an error or time-out condition is met. This process is sometimes referred to as "walking the tree," and this type of queryis typically initiated by a DNS server that attempts to resolve a recursive name query fora DNS client. 35
  36. 36. 8) DHCP= (PORT NO 67= DHCP SERVER, 68= DHCP CLIENT /UDP)Dynamic Host Configuration Protocol enables you to automatically assign reusable IPaddresses (IP address, Default Gateway, subnet mask, and DNS server IP) to DHCPclients. It use UDP services .DHCP server port no. is 67 and client port no is 68.DISCOVER: When a client is configured with the IP setting to obtain Ip addressautomatically. Then the client will search for DHCP server and the UDP Broadcast to theserver about the DHCP discover.OFFER: DHCP Server will offers a scope of IP address available in the pool.REQUEST: In response to the offer, the Client will requests for an IP address.ACKNOWLEDGE: In response to the request, server will responds with all IP address,Mask, Gateway, DNS and wins info along with the acknowledgment packet.Technical info of DORA Process = When the term "broadcast" is used, there are twotypes of broadcasts: 1) Network Layer broadcast and 2) Datalink Layer broadcast. ForInternet Protocol, the standard broadcast DESTINATION address is Ethernet, the broadcast DESTINATION address is FF:FF:FF:FF:FF:FF. You have tothink of the DORA process in terms of encapsulation and decapsulation, as well as switchbehavior with frames it receives. So lets say youve got two computers, a client host and a server host. The clienthost is the DHCP client and the server host is the DHCP server. Lets call the client hostPC and the DHCP server DHCP. Now, when the PC is turned on, the NIC has a MAC address but no IP address.So the PC tries to "Discover" the DHCP server by sending out a "Discover" packet. Inthat packet, the destination IP address is and source IP address of0.0.0.0 (because the PC doesnt have an IP address yet). That Discover packet isencapsulated into an Data Link layer Ethernet Frame. That Ethernet Frame has adestination address of FF:FF:FF:FF:FF:FF and the source address of whatever the MACaddress of the PCs nic is, lets call it PC:MA:CA:DD:RR:SS (I know this is not a validMAC address). Now, since the destination address is FF:FF:FF:FF:FF:FF, the first switchthat receives the frame will, by definition, send that frame out of every single switch port,except the switch port that received the frame. Since the switch doesnt know (from itsCAM table), who FF:FF:FF:FF:FF:FF is, it forwards the Discover packet out of every 36
  37. 37. single switch port, except the switch port that received the frame. Lets say the DHCPserver is directly connected to the switch. So the DHCP server first receives the Ethernetframe with the destination address of FF:FF:FF:FF:FF:FF (which by definition, meansitself), and a source address of PC:MA:CA:DD:RR:SS. So when the DHCP serverreceives that Discover Packet, it replies to it by sending the Offer Packet. Since theDHCP server has no idea who was contacting them (since PC currently has an IP addressof, the Offer packet has the destination address of But theDHCP server remembered the MAC address of whoever it was trying to contact them, sothe DHCP server sends out the Offer packet in a frame with a destination address ofPC:MA:CA:DD:RR:SS and uses its own source address of DH:CP:SE:RV:ER:MC(again, I know this is not a valid MAC address). So the Offer packet is sent from theDHCP server to the PC as a unicast not a broadcast. So the switch receives the framefrom the DHCP server and forwards it to the PC which receives the Offer packet. Thenthe rest of the DHCP process of R and A occurs.So thats why the "...the first two messages in the DHCP are broadcast messages..." refersto Network Layer IP broadcast messages (destination IP address of "...only the first message (the Discover message) is a LAN Broadcast..." becauseonly the Discover packets frame had the Ethernet destination address ofFF:FF:FF:FF:FF:FF (therefore a LAN broadcast) and the Offer packets frame had theEthernet destination address of PC:MA:CA:DD:RR:SS (therefore a LAN unicast).DHCP RELAY AGENTThe DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent overrouters that do not support forwarding of these types of messages. The DHCP RelayAgent is therefore the routing protocol that enables DHCP clients to obtain IP addressesfrom a DHCP server on a remote subnet, or which is not located on the local subnet. Ifyou have no configured DHCP Relay Agent, your clients would only be able to obtain IPaddresses from the DHCP server which is on the same subnet. To enable clients to obtainIP addresses from a DHCP server on a remote subnet, you have to configure the DHCPRelay Agent on the subnet that contains the remote clients, so that it can relay DHCPbroadcast messages to your DHCP server. 37
  38. 38. 9)BOOTP = (PORT NO 67=server,68=client /UDP) It stands for Boot Strap Protocol.In computer networking, the Bootstrap Protocol, or BOOTP, is a network protocol usedby a network client to obtain an IP address from a configuration server. The BOOTPprotocol was originally defined in RFC 951.BOOTP is usually used during the bootstrap process when a computer is starting up. ABOOTP configuration server assigns an IP address to each client from a pool ofaddresses. BOOTP uses the User Datagram Protocol (UDP) as a transporton IPv4 networks only.Historically, BOOTP has also been used for Unix-like diskless workstations to obtain thenetwork location of their boot image in addition to an IP address, and also by enterprisesto roll out a pre-configured client (e.g., Windows) installation to newly installed PCs.Originally requiring the use of a boot floppy disk to establish the initial networkconnection, manufacturers of network cards later embedded the protocol in the BIOS ofthe interface cards as well as system boards with on-board network adapters, thusallowing direct network booting.The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for thesame purpose and has superseded the use of BOOTP. Most DHCP servers also functionas BOOTP servers.10) HTTP = (PORT NO. =80 /TCP) It stands for Hyper Text Transfer Protocol. It is theprotocol used to convey information of World Wide Web (WWW). HTTP is anapplication protocol for distributed, collaborative, hypermedia informationsystems. HTTP is the foundation of data communication for the World Wide Web.Hypertext is a multi-linear set of objects, building a network by using logical links (the socalled hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol toexchange or transfer hypertext.11) HTTPS = (PORT NO 443 /TCP) It stands for Hyper Text Transfer Protocol Secure.HTTPS is a combination of the Hypertext Transfer Protocol (HTTP) with theSSL/TLS protocol. It provides encrypted communication to prevent eavesdropping andsecure identification of a network web server to know which web server you are reallytalking to. Historically, HTTPS connections were primarily used for payment transactionson the World Wide Web, e-mail and for sensitive transactions in corporate informationsystems. In the late 2000s and early 2010s, HTTPS has began to see widespread use forprotecting page authenticity on all types of websites, securing accounts and keeping usercommunications, identity and browsing history private. During connecting to a website HTTPS makes it possible to know whether you aretalking to the right server and protects from passive and active network attacks suchas Man-in-the-middle attacks. During a session it can protect against eavesdropping andtampering with the contents of the site or with the information you send to the site. As anexample HTTPS can protect from an adversary replacing downloadable content on a sitewith malware. HTTPS is especially important over unencrypted Wi-fi as it is completely insecureby design and attacks on unencrypted Wi-fi networks are relatively common. Note that when a client sends an HTTPS request, the hostname and port of the 38
  39. 39. URL are unencrypted (and thereby visible to an eavesdropper) because this information isneeded to establish and maintain the connection. This means that an eavesdropper can seethe sites you connect to, the amount of time you spend using a site, and the amount ofinformation you upload or download on the particular site . However, all other parts ofthe HTTPS request, including the URL path and query parameters, can only be decryptedby the destination site or by an interposing intermediary that terminates the HTTPSconnection on behalf of the site. A site must be completely hosted over HTTPS, without having some of its contentsloaded over HTTP or the user will be vulnerable to some attacks and surveillance. [12) SNMP = (PORT NO 161/UDP, 162=/TCP/UDP=SNMP trap) Simple NetworkManagement Protocol (SNMP) is a popular protocol for network management. It is usedfor collecting information from, and configuring, network devices, such as servers,printers, hubs, switches, and routers on an Internet Protocol (IP) network. Large networkswith hundreds or thousands of nodes are difficult to manage without a large staff tomonitor every computer. SNMP, which is widely used in local area networks (LANs),lets you monitor network nodes from a management host. You can monitor networkdevices such as servers, workstations, printers, routers, bridges, and hubs, as well asservices such as Dynamic Host Configuration Protocol (DHCP) or Windows InternetName Service (WINS). Use SNMP management software to monitor any network deviceon which you install SNMP agent software. The SNMP agent, which is an optionalcomponent of Windows Server 2003, interacts with third-party SNMP managementsoftware to enable the sharing of network status information between monitored devicesand applications and the SNMP management system that monitors them. The followingfigure shows this process. Asynchronous notification from agent to manager. Includescurrent sysUpTime value, an OID identifying the type of trap and optional variablebindings. Destination addressing for traps is determined in an application-specific mannertypically through trap configuration variables in the MIB. The format of the trap messagewas changed in SNMPv2 and the PDU was renamed SNMPv2-Trap.13)WINS=(PORT NO 42/TCP/UDP) Although NetBIOS and NetBIOS names can beused with network protocols other than TCP/IP, WINS was designed specifically tosupport NetBIOS over TCP/IP (NetBT). WINS is required for any environment in whichusers access resources that have NetBIOS names. If you do not use WINS in such anetwork, you cannot connect to a remote network resource by using its NetBIOS nameunless you use Lmhosts files, and you might be unable to establish file and print sharingconnections.The following figure illustrates the role of WINS for computers that use NetBIOS names.Typically, DHCP is used to assign IP addresses automatically.WINS AND DNS =WINS and DNS are both name resolution services for TCP/IPnetworks. While WINS resolves names in the NetBIOS namespace, DNS resolves namesin the DNS domain namespace. WINS primarily supports clients that run older versionsof Windows and applications that use NetBIOS. Windows 2000, Windows XP, and 39
  40. 40. Windows Server 2003 use DNS names in addition to NetBIOS names. Environments thatinclude some computers that use NetBIOS names and other computers that use domainnames must include both WINS servers and DNS servers.WINS Name Registration and ResolutionIn a typical scenario, the following occurs: 1. ClientA, which uses NetBIOS and is a WINS client, sends a name registration request to its configured primary WINS server (WINSA) when it starts up and joins the network. WINSA adds ClientAs NetBIOS name and IP address to the WINS database. 2. When ClientB needs to connect to ClientA by its name, it requests the IP address from the WINS server. 3. The WINS server locates the corresponding entry in its database and replies with ClientAs IP address.Summary of WINS BenefitsWINS provides the following benefits over other NetBIOS name resolution methods:  WINS name resolution reduces NetBIOS name query broadcast traffic because clients can query a WINS server directly instead of broadcasting queries.  WINS enables the Computer Browser service to collect and distribute browse lists across IP routers.  The WINS dynamic name-to-address database supports NetBIOS name registration and resolution in environments where DHCP-enabled clients are configured for dynamic TCP/IP address allocation.  The WINS database also supports centralized management and replicates name- to-address mappings to other WINS servers. 40
  41. 41.  WINS and DNS can be used in the same environment to provide combined name searches in both namespaces.14)SSH=( PORT NO 22/TCP) It stands for Secure Shell/Secure Socket Shell. SecureShell (SSH) is a network protocol for secure data communication, remote shell servicesor command execution and other secure network services between two networkedcomputers that it connects via a secure channel over an insecure network: a server and aclient (running SSH server and SSH client programs, respectively).The protocolspecification distinguishes two major versions that are referred to as SSH-1 and SSH-2.The best-known application of the protocol is for access to shell accounts on Unix-like operating systems. It was designed as a replacement for Telnet andother insecure remote shell protocols such as the Berkeley rsh and rexec protocols, whichsend information, notably passwords, in plaintext, rendering them susceptible tointerception and disclosure using packet analysis.The encryption used by SSH is intendedto provide confidentiality and integrity of data over an unsecured network, such asthe Internet. SSH is actually a suite of three utilities - slogin, ssh, and scp - that are secure versionsof the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted andsecure in several ways. Both ends of the client/server connection are authenticated usinga digital certificate, and passwords are protected by being encrypted. SSH uses RSA public key cryptography for both connection and authentication.Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default. SSH2, the latest version, is a proposed set of standards from the Internet EngineeringTask Force (IETF).15) TLS/SSL =(Transport Layer Security (TLS) and its predecessor, Secure SocketsLayer (SSL), are cryptographic protocols that provide communication securityoverthe Internet.[1] TLS and SSL encrypt the segments of network connections atthe Transport Layer, using asymmetric cryptography for key exchange,symmetricencryption for privacy, and message authentication codes for message integrity.Several versions of the protocols are in widespread use in applications such as webbrowsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).16)NNTP =(PORT NO 119/TCP) NNTP, the Network News Transfer Protocol, is theprotocol used to send Usenet news messages between servers and from a news server tonewsreader clients. It is a fairly simple protocol, similar in many ways to POP3 or SMTPand is of interest in part because of its simplicity (its a lot easier to write ones ownNNTP implementation for fun than it is to write ones own IMAP implementation forfun). These pages attempt to gather information about the protocol that may be useful toimplementers.17)NTP = (PORT NO 123/UDP) The Network Time Protocol (NTP) is a networkingprotocol for synchronizing the clocks of computer systems over packet-switched,variable-latency data networks. 41
  42. 42. 18) NFS = Network File System (NFS) is a distributed file system protocol originallydeveloped by Sun Microsystems in 1984, allowing a user on a client computer to accessfiles over a network in a manner similar to how local storage is accessed. NFS, like manyother protocols, builds on the Open Network Computing Remote Procedure Call (ONCRPC) system. The Network File System is an open standard defined in RFCs, allowinganyone to implement the protocol.19) ONC RPC = (PORT NO 111 /TCP/UDP) Open NetworkComputing (ONC) Remote Procedure Call (RPC) is a widely deployed remoteprocedure call system. ONC was originally developed by Sun Microsystems as part oftheir Network File System project, and is sometimes referred to as Sun ONC or SunRPC. ONC is considered "lean and mean", but has limited appeal as a generalized RPCsystem for WANs or heterogeneous environments. Systems such as DCE, CORBA andSOAP are generally used in this wider role.ONC is based on calling conventions used in Unix and the C programming language.It serializes data using the XDR, which has also found some use to encode and decodedata in files that are to be accessed on more than one platform. ONC then delivers theXDR payload using either UDP or TCP. Access to RPC services on a machine areprovided via a port mapper that listens for queries on a well-known port (number 111)over UDP and TCP.20) RPC = (PORT NO 111/TCP/UDP) It stands for Remote Procedure Call. In computerscience, a remote procedure call (RPC) is an inter-process communication that allowsa computer program to cause a subroutine or procedure to execute in another addressspace (commonly on another computer on a shared network) without the programmerexplicitly coding the details for this remote interaction. That is, the programmer writesessentially the same code whether the subroutine is local to the executing program, orremote. When the software in question uses object-oriented principles, RPC iscalled remote invocation or remote method invocation.21) LPD =( PORT NO 515 TCP) The Line Printer Daemon protocol/Line PrinterRemote protocol (or LPD, LPR) is a network protocol for submitting print jobs to aremote printer. The original implementation of LPD was in the Berkeley printingsystem in the BSD UNIX operating system; the LPRng project also supports thatprotocol. The Common Unix Printing System (or CUPS), which is more common onmodern Linux distributions, supports LPD as well as the Internet Printing Protocol (IPP).Commercial solutions are available that also leverage Berkeley printing protocolcomponents, where more robust functionality and performance is necessary than isavailable from LPR/LPD (or CUPS) alone (such as might be required in large corporateenvironments). The LPD Protocol Specification is documented in.22) X-WINDOWS = (PORT NO 6000/TCP) X Windows is the predominate windowingsystem on UNIX computers, developed by the X Consortium, lead by M.I.T. AnX server manages the display on the workstation. Clients can connect to server via 42
  43. 43. TCP/IP and perform graphics operations. This makes X Windows much more networkcapable than Microsoft Windows, for example, which can only be accessed via a localAPI.X Windows operates over TCP, typically using server port numbers starting with 6000.The X server for a systems first display listens on port 6000; if the system has a seconddisplay, its server listens on port 6001; a third display would listen on 6002; etc. Theprotocol used over this reliable stream connection is essentially request/reply, and itsreputation is as a fat protocol that consumes a lot of bandwidth. Lightweight X (LWX),introduced in X11R6, attempts to reduces Xs bandwidth needs to the point where it canbe run over dialup modem connections.The X Protocol, documented in a postscript file, defines dozens of messages that can beexchanged between a client and a server. They can generally be classified into fourcategories: Requests, Replies, Events, and Errors. Typical requests include DrawPolyLine, Draw Text, Create Window, Fill. Replies are matched to particular Requests.Events are asynchronous occurances such as keystrokes and mouse clicks. Errors arematched to particular Requests.If a window is partially or fully obscured by another, overlapping window, the server hastwo options available to it. The server can allocate additional memory, called backingstore, to record to contents of the obscured window. This is purely optional, however.The server can simply ignore the obscured part of the window. Later, when that part ofthe window becomes visible again, the server sends an Expose event to the client, whichmust then redraw the affected area. The client, therefore, must be prepared to redraw anypart of its windows at any time.Applications do not need to access the X Windows protocol directly. X Windowssupports several APIs. The most basic of these is Xlib, which interfaces fairly directly tothe underlying network protocol. Most X client applications are linked against Xlib,which allows them to operate on either a local or remote X server, simply by adjustingeither an environment variable or a command-line argument.Widgets layer on top of Xlib and provide X Windows with an object-orientedprogramming model. A widget is an X window capable of handling most of its ownprotocol interaction. The most popular widget sets are Athena Widgets (aw) and Motif.X Windows security model is all-or-nothing. Either an application can perform anyoperation on an X desktop, or it can perform none. There is no concept of limiting anapplication to a single top-level window, for example. Although there is power in thismodel, such as allowing the window manager to be a normal X client, there are alsoserious performance implications. A hostile X client could connect to an X server andarrange to capture any screen image, or even to capture keystrokes as a password is beingtyping in one of the windows. For this reasons, X servers are typically fairly restrictiveabout which clients they will accept connections from. Two major security models areavailable. Host-based security (traditionally controlled by the xhost program), permits or 43
  44. 44. denies connections based on their source IP addresses. Authentication (traditionallycontrolled by the xauthprogram), requires the connecting program to possess a secretpassword, typically stored in a UNIX file and subject to standard UNIX accesscontrols. Kerberos-based authentication is also available.23) THREE WAY HANDSHAKE METHOD =This method is work in TCP. TCPsthree way handshaking technique is often referred to as SYN, SYN-ACK, ACK becausethere are three messages transmitted by TCP to negotiate and start a TCP session betweentwo computers. The TCP handshaking mechanism is designed so thattwo computers attempting to communicate can negotiate the parameters ofthe network TCP socket connection before transmitting data such as SSH and HTTP webbrowser requests.Below is a (very) simplified diagram of the TCP 3-way handshake process. Have a lookat the diagram on the right as you examine the list of events on the left. EVENT DIAGRAM Host A sends a TCP SYNchronize packet to Host B Host B receives As SYN Host B sends a SYNchronize-ACKnowledgement Host A receives Bs SYN-ACK Host A sends ACKnowledge Host B receives ACK. TCP socket connection is ESTABLISHED. TCP Three Way Handshake (SYN,SYN-ACK,ACK)SYNchronize and ACKnowledge messages are indicated by a either the SYN bit, or theACK bit inside the TCP header, and the SYN-ACK message has both the SYN and theACK bits turned on (set to 1) in the TCP header.TCP knows whether the network TCP socket connection is opening, synchronizing,established by using the SYNchronize and ACKnowledge messages when establishinga network TCP socket connection.When the communication between two computers ends, another 3-way communication isperformed to tear down the TCP socket connection. This setup and teardown of a socketconnection is part of what qualifies TCP a reliable protocol. TCP also acknowledges thatdata is successfully received and guarantees the data is reassenbled in the correct order.Note that UDP is connectionless. That means UDP doesnt establish connectionsas TCP does, so UDP does not perform this 3-way handshake and for this reason, it isreferred to as an unreliable protocol. That doesnt mean UDP cant transfer data, it justdoesnt negotiate how the conneciton will work, UDP just transmits and hopes for thebest. 44