Section 10 - The Internet Flashcards
What is a URL
- Unifrom Resource Locator
- specifies the location of a resource on the internet, inlcuding name and file type
- hhtp = method
- www = host
- /webpage = location
what is an ip address
- stands for internet protocol
- unique address assigned to a network device
- indicates where a packet of data is to be sent to or sent from
what is packet switching
a method of communicating packets of data across a network
what is a data packet
- data that is to be transmitted across a network is broken down into more managabke chunks called packets
- each packet contains a header, trailer and payload (the data)
what is in a packet header
- senders IP address
- recipients IP address
- protocol
- packet number
what is in a packet trailer
- end of packet flag
- checksum
what is a router
- routers connect two networks together
- determines which router to send to next
- uses most efficient/shortest route
- updates routing table to reflect network changes
what is a gateway
- if a packet is being moved between networks with different protocols, then a gateway is required to translate
- All of the header data is stripped from the packet and a new header is added in the format of the new network
what is a firewall
- a firewall is either softwareor hardwae that controls access to and from a network
- numbered doors called ports are opened so that only certain traffic is allowed to pass through
what is packet filtering
- packets of data are inspected by the friewall to check which port they are attempting to access
- if the IP address matched those recorded on the administrators permitted list, they are accepted and the port is opened
what is stateful inspection
- the firewall maintains information about current connections
- it can inspect the payload of packets
- only allows relevant packets through
what is a proxy server
- a proxy server makes a web request on behalf of your own computer, hiding the true request IP address from the recipient
- proxy servers can be used for anonymous surfing and provides a cashe of previously visited sites to speed access
what is symmetric (private key) encryption
- uses the same key to encrypt and decrypt data
- this means the key must also be transferred to the same destination as the ciphertext
- this causes security problems as the key can be intercepted as easily as the ciphertext to decrypt the data
what is asymmetric (public key) encryption
- uses two separate, but related keys
- the public key is made public and others wishing to send you data can use it for encryption, but not decryption
- another private key is known only by you and is used for decryption
what is a digital signature
- in order to verify the integrity of a message, the sender can add a digital signature to a message
- the sender creates the signature by reducing the unencrypted message to produce a hash and encrypting the hash using their private key
- the sender bundles the digital signature with the message and encrypts it using the recipients public key
- recipient decrypts the bundle, uses the senders public key to decrypt the signature and compares the hash with their own calcuated hash
what is malicious software (malware)
designed to cause inconvenience, loss or damage to programs, data or computer systems
what is a virus/worm
a standalone program that does not require a user for it to spread or duplicate itself
what is the TCP/IP stack
- a set of rules used in turn to format a message so it can be sent over a network
- contains four layers that each provide a specific function
- stands for transmission control protocol/ internet protocol
what are the four layers of TCIP/IP
- application layer
- transport layer
- network layer
- link layer
what happens in the application layer
- uses protocols related to the application being used
- does not determine how the data is tranmistted, rather specifies the rules
what happens in the transport layer
- uses TCP to establish an end-to-end connection with the recipient computer
- splits the data into packets, labels them with packet numbers and adds the port number based on http protocol
- at the recieving end, this layer confirms all the packets have been recieved and requests any missing ones
- performs error detection
what happens in the network layer
- uses the IP to address packets with the source and destination addresses
- routers operate on this layer and forward each packet towards a socket (endpoint) formed of their IP address and port number
- each router uses a routing table to insruct the next hop
what happens in the link layer
- adds the MAC adress identifying the NICs of the source and destination
what happens when data is recieved
- the link layer removes the MAC adrewss from each packet
- the network layer removes the IP address from each packet
- the transport layer remobes the port number from each packet and reassembles them in the correct order
- the application layer presents the image data for the user in a browser
what is a MAC adress
- media access control address
- unique 12 digit hexadecimal code that is hardcoded on every NIC during manufacture, uniquely identifying each physical device so data packets can be routed to them
examples of well known ports
- HHTP: 80 and 8080
- HTTPS: 443
- Post Office Protocols: 110
how to improve code quality and protect from malware threats
- guarding against buffer overflow attack
- quarding aagainst SQL injection attack
- use of strong passwords for login credentials
- two factor authentification
what is FTP
- file transfer protocol is an application level protocol used to move files between computers on a network
- ftp uses the client server model with seperate data and control channels
- its a set of instructions that can communicate and exchange files
what is secure shell
- SSH is an encrypted protocol that allows secure communication between nodes across a network
- ssh uses public key encryption to protect the data in communcication, requireing a digital ceritficate to authenticate the user
what is the role of a mail server
- mail servers are dedicated computers that route mail and store it until it can be recieved
- it uses three protocols
three protocols used by a mail server
- SMTP: used to send emails and forward them between mail servers to their destination
- POP3: retrieves emails from a mail server that stores incoming mail, then transferrs to the clients computer
- IMAP: manages emails on a server to main synchronicity between devices
what are the unusable ip addresses
- 127.x.x.x are private, non-routable addresses used for LANs only
- x.x.x.0 is the network identifyer
- x.x.x.255 is the broadcast address on each network
- x.x.x.1 is conventially the defualt router
what are the parts of an ip address
- network identifier: left handed bits of a 32 bit number, used to define the network where nodes are communicating
- host identifier: right handed bits of a 32 bit number, used to identify the device
what is classless adressing
- the more hosts in each network, the fewer the networks that can be created
- this system specifies the number of bits in the network ID
- e.g. the network 210.54.101.0/24 has a network ID of 24 bits and a host ID of 8 bits
what is subnetting
- an organisation can chose to further subdivide the number of available hots IDs that they have between individual subnetworks
- the subnet ID is formed from the host ID
- this inproves security and can reduce data collisions
what is a subnet mask
- a subnet mask is used together with an ip addess to identify the network identifier within the address
- a subnet mask is ANDed with the IP address to get the network identifier
what is DHCP
- dynamic host configuration protocol
- allocates IP addresses from a pool of available addresses to a host attempting to operate on a public network
- means theres efficient allocation of addresses
- allows hosts to move between networks
- reduces the need for expert knowledge
what is NAT
network address translation is used to convert IP addresses as they pass between a public address space (e.g. via a router) using a public IP address and a LAN with a private address space
what is a well-known port
a port number that has a specific purpose
how can two computers connected to the internet have the same IP address
- the computers have private, non-routable IP addresses
- NAT is performed so the computers can communicate on the internet
how can a firewall protect LANs
- block/allow certain ports
- packet filtering
- stateful inspection
- act as a proxy server
- identify unusual behaviour from the host
what is a DNS
- domain name server
- maps fully qualified domain names into IP addresses
- DNS stores a database of FQDNs and corresponding IP addresses
- organised into a heirarchy
- if one DNS server cannot resolve a lookup, the query will be passed to another
what are the stages of DHCP
- Discover: hosts requests IP address (broadcast)
- Offer: server offers configuration to host (unicast)
- Request: host accepts offer (broadcast)
- ACK: server acknowledgement and assignment (uincast)
what is CRUD
crud is four operations of a database or content management system:
- CREATE
- RETRIEVE
- UPDATE
- DELETE
http request methods and sql
create = post = insert
retreive = get = select
update = put = update
delete = delete = delete
what is REST
- representatioal state transfer
- REST is a style of systems that uses http methods to interact with online databases
- the client computer does not know how the server works with the data
advantages of JSON to XML
- easier FOR HUMANS to read
- more compact with fewer characters
- easier and quicker for computers to pass
advantages of XML to JSON
- more flexible structure and data types
what is thin client computing
all the processing and storage is done by the server, so all that is required for the computer is a basic machine with little processing power and storage
what is thick client computing
very little of the processing and storage is done by the server
what are the advantages of thin client
- easy to set up and maintain
- software and updates can be automatically installed to the server
- more seccure, since data is kept centerally in one place
what are the advantages of thick client
- robust and reliable
- can operate without continous connection to the server
- better for running powerful software applications
disadvantages of thin client
- reliant on the server
- requires a powerful, reliant server
- server bandwidth and demand increased
disadvantages of thick client
- more expensive client computers required
- installation of software required on each terminal separately
- integrity issues with distributed data
