Please read this disclaimer before

proceeding:
This document is confidential and intended solely for the educational purpose
of RMK Group of Educational Institutions. If you have received this document
through email in error, please notify the system manager. This document
contains proprietary information and is intended only to the respective group /
learning community as intended. If you are not the addressee you should not
disseminate, distribute or copy through e-mail. Please notify the sender
immediately by e-mail if you have received this document by mistake and
delete this document from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any action in
reliance on the contents of this information is strictly prohibited.
22EC503– Computer Networks

UNIT - 5
APPLICATION LAYER

Department : Electronics and Communication Engineering

Batch/Year : 2022 Batch / III-ECE
Created by : Ms.Samuda Prathima/Assistant Professor/ECE
Date : 30.07.2024
Table of Contents
S.No Contents Page no

1 Course Objectives 7
2 Pre Requisites 9
3 Syllabus 11
4 Course Outcomes 13
5 CO - PO / PSO Mapping 15
Unit - V APPLICATION LAYER
Lecture Plan 17
Activity Based Learning 19
Lecture Notes 20
Introduction to Application Layer 21
Application Layer Paradigm 22
Client - Server Programming 26
World Wide Web and HTTP 38
Domain Name System (DNS) 49
Electronic Mail (e-Mail) 61
Introduction to Peer to Peer Networks 77
Need for Cryptography and Network Security 83
Firewalls 89
6 Links for Online Lecture Videos and Lecture PPTs 94
7 Assignments 96
8 Part - A Q & A (With K - Level and CO) 99
9 Part - B Q's (With K - Level and CO) 107
10 Supportive Online Certification Courses 110
11 Real Time Applications 112
12 Content Beyond Syllabus 114
13 Assessment Schedule 116
14 Text Book and Reference Books 118
15 Mini Project Ideas 120
1.Course Objectives
Course Objectives
The student should be made to:
• To study the fundamental concepts of computer networks and
physical layer.
• To gain the knowledge of various protocols and techniques used in
the data link layer.
• To learn the services of network layer and network layer protocols.
• To describe different protocols used in the transport layer.
• To understand the application layer protocols
2.Pre Requisites (Course Names with Code)
Pre Requisites
S.No Course Course Name
Code
1 EC8392 DIGITAL ELECTRONICS

2 VAC INTRODUCTION TO NETWORKS

9
3.Syllabus
SYLLABUS

22EC503 – COMPUTER NETWORKS

L T P C
3 0 0 3

UNIT I INTRODUCTION AND PHYSICAL LAYER 9

Data Communications – Network Types – Protocol Layering – Network Models
(OSI, TCP/IP) Networking Devices: Hubs, Bridges, Switches – Performance
Metrics – Transmission media - Guided media -Unguided media- Switching-
Circuit Switching - Packet Switching
UNIT II DATA LINK LAYER 9
Introduction – Link-Layer Addressing- Error Detection and Correction - DLC
Services – Data Link Layer Protocols – HDLC – PPP - Wired LANs: Ethernet -
Wireless LANs – Introduction – IEEE 802.11, Bluetooth
UNIT III NETWORK LAYER 9
Network Layer Services – Packet switching – Performance – IPV4 Addresses –
Forwarding of IP Packets - Network Layer Protocols: IP, ICMP v4 – Unicast
Routing Algorithms – Protocols – Multicasting Basics – IPV6 Addressing – IPV6
Protocol.
UNIT IV TRANSPORT LAYER 9
Introduction – Transport Layer Protocols – Services – Port Numbers – User
Datagram Protocol –Transmission Control Protocol – SCTP.
UNIT V APPLICATION LAYER 9
Application layer-WWW and HTTP – FTP – Email –Telnet –SSH – DNS – SNMP

TOTAL: 45 PERIODS
4.Course Outcomes
Course Outcomes for
22EC503– Computer Networks

Highest
# Course Outcomes Cognitive
Level

Understand the fundamental concepts of computer networks and

C304.1 K2
physical layer.

Gain knowledge of various protocols and techniques used in the

C304.2 K2
data link layer.

C304.3 Learn the network layer services and network layer protocols. K3

C304.4 Understand the various protocols used in the transport layer. K2

C304.5 Analyze the various application layer protocols. K2

5.CO - PO / PSO Mapping
Course Out Comes
CO – PO – PSO – Mapping

Outcomes
Program
Specific
Level of CO

Program Outcomes

K3 K4 K4 K5 K6 A3 A2 A3 A3 A3 A3 A2 K5 K5 K3
PO- PO- PO- PO- PO- PO- PO- PO- PO- PO- PO- PO- PSO PSO PSO
1 2 3 4 5 6 7 8 9 10 11 12 -1 -2 -3

C304.1 K2 2 1 - - - - - - - - - - - - 2
C304.2 K2 2 1 - - - - - - - - - - - - 2
C304.3 K3 3 2 2 1 1 - - - - - - - - - 3
C304.4 K2 2 1 - - - - - - - - - - - - 2
C304.5 K2 2 1 1 1 - - - - - - - - - - 2
CO Avg
3 2 2 1 1 - - - - - - - - - 3
C304
LECTURE PLAN
UNIT - V - APPLICATION LAYER
LECTURE PLAN
UNIT - V - APPLICATION LAYER

Mode of Delivery
Taxonomy level
Proposed Date
No. of Periods

Pertaining CO
Actual Date

Reason for
Deviation
S.No

Topic

Application Layer PPT and

1 1 CO5 K2
Paradigms Smart Board
10.10.2024
Client - Server PPT and
2 1 CO5 K2
Programming 15.10.2024 Smart Board

World Wide Web PPT and

3 1 CO5 K2
and HTTP Smart Board
16.10.2024
1
Domain Name PPT and
4 CO5 K2
System (DNS) Smart Board
17.10.2024
5 Electronic Mail 1
PPT and
(e-Mail) CO5 K2
Smart Board
SMTP - POP3 18.10.2024
Electronic Mail 1
PPT and
6 (e-Mail) CO5 K2
Smart Board
IMAP - MIME 21.10.2024
Introduction to 1
PPT and
7 Peer to Peer CO5 K2
Smart Board
Networks
22.10.2024
Simple Network 1
PPT and
8 Management CO5 K2
Smart Board
Protocol (SNMP) 23.10.2024
PPT and
9 Firewalls 1 CO5 K2 Smart
25.10.2024 Board

Total No.of.hours : 09
ACTIVITY BASED LEARNING
UNIT - V - APPLICATION LAYER
ACTIVITY BASED LEARNING

Dear students,

Configure the Microsoft Outlook with your email id in your Desktop / Laptop
Computer and mention the port number and assign the address for Incoming and
Outgoing mail server and all necessary details. Now using Microsoft outlook try to
send and receive the mail.

➢ Learn the e-mail configuration procedure in application software.

Set up a shared folder in your laptop and try to access the files in the
shared folder from other devices using your home network. Also try
remotely accessing your friends laptop from your home

Activity:2

Understand the process of sending an Email from one place to another

place and present your understanding in the form of poster design that
illustrates how an Email travels from sender to receiver.

All the best

LECTURE NOTES

5.1 INTRODUCTION TO
APPLICATION LAYER
INTRODUCTION TO APPLICATION LAYER

➢ The whole Internet, hardware and software, was designed and developed to
provide services at the application layer. The application layer provides services to
the user.

➢ Since the application layer is the only layer that provides services to the Internet
user, the flexibility of the application layer, as described above, allows new
application protocols to be easily added to the Internet, which has been occurring
during the lifetime of the Internet.

➢ The application layer, however, is somewhat different from other layers in that it is
the highest layer in the suite.

➢ The protocols in this layer do not provide services to any other protocol in the
suite; they only receive services from the protocols in the transport layer. This
means that protocols can be removed from this layer easily.

➢ New protocols can be also added to this layer as long as the new protocols can
use the services provided by one of the transport-layer protocols.
5.2 APPLICATION LAYER
PARADIGMS

5.2.1 Traditional Paradigm: Client-Server

5.2.2 New Paradigm: Peer-to-Peer
APPLICATION LAYER PARADIGMS

To use the Internet we need two application programs to interact with each other:
one running on a computer somewhere in the world, the other running
on another computer somewhere else in the world.

These two programs need to send messages to each other through the Internet
infrastructure

To serve this purpose, Two paradigms have been developed during the lifetime of
the Internet:-

the client-server paradigm and the peer-to-peer paradigm.

5.2.1 Traditional Paradigm: Client-Server

In this paradigm, the service provider is an application program, called the server
process; it runs continuously, waiting for another application program, called the
client process, to make a connection through the Internet and ask for service.

The server process must be running all the time; the client process is started when
the client needs to receive service.

Fig 5.1 : Example of a client-server paradigm

APPLICATION LAYER PARADIGMS

One problem with this paradigm is that the concentration of the communication
load is on the shoulder of the server, which means the server should be a
powerful computer.

Even a powerful computer may become overwhelmed if a large number of clients

try to connect to the server at the same time.

Another problem is that there should be a service provider willing to accept the
cost and create a powerful server for a specific service, which means the service
must always return some type of income for the server in order to encourage
such an arrangement.

Several traditional services are still using this paradigm, including the World Wide
Web (WWW) and its vehicle HyperText Transfer Protocol (HTTP), file transfer
protocol (FTP), secure shell (SSH), e-mail, and so on.

5.2.2 New Paradigm: Peer-to-Peer

A new paradigm, called the peer-to-peer paradigm (often abbreviated P2P

paradigm) has emerged to respond to the needs of some new applications.

In this paradigm, there is no need for a server process to be running all the time
and waiting for the client processes to connect. The responsibility is shared
between peers.

A computer connected to the Internet can provide service at one time and receive
service at another time.

A computer can even provide and receive services at the same time.

Communication by phone is indeed a peer-to-peer activity;

no party needs to be running forever waiting for the other party to call.
APPLICATION LAYER PARADIGMS

The figure 5.2 shows an example of communication in this paradigm.

Fig 5.2: Example of a Peer to Peer Paradigm

➢ If an Internet user has a file available to share with other Internet users, there is
no need for the file holder to become a server and run a server process all the
time waiting for other users to connect and retrieve the file.

➢ Although the peer-to-peer paradigm has been proved to be easily scalable and
cost-effective in eliminating the need for expensive servers to be running and
maintained all the time, there are also some challenges.

➢ The main challenge has been security; it is more difficult to create secure
communication between distributed services than between those controlled by
some dedicated servers.

➢ The other challenge is applicability; it appears that not all applications can use this
new paradigm.

➢ There are some new applications, such as BitTorrent, Skype, IPTV, and Internet
telephony, that use this paradigm.
5.3 CLIENT - SERVER
PROGRAMMING
5.3.1 Application Programming Interface
5.3.2 Using Services of the Transport Layer
5.3.3 Iterative Communication Using UDP
5.3.4 Iterative Communication Using TCP
5.3.5 Concurrent Communication
CLIENT - SERVER PROGRAMMING

In a client-server paradigm, communication at the application layer is between two

running application programs called processes:

a client and a server.

A client is a running program that initializes the communication by sending a request; a

server is another application program that waits for a request from a client.

The server handles the request received from a client, prepares a result, and sends the
result back to the client.

This definition of a server implies that a server must be running when a request from a
client arrives, but the client needs to be run only when it is needed. This means that if we
have two computers connected to each other somewhere, we can run a client process on
one of them and the server on the other.

However, we need to be careful that the server program is started before we start
running the client program.

5.3.1 Application Programming Interface

A computer program is normally written in a computer language with a predefined set of

instructions that tells the computer what to do.

A computer language has a set of instructions for mathematical operations, a set of

instructions for string manipulation, a set of instructions for input/ output access, and so
on.

If we need a process to be able to communicate with another process, we need a new

set of instructions to tell the lowest four layers of the TCP/IP suite to open the
connection, send and receive data from the other end, and close the connection.

A set of instructions of this kind is normally referred to as an application programming

interface (API).
CLIENT - SERVER PROGRAMMING

An interface in programming is a set of instructions between two entities. In this

case, one of the entities is the process at the application layer and the other is the
operating system that encapsulates the first four layers of the TCP/IP protocol
suite.

Several APIs have been designed for communication. Three among them are
common: socket interface, Transport Layer Interface (TLI), and STREAM.

Socket interface started in the early 1980s at UC Berkeley as part of a UNIX

environment.

The socket interface is a set of instructions that provide communication between

the application layer and the operating system

It is a set of instructions that can be used by a process to communicate with

another process.

The idea of sockets allows us to use the set of all instructions already designed in
a programming language for other sources and sinks.

For example, in most computer languages, like C, C++, or Java, we have several
instructions that can read and write data to other sources and sinks such as a
keyboard (a source), a monitor (a sink), or a file (source and sink).

We can use the same instructions to read from or write to sockets.

Fig 5.3 : Position of the socket interface

CLIENT - SERVER PROGRAMMING

Figure 5.4 shows the idea and compares the sockets with other sources and sinks.

Fig 5.4 : Sockets used the same way as other sources and sinks
Sockets

▪ Although a socket is supposed to behave like a terminal or a file, it is not a

physical entity like them; it is an abstraction. It is an object that is created and
used by the application program.

▪ We can say that, as far as the application layer is concerned, communication

between a client process and a server process is communication between two
sockets, created at two ends as shown in Figure 5.5.

▪ The client thinks that the socket is the entity that receives the request and gives
the response; the server thinks that the socket is the one that has a request and
needs the response. If we create two sockets, one at each end, and define the
source and destination addresses correctly, we can use the available instructions
to send and receive data.

▪ The rest is the responsibility of the operating system and the embedded TCP/IP
protocol.

Fig 5.5 : Use of sockets in process-to-process communication

CLIENT - SERVER PROGRAMMING

Socket Addresses

The interaction between a client and a server is two-way communication. In a

two-way communication, we need a pair of addresses: local (sender) and remote
(receiver).

The local address in one direction is the remote address in the other direction and
vice versa. Since communication in the client-server paradigm is between two
sockets, we need a pair of socket addresses for communication: a local socket
address and a remote socket address.

However, we need to define a socket address in terms of identifiers used in the

TCP/IP protocol suite. A socket address should first define the computer on which
a client or a server is running.

A computer in the Internet is uniquely defined by its IP address, a 32-bit integer

in the current Internet version. An application program can be defined by a port
number, a 16-bit integer.

This means that a socket address should be a combination of an IP address and a

port number

Fig 5.6 : A socket address

Since a socket defines the end-point of the communication,

we can say that a socket is identified by a pair of socket addresses,
a local and a remote.
CLIENT - SERVER PROGRAMMING

Finding Socket Addresses

How can a client or a server find a pair of socket addresses for communication? The
situation is different for each site.
Server Site:
The server needs a local (server) and a remote (client) socket address for
communication.
Local socket Address

• The local (server) socket address is provided by the operating system. The
operating system knows the IP address of the computer on which the server
process is running.

• The port number of a server process, however, needs to be assigned. If the

server process is a standard one defined by the Internet authority, a port number
is already assigned to it.

• For example, the assigned port number for a Hypertext Transfer Protocol (HTTP)
is the integer 80, which cannot be used by any other process.

• If the server process is not standard, the designer of the server process can
choose a port number, in the range defined by the Internet authority, and assign
it to the process.

• When a server starts running, it knows the local socket address.

Remote Socket Address

• The remote socket address for a server is the socket address of the client that
makes the connection.

• Since the server can serve many clients, it does not know beforehand the remote
socket address for communication. The server can find this socket address when
a client tries to connect to the server.

• The client socket address, which is contained in the request packet sent to the
server, becomes the remote socket address that is used for responding to the
client.
CLIENT-SERVER PROGRAMMING

Client Site
The client also needs a local (client) and a remote (server) socket address
for communication.

Local Socket Address

• The local (client) socket address is also provided by the operating system.
The operating system knows the IP address of the computer on which the
client is running.

• The port number is a 16-bit temporary integer that is assigned to a client

process each time the process needs to start the communication.

• The port number needs to be assigned from a set of integers defined by the
Internet authority and called the ephemeral (temporary) port numbers.

• The operating system, however, needs to guarantee that the new port
number is not used by any other running client process.

• The operating system needs to remember the port number to be able to

redirect the response received from the server process to the client process
that sent the request.

Remote Socket Address

Finding the remote (server) socket address for a client, however, needs
more work. When a client process starts, it should know the socket address
of the server it wants to connect to. We will have two situations in this
case.
i. Sometimes, the user who starts the client process knows both the server port number and IP
address of the computer on which the server is running.

ii. Although each standard application has a well-known port number, most of the time, we do
not know the IP address.
CLIENT-SERVER PROGRAMMING

▪ This happens in situations when we need to contact a web page, send an e-

mail to a friend, copy a file from a remote site, and so on.

▪ In these situations, the server has a name, an identifier that uniquely defines
the server process. Examples of these identifiers are URLs, such as
www.xxx.yyy, or e-mail addresses, such as [email protected].

▪ The client process should now change this identifier (name) to the
corresponding server socket address.

▪ The client process normally knows the port number because it should be a
well-known port number, but the IP address can be obtained using another
client-server application called the Domain Name System (DNS).

▪ DNS acts as directory in the internet. It maps the server name to the IP
address of the computer running that server.

5.3.2 Using Services of the Transport Layer

• A pair of processes provide services to the users of the Internet, human or

programs.

• Pair of processes need to use the services provided by the transport layer for
communication because there is no physical communication at the application
layer.

• There are three common transport-layer protocols in the TCP/IP suite: UDP,
TCP, and SCTP.

UDP Protocol

UDP provides connectionless, unreliable, datagram service. UDP is not a

reliable protocol since it does not ask the sender to resend the corrupted or lost
datagram.

TCP Protocol

TCP provides connection-oriented, reliable, byte-stream service. if some bytes

are lost or corrupted, the receiver can request the resending of those bytes,
which makes TCP a reliable protocol.
CLIENT-SERVER PROGRAMMING

SCTP Protocol

SCTP provides a service which is a combination of the two other protocols. Like
TCP, SCTP provides a connection-oriented, reliable service, but it is not byte
stream oriented. It is a message-oriented protocol like UDP.

5.3.3 Iterative Communication Using UDP

• Communication between a client program and a server program can occur

iteratively or concurrently.

• An iterative server can process one client request at a time.

• The received and queued requests are handled in the first-in, first-out fashion.

Sockets Used for UDP

• In UDP communication, the client and server use only one socket each. The
socket created at the server site lasts forever; the socket created at the client site
is closed (destroyed) when the client process terminates.

• Figure 5.7 shows the lifetime of the sockets in the server and client processes.

Fig 5.7 : Sockets for UDP communication

CLIENT-SERVER PROGRAMMING

Flow Diagram

UDP provides a connectionless service, in which a client sends a request and the
server sends back a response. Figure 5.8 shows a simplified flow diagram for
iterative communication.

Fig 5.8: Flow diagram for iterative UDP communication

▪ There are multiple clients, but only one server. Each client is served in each
iteration of the loop in the server.

▪ Note that there is no connection establishment or connection termination. Each

client sends a single datagram and receives a single datagram.
CLIENT-SERVER PROGRAMMING

5.3.4 Iterative Communication Using TCP

Before sending or receiving data, a connection needs to be established between

the client and the server. After the connection is established, the two parties can
send and receive chunks of data.

Sockets Used in TCP

The TCP server uses two different sockets, one for connection establishment and
the other for data transfer.

We call the first one the listen socket and the second the socket. The reason
for having two types of sockets is to separate the connection phase from the data
exchange phase.

Fig 5.9 Socket used in TCP Communication

Flow Diagram

Figure 5.10 shows a simplified flow diagram for iterative communication using
TCP. There are multiple clients, but only one server.

Each client is served in each iteration of the loop.

CLIENT-SERVER PROGRAMMING

Fig 5.10 Flow Diagram for Iterative TCP Communication

5.3.5 Concurrent Communication

• A concurrent server can process several client requests at the same time. This
can be done using the available provisions in the underlying programming
language.

• In C, a server can create several child processes, in which a child can handle a
client.

• In Java, threading allows several clients to be handled by each thread.

5.4 WORLD WIDE WEB
AND HTTP
WORLD WIDE WEB

▪ The idea of the Web was first proposed by Tim Berners-Lee in 1989 at CERN, the
European Organization for Nuclear Research.

▪ The Web today is a repository of information in which the documents, called web
pages, are distributed all over the world and related documents are linked
together

▪ The popularity and growth of the Web can be related to two terms in the above
statement: distributed and linked.

▪ Distribution allows the growth of the Web.

▪ Linking allows one web page to refer to another web page stored in another
server

▪ The linking of web pages was achieved using a concept called hypertext

▪ The term hypertext, coined, has been changed to hypermedia, to show that a
web page can be a text document, an image, an audio file, or a video file.

ARCHITECTURE

▪ The WWW is a distributed client-server service, in which a client using a browser

can access a service using a server.

▪ The service provided is distributed over many locations called sites. Each site
holds one or more web pages

▪ A web page can be simple or composite. A simple web page has no links to
other web pages; a composite web page has one or more links to other web
pages. Each web page is a file with a name and address.
WORLD WIDE WEB

Figure 5.11 shows an example situation where we need to retrieve a scientific

document that contains one reference to another text file and one reference to a
large image.

Fig 5.11 Example

▪ The main document and the image are stored in two separate files (file A and file
B) in the same site; the referenced text file (file C) is stored in another site.

▪ Since we are dealing with three different files, we need three transactions if we
want to see the whole document.

▪ The first transaction retrieves a copy of the main document (file A), which has
references (pointers) to the second and third files.

▪ When a copy of the main document is retrieved and browsed, the user can click
on the reference to the image to invoke the second transaction and retrieve a
copy of the image (file B).

▪ If the contents of the referenced text file need to be viewed, the user can click
on its reference (pointer) invoking the third transaction and retrieving a copy of
file C.

▪ A very important point we need to remember is that file A, file B, and file C are
independent web pages, each with independent names and addresses.
WORLD WIDE WEB

Web Client (Browser)

Browsers usually interpret and display a web page. Each browser usually consists of
three parts: a controller, client protocols, and interpreters as in the figure
5.12

Fig 5.12 Browser

▪ The controller receives input from the keyboard or the mouse and uses the client
programs to access the document.

▪ After the document has been accessed, the controller uses one of the interpreters
to display the document on the screen.

▪ The client protocol can be one of the protocols such as HTTP or FTP. The
interpreter can be HTML, Java, or JavaScript, depending on the type of document.

▪ Some commercial browsers include Internet Explorer, Netscape Navigator, and

Firefox.

Web Server

▪ The web page is stored at the server. Each time a request arrives, the
corresponding document is sent to the client. To improve efficiency, servers
normally store requested files in a cache in memory; memory is faster to access
than a disk.

▪ Some popular web servers include Apache and Microsoft Internet Information
Server.
WORLD WIDE WEB

Uniform Resource Locator (URL)

• A web page, as a file, needs to have a unique identifier to distinguish it from

other web pages.

• To define a web page, we need three identifiers: host, port, and path.

• However, before defining the web page, we need to tell the browser what client-
server application we want to use, which is called the protocol.

Protocol: The first identifier is the abbreviation for the client-server program that
we need in order to access the web page. Although most of the time the protocol
is HTTP but FTP can also be used.

Host: The host identifier can be the IP address of the server or the unique name
given to the server. IP addresses can be defined in dotted decimal notation.

Port: The port, a 16-bit integer, is normally predefined for the client-server
application. For example, if the HTTP protocol is used for accessing the web page,
the well-known port number is 80

Path: The path identifies the location and the name of the file in the underlying
operating system. The format of this identifier normally depends on the operating
system.

Web Documents

The documents in the WWW can be grouped into three broad categories: static,
dynamic, and active.

Static Documents

• Static documents are fixed-content documents that are created and stored in a
server. The client can get a copy of the document only.
WORLD WIDE WEB

• Static documents are prepared using one of several languages: Hypertext Markup
Language (HTML), Extensible Markup Language (XML), Extensible Style Language
(XSL), and Extensible Hypertext Markup Language (XHTML).

Dynamic Documents

• A dynamic document is created by a web server whenever a browser requests

the document.

• A very simple example of a dynamic document is the retrieval of the time and
date from a server.

• Although the Common Gateway Interface (CGI) was used to retrieve a dynamic
document in the past, today’s options include one of the scripting languages such
as Java Server Pages (JSP), which uses the Java language for scripting, or Active
Server Pages (ASP), a Microsoft product that uses Visual Basic language for
scripting.

Active Documents

• For many applications, we need a program or a script to be run at the client site.
These are called active documents.

• One way to create an active document is to use Java applets, a program written
in Java on the server.
HTTP

• The HyperText Transfer Protocol (HTTP) is used to define how the client-server
programs can be written to retrieve web pages from the Web.

• An HTTP client sends a request; an HTTP server returns a response. The server
uses the port number 80; the client uses a temporary port number. HTTP uses the
services of TCP, which is a connection-oriented and reliable protocol.

• This means that, before any transaction between the client and the server can
take place, a connection needs to be established between them. After the
transaction, the connection should be terminated.

Non persistent versus Persistent Connections

• If the web pages, objects to be retrieved, are located on different servers, we do

not have any other choice than to create a new TCP connection for retrieving
each object.

• However, if some of the objects are located on the same server, we have two
choices: to retrieve each object using a new TCP connection or to make a TCP
connection and retrieve them all.

• The first method is referred to as a non persistent connection, the second as a

persistent connection.

Non persistent Connections

In a non persistent connection, one TCP connection is made for each

request/response. The following lists the steps in this strategy:

1. The client opens a TCP connection and sends a request.

2. The server sends the response and closes the connection.

3. The client reads the data until it encounters an end-of-file marker; it then closes
the connection
HTTP

Figure 5.13 shows an example of a non persistent connection.

Fig 5.13 Example of Non persistent connection

Persistent Connections

• HTTP version 1.1 specifies a persistent connection by default. In a persistent

connection, the server leaves the connection open for more requests after
sending a response.

• The server can close the connection at the request of a client or if a time-out has
been reached.

• Time and resources are saved using persistent connections. Only one set of
buffers and variables needs to be set for the connection at each site. The round
trip time for connection establishment and connection termination is saved.
HTTP

Figure 5.14 shows a scenario of persistent connection. Only one connection

establishment and connection termination is used, but the request for the image is
sent separately.

Fig 5.14 Example of persistent connection

Message Formats

The HTTP protocol defines the format of the request and response messages, as
shown in Figure 5.15

Fig 5.15 Formats of the request and response messages

HTTP

In figure 5.15, We have two formats next to each other for comparison. Each
message is made of four sections. The first section in the request message is called
the request line; the first section in the response message is called the status
line.

Web Caching: Proxy Servers

▪ HTTP supports proxy servers. A proxy server is a computer that keeps copies of
responses to recent requests.

▪ The HTTP client sends a request to the proxy server. The proxy server checks its
cache. If the response is not stored in the cache, the proxy server sends the
request to the corresponding server.

▪ Incoming responses are sent to the proxy server and stored for future requests
from other clients.

▪ The proxy server reduces the load on the original server, decreases traffic, and
improves latency. However, to use the proxy server, the client must be configured
to access the proxy instead of the target server.

Proxy Server Location

The proxy servers are normally located at the client site. This means that we can
have a hierarchy of proxy servers, as shown below:

1. A client computer can also be used as a proxy server, in a small capacity, that
stores responses to requests often invoked by the client.

2. In a company, a proxy server may be installed on the computer LAN to reduce

the load going out of and coming into the LAN.

3. An ISP with many customers can install a proxy server to reduce the load going
out of and coming into the ISP network.
HTTP

An example of a use of a proxy server in a local network is shown in figure 5.16.

Fig 5.16 Example of a proxy server

Cache Update

▪ A very important question is how long a response should remain in the proxy
server before being deleted and replaced.

▪ One solution is to store the list of sites whose information remains the same for a
while.

▪ Another recommendation is to add some headers to show the last modification

time of the information.

▪ The proxy server can then use the information in this header to guess how long
the information would be valid.

HTTP Security

▪ HTTP does not provide security but it can be run over the Secure Socket Layer
(SSL).

▪ In this case, HTTP is referred to as HTTPS. HTTPS provides confidentiality, client

and server authentication, and data integrity.
5.5 DOMAIN NAME SYSTEM
(DNS)
DOMAIN NAME SYSTEM (DNS)

▪ To identify an entity, TCP/IP protocols use the IP address, which uniquely

identifies the connection of a host to the Internet. However, people prefer to use
names instead of numeric addresses.

▪ Therefore, the Internet needs to have a directory system that can map a name to
an address. Since the Internet is so huge today, a central directory system cannot
hold all the mapping. In addition, if the central computer fails, the whole
communication network will collapse.

▪ A better solution is to distribute the information among many computers in the

world.

▪ In this method, the host that needs mapping can contact the closest computer
holding the needed information. This method is used by the Domain Name
System (DNS).

Figure 5.17 shows how TCP/IP uses a DNS client and a DNS server to map a name
to an address.

Fig 5.17 Purpose of DNS

DOMAIN NAME SYSTEM (DNS)

A user wants to use a file transfer client to access the corresponding file transfer
server running on a remote host. The user knows only the file transfer server name.
However, the TCP/IP suite needs the IP address of the file transfer server to make
the connection. The following six steps map the host name to an IP address:

1. The user passes the host name to the file transfer client.

2. The file transfer client passes the host name to the DNS client.

3. Each computer, after being booted, knows the address of one DNS server. The
DNS client sends a message to a DNS server with a query that gives the file
transfer server name using the known IP address of the DNS server.

4. The DNS server responds with the IP address of the desired file transfer server.

5. The DNS server passes the IP address to the file transfer client.

6. The file transfer client now uses the received IP address to access the file
transfer server.

Name Space

▪ A name space maps each address to a unique name that can be organized in two
ways: flat or hierarchical.

▪ In a flat name space, a name is assigned to an address. A name in this space is a

sequence of characters without structure.

▪ The main disadvantage of a flat name space is that it cannot be used in a large
system such as the Internet because it must be centrally controlled to avoid
ambiguity and duplication.

▪ In a hierarchical name space, each name is made of several parts. In this case,
the authority to assign and control the name spaces can be decentralized.
DOMAIN NAME SYSTEM (DNS)

Domain Name Space

To have a hierarchical name space, a domain name space was designed. In this
design the names are defined in an inverted-tree structure with the root at the
top. The tree can have only 128 levels: level 0 (root) to level 127 as in figure 5.18

Fig 5.18 Domain Name Space

Label

Each node in the tree has a label, which is a string with a maximum of 63
characters. The root label is a null string (empty string).

Domain Name

Each node in the tree has a domain name. A full domain name is a sequence of
labels separated by dots (.). Figure 5.19 shows some Domain names

The domain names are always read from the node up to the root. The last label is
the label of the root (null).

If a label is terminated by a null string, it is called a fully qualified domain

name (FQDN).

If a label is not terminated by a null string, it is called a partially qualified

domain name (PQDN).
DOMAIN NAME SYSTEM (DNS)

Fig 5.19 Domain names and Labels

Domain

A domain is a subtree of the domain name space. The name of the domain is the
name of the node at the top of the subtree. Figure 5.20 shows some domains.
Note that a domain may itself be divided into domains.

Fig 5.20 Domain

DOMAIN NAME SYSTEM (DNS)

Distribution of Name Space

The information contained in the domain name space must be stored. However, it
is very inefficient and also not reliable to have just one computer store such a
huge amount of information.

Hierarchy of Name Servers

The solution to these problems is to distribute the information among many

computers called DNS servers. One way to do this is to divide the whole space
into many domains based on the first level. we have a hierarchy of servers in the
same way that we have a hierarchy of names as in Figure 5.21

Fig 5.21 Hierarchy of Name Servers

Zone

Since the complete domain name hierarchy cannot be stored on a single server, it is
divided among many servers. What a server is responsible for or has authority over
is called a zone.

Fig 5.22 Zone

DOMAIN NAME SYSTEM (DNS)

Root Server

A root server is a server whose zone consists of the whole tree. A root server
usually does not store any information about domains but delegates its authority
to other servers, keeping references to those servers. The root servers are
distributed all around the world.

Primary and Secondary Servers

▪ A primary server is a server that stores a file about the zone for which it is an
authority. It is responsible for creating, maintaining, and updating the zone file. It
stores the zone file on a local disk.

▪ A secondary server is a server that transfers the complete information about a

zone from another server (primary or secondary) and stores the file on its local
disk.

A primary server loads all information from the disk file; the secondary
server loads all information from the primary server.

DNS in the Internet

In the Internet, the domain name space (tree) was originally divided into three
different sections: generic domains, country domains, and the inverse
domains. ( The inverse domains are now deprecated)

Generic Domains

The generic domains define registered hosts according to their generic behavior.
Each node in the tree defines a domain, which is an index to the domain name
space database (Figure 5.23).
DOMAIN NAME SYSTEM (DNS)

Fig 5.23 Generic Domains

Country Domains

The country domains section uses two-character country abbreviations (e.g., us for
United States). Figure 5.24 shows the country domains section. The address
uci.ca.us. can be translated to University of California, Irvine, in the state of
California in the United States.

Fig 5.24 Country Domains

Resolution

Mapping a name to an address is called name-address resolution. DNS is designed

as a client-server application.

A host that needs to map an address to a name or a name to an address calls a DNS
client called a resolver.

A resolution can be either recursive or iterative.

DOMAIN NAME SYSTEM (DNS)

Recursive Resolution

Figure 5.25 shows a simple example of a recursive resolution. We assume that an

application program running on a host named some.anet.com needs to find the
IP address of another host named engineering.mcgraw-hill.com to send a
message to. The source host is connected to the Anet ISP; the destination host
is connected to the McGraw-Hill network.

Fig 5.25 Recursive resolution

Iterative Resolution

In iterative resolution, each server that does not know the mapping sends the IP
address of the next server back to the one that requested it. Figure 5.26 shows
the flow of information in an iterative resolution in the same scenario as the one
depicted in Figure 5.25.

Fig 5.26 Iterative resolution

DOMAIN NAME SYSTEM (DNS)

Caching

Each time a server receives a query for a name that is not in its domain, it needs to
search its database for a server IP address. Reduction of this search time would
increase efficiency. DNS handles this with a mechanism called caching.

▪ When a server asks for a mapping from another server and receives the response,
it stores this information in its cache memory before sending it to the client.

▪ If a server caches a mapping for a long time, it may send an outdated mapping to
the client. To counter this, two techniques are used. First, the authoritative server
always adds information to the mapping called time to live (TTL).

▪ Second, DNS requires that each server keep a TTL counter for each mapping it
caches.

Resource Records

The zone information associated with a server is implemented as a set of resource

records. A resource record is a 5-tuple structure, as shown below:

(Domain Name, Type, Class, TTL, Value)

The domain name field is what identifies the resource record.

The value defines the information kept about the domain name.

The TTL defines the number of seconds for which the information is valid.

The class defines the type of network.

DNS Messages

To retrieve information about hosts, DNS uses two types of messages: query and
response. Both types have the same format as shown in Figure 5.27.
DOMAIN NAME SYSTEM (DNS)

Fig 5.27: DNS Message

• The identification field is used by the client to match the response with the query.

• The flag field defines whether the message is a query or response. It also
includes status of error. The next four fields in the header define the number of
each record type in the message.

• The question section consists of one or more question records. It is present in

both query and response messages.

• The answer section consists of one or more resource records. It is present only in
response messages.

• The authoritative section gives information (domain name) about one or more
authoritative servers for the query.

• The additional information section provides additional information that may help
the resolver.

Encapsulation

DNS can use either UDP or TCP. In both cases the well-known port used by the
server is port 53.

UDP is used when the size of the response message is less than 512 bytes. If the
size of the response message is more than 512 bytes, a TCP connection is used.
DOMAIN NAME SYSTEM (DNS)

Registrars

Registrars add new domains to DNS. A registrar is a commercial entity

accredited by ICANN. A registrar first verifies that the requested domain name is
unique and then enters it into the DNS database.

DDNS

• In DNS, when there is a change, such as adding a new host, removing a host, or
changing an IP address, the change must be made to the DNS master file.

• These types of changes involve a lot of manual updating. The size of today’s
Internet does not allow for this kind of manual operation. The DNS master file
must be updated dynamically. The Dynamic Domain Name System (DDNS)
therefore was devised to respond to this need.

Security of DNS

DNS can be attacked in several ways including:

1. The attacker may read the response of a DNS server to find the nature or names
of sites the user mostly accesses.

2. The attacker may intercept the response of a DNS server and change it or create
a totally new bogus response to direct the user to the site or domain the attacker
wishes the user to access.

3. The attacker may flood the DNS server to overwhelm it or eventually crash it. This
type of attack can be prevented using the provision against denial-of-service
attack.

To protect DNS, IETF has devised a technology named DNS Security (DNSSEC)
that provides message origin authentication and message integrity using a
security service called digital signature.
5.6 ELECTRONIC MAIL
ELECTRONIC MAIL

Electronic mail (or e-mail) allows users to exchange messages.

e-mail is considered a one-way transaction.
Architecture
▪ In the common scenario, the sender and the receiver of the e-mail, Alice and Bob
respectively, are connected via a LAN or a WAN to two mail servers.
▪ The administrator has created one mailbox for each user where the received
messages are stored.
▪ A mailbox is part of a server hard drive, a special file with permission restrictions.
Only the owner of the mailbox has access to it.
▪ The administrator has also created a queue (spool) to store messages waiting to
be sent.
▪ A simple e-mail from Alice to Bob takes nine different steps, as shown in the
figure.
▪ Alice and Bob use three different agents: a user agent (UA), a message
transfer agent (MTA), and a message access agent (MAA).
▪ When Alice needs to send a message to Bob, she runs a UA program to prepare
the message and send it to her mail server.
▪ The mail server at her site uses a queue (spool) to store messages waiting to be
sent. The message, however, needs to be sent through the Internet from Alice’s
site to Bob’s site using an MTA.

Fig 5.28 : e-Mail Common Scenario

ELECTRONIC MAIL

▪ Here two message transfer agents are needed: one client and one server.
▪ Like most client-server programs on the Internet, the server needs to run all the
time because it does not know when a client will ask for a connection.
▪ The client, on the other hand, can be triggered by the system when there is a
message in the queue to be sent.
▪ The user agent at the Bob site allows Bob to read the received message. Bob
later uses an MAA client to retrieve the message from an MAA server running on
the second server.

User Agent

The first component of an electronic mail system is the user agent (UA).

▪ It provides service to the user to make the process of sending and receiving a
message easier.

▪ A user agent is a software package (program) that composes, reads, replies to,
and forwards messages. It also handles local mailboxes on the user computers.

There are two types of user agents: command-driven and GUI-based.

Command driven user agents belong to the early days of electronic mail
A command-driven user agent normally accepts a one character command from the
keyboard to perform its task.
For example, a user can type the character r, at the command prompt, to reply to the
sender of the message, or type the character R to reply to the sender and all recipients.

Modern user agents are GUI-based.

They contain graphical user interface (GUI) components that allow the user to
interact with the software by using both the keyboard and the mouse.
They have graphical components such as icons, menu bars, and windows that make
the services easy to access.
Some examples of GUI-based user agents are Eudora and Outlook.
ELECTRONIC MAIL

Sending Mail
▪ To send mail, the user, through the UA, creates mail that looks very similar to postal
mail. It has an envelope and a message.
▪ The envelope usually contains the sender address, the receiver address, and other
information.
▪ The message contains the header and the body.
▪ The header of the message defines the sender, the receiver, the subject of the message,
and some other information. The body of the message contains the actual information to
be read by the recipient.
Receiving Mail
▪ The user agent is triggered by the user (or a timer). If a user has mail, the UA informs
the user with a notice.
▪ If the user is ready to read the mail, a list is displayed in which each line contains a
summary of the information about a particular message in the mail box.
▪ The summary usually includes the sender mail address, the subject, and the time the mail
was sent or received. The user can select any of the messages and display its contents
on the screen.

Fig 5.29: Format of an e-Mail

ELECTRONIC MAIL

Addresses
▪ To deliver mail, a mail handling system must use an addressing system with unique
addresses.
▪ In the Internet, the address consists of two parts: a local part and a domain name,
separated by an @ sign

Fig 5.30 : E-mail address

▪ The local part defines the name of a special file, called the user mailbox, where all the
mail received for a user is stored for retrieval by the message access agent.
▪ The second part of the address is the domain name. An organization usually selects one
or more hosts to receive and send e-mail; they are sometimes called mail servers or
exchangers.
▪ The domain name assigned to each mail exchanger either comes from the DNS database
or is a logical name.
Mailing List or Group List
▪ Electronic mail allows one name, an alias, to represent several different e-mail addresses;
this is called a mailing list.
▪ Every time a message is to be sent, the system checks the recipient’s name against the
alias database; if there is a mailing list for the defined alias, separate messages, one for
each entry in the list, must be prepared and handed to the MTA.
Message Transfer Agent: SMTP
▪ An e-mail is one of those applications that needs three uses of client-server paradigms to
accomplish its task.

▪ We refer to the first and the second as Message Transfer Agents (MTAs), the third as
Message Access Agent (MAA).

▪ The formal protocol that defines the MTA client and server in the Internet is called Simple
Mail Transfer Protocol (SMTP).

▪ SMTP is used two times, between the sender and the sender’s mail server and between
the two mail servers.

▪ Another protocol is needed between the mail server and the receiver.

▪ SMTP simply defines how commands and responses must be sent back and forth.
ELECTRONIC MAIL

Fig 5.31: Protocols used in electronic mail

Commands and Responses
▪ SMTP uses commands and responses to transfer messages between an MTA client
and an MTA server.
▪ The command is from an MTA client to an MTA server; the response is from an
MTA server to the MTA client.
Commands
Commands are sent from the client to the server. The format of a command is
shown below:
Keyword: argument(s)

It consists of a keyword followed by zero or more arguments.

SMTP defines 14 commands, listed in Table 5.1

Keyword Argument(s) Description

HELO Sender’s host name Identifies itself

MAIL FROM Sender of the Identifies the sender of the

message message
RCPT TO Intended recipient Identifies the recipient of the
message

Table continued in next page

ELECTRONIC MAIL

Keyword Argument(s) Description

DATA Body of the mail Sends the actual message

QUIT Terminates the message

RSET Aborts the current mail

transaction
VRFY Name of recipient Verifies the address of the
recipient
NOOP Checks the status of the
recipient

TURN Switches the sender and the

recipient

EXPN Mailing list Asks the recipient to expand the

mailing list

HELP Command name Asks the recipient to send

information about the command
sent as the argument
SEND FROM Intended recipient Specifies that the mail be
delivered only to the terminal
of the recipient, and not to the
mailbox
SMOL FROM Intended recipient Specifies that the mail be
delivered to the terminal or the
mailbox of the recipient
SMAL FROM Intended recipient Specifies that the mail be
delivered to the terminal and
the mailbox of the recipient

Table 5.1 : SMTP Commands

ELECTRONIC MAIL

Responses

Responses are sent from the server to the client. A response is a three digit code
that may be followed by additional textual information. Table below shows the most
common response types. Table 5.2: Responses

Code Description

Positive Completion Reply

211 System status or help reply
214 Help message
220 Service ready
221 Service closing transmission channel
250 Request command completed
251 User not local; the message will be forwarded
Positive Intermediate Reply
354 Start mail input
Transient Negative Completion Reply
421 Service not available
450 Mailbox not available
451 Command aborted: local error
452 Command aborted; insufficient storage
Permanent Negative Completion Reply
500 Syntax error; unrecognized command
501 Syntax error in parameters or arguments
502 Command not implemented
503 Bad sequence of commands
504 Command temporarily not implemented
550 Command is not executed; mailbox unavailable
551 User not local
552 Requested action aborted; exceeded storage location
553 Requested action not taken; mailbox name not allowed
554 Transaction failed
ELECTRONIC MAIL

Mail Transfer Phases

The process of transferring a mail message occurs in three phases:
connection establishment, mail transfer, and connection termination.

Connection Establishment

After a client has made a TCP connection to the wellknown port 25, the SMTP server
starts the connection phase. This phase involves the following three steps:

1. The server sends code 220 (service ready) to tell the client that it is ready to
receive mail. If the server is not ready, it sends code 421 (service not available).

2. The client sends the HELO message to identify itself, using its domain name
address. This step is necessary to inform the server of the domain name of the
client.

3. The server responds with code 250 (request command completed) or some other
code depending on the situation.
Message Transfer

After connection has been established between the SMTP client and server, a single
message between a sender and one or more recipients can be exchanged.

This phase involves eight steps. Steps 3 and 4 are repeated if there is more than
one recipient.

1. The client sends the MAIL FROM message to introduce the sender of the
message. It includes the mail address of the sender (mailbox and the domain
name). This step is needed to give the server the return mail address for returning
errors and reporting messages.

2. The server responds with code 250 or some other appropriate code.

3. The client sends the RCPT TO (recipient) message, which includes the mail
address of the recipient.

4. The server responds with code 250 or some other appropriate code.
ELECTRONIC MAIL

5. The client sends the DATA message to initialize the message transfer.

6. The server responds with code 354 (start mail input) or some other appropriate message.

7. The client sends the contents of the message in consecutive lines. Each line is terminated
by a two-character end-of-line token (carriage return and line feed). The message is
terminated by a line containing just one period.

8. The server responds with code 250 (OK) or some other appropriate code.

Connection Termination

After the message is transferred successfully, the client terminates the connection. This
phase involves two steps.

1. The client sends the QUIT command.

2. The server responds with code 221 or some other appropriate code.

Message Access Agent: POP and IMAP

▪ The first and second stages of mail delivery use SMTP.

▪ However, SMTP is not involved in the third stage because SMTP is a push protocol; it
pushes the message from the client to the server.

▪ In other words, the direction of the bulk data (messages) is from the client to the server.

▪ On the other hand, the third stage needs a pull protocol; the client must pull messages
from the server. The direction of the bulk data is from the server to the client. The third
stage uses a message access agent.

Currently two message access protocols are available:

Post Office Protocol, version 3 (POP3) and

Internet Mail Access Protocol, version 4 (IMAP4).

ELECTRONIC MAIL

POP3
▪ Post Office Protocol, version 3 (POP3) is simple but limited in functionality. The
client POP3 software is installed on the recipient computer; the server POP3
software is installed on the mail server.

▪ Mail access starts with the client when the user needs to download its e-mail from
the mailbox on the mail server.

▪ The client opens a connection to the server on TCP port 110. It then sends its
user name and password to access the mailbox. The user can then list and
retrieve the mail messages, one by one.

Figure below shows an example of downloading using POP3.

POP3 has two modes: the delete mode and the keep mode.

In the delete mode, the mail is deleted from the mailbox after each retrieval. In the
keep mode, the mail remains in the mailbox after retrieval. The keep mode is
normally used when the user accesses her mail away from her primary computer
(for example, from a laptop). The mail is read but kept in the system for later
retrieval and organizing.

Fig 5.32: POP3

ELECTRONIC MAIL

IMAP4
Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4).
IMAP4 is similar to POP3, but it has more features; IMAP4 is more powerful and
more complex.
IMAP4 provides the following extra functions:
1. A user can check the e-mail header prior to downloading.
2. A user can search the contents of the e-mail for a specific string of characters
prior to downloading.
3. A user can partially download e-mail. This is especially useful if bandwidth is
limited and the e-mail contains multimedia with high bandwidth requirements.
4. A user can create, delete, or rename mailboxes on the mail server.
5. A user can create a hierarchy of mailboxes in a folder for e-mail storage.

MIME

Electronic mail has a simple structure. Its simplicity, however, comes with a price. It
can send messages only in NVT 7-bit ASCII format.

In other words, it has some limitations. It cannot be used for languages other than
English (such as French, German, Hebrew, Russian, Chinese, and Japanese). Also, it
cannot be used to send binary files or video or audio data.

Multipurpose Internet Mail Extensions (MIME) is a supplementary protocol

that allows non-ASCII data to be sent through e-mail.

▪ MIME transforms non-ASCII data at the sender site to NVT ASCII data and
delivers it to the client MTA to be sent through the Internet.

▪ The message at the receiving site is transformed back to the original data.

▪ We can think of MIME as a set of software functions that transforms non-ASCII

data to ASCII data and vice versa, as shown in Figure
ELECTRONIC MAIL

Fig 5.33 : MIME

MIME Headers

MIME defines five headers, as shown in Figure below which can be added to the
original e-mail header section to define the transformation parameters:

Fig 5.34: MIME header

MIME-Version
This header defines the version of MIME used. The current version is 1.1.

Content-Type

This header defines the type of data used in the body of the message. The content
type and the content subtype are separated by a slash. Depending on the subtype,
the header may contain other parameters.

MIME allows seven different types of data, listed in Table in next page:
ELECTRONIC MAIL

Table 5.3: Data types and subtypes in MIME

Type Subtype Description

Plain Unformatted
Text
HTML HTML format
Body contains ordered parts of different
Mixed
data types
Parallel Same as above, but no order
Multipart Similar to Mixed, but the default is
Digest
message/RFC822
Alternative Parts are different versions of the same
message
RFC822 Body is an encapsulated message
Message Partial Body is a fragment of a bigger message
External-Body Body is a reference to another message
JPEG Image is in JPEG format
Image
GIF Image is in GIF format
Video MPEG Video is in MPEG format

Audio Basic Single channel encoding of voice at 8 KHz

PostScript Adobe PostScript

Application
Octet-stream General binary data (eight-bit bytes)

Content-Transfer-Encoding

This header defines the method used to encode the messages into 0s and 1s for
transport. The five types of encoding methods are listed in Table

Table 5.4: Methods for Content-Transfer-Encoding

Type Description
7-bit NVT ASCII characters with each line less than 1000 characters
8-bit Non-ASCII characters with each line less than 1000 characters
Binary Non-ASCII characters with unlimited-length lines
Base64 6-bit blocks of data encoded into 8-bit ASCII characters
Quoted-printable Non-ASCII characters encoded as an equal sign plus an ASCII code
ELECTRONIC MAIL

The last two encoding methods are interesting. In the Base64 encoding, data, as a
string of bits, is first divided into 6-bit chunks as shown in Figure

Fig 5.35: Base64 conversion

Each 6-bit section is then converted into an ASCII character

▪ Base64 is a redundant encoding scheme; that is, every six bits become one
ASCII character and are sent as eight bits. We have an overhead of 25 percent.

▪ If the data consist mostly of ASCII characters with a small non-ASCII portion, we
can use quoted-printable encoding.

Table 5.5: Base64 converting table

ELECTRONIC MAIL

Content-ID
This header uniquely identifies the whole message in a multiple message
environment.

Content-Description
This header defines whether the body is image, audio, or video.

********************************************************************
5.7 INTRODUCTION TO PEER TO
PEER NETWORKS
INTRODUCTION TO P2P NETWORKS

• Internet users that are ready to share their resources become peers and form a
network.

• When a peer in the network has a file (for example, an audio or video file) to
share, it makes it available to the rest of the peers.

• An interested peer can connect itself to the computer where the file is stored and
download it.

• After a peer downloads a file, it can make it available for other peers to download.

• As more peers join and download that file, more copies of the file become
available to the group.

• Since lists of peers may grow and shrink, to keeps track of loyal peers and the
location of the files. we first need to divide the P2P networks into two categories:

centralized and decentralized.

Centralized Networks

• In a centralized P2P network, the directory system ⎯ listing of the peers and what
they offer ⎯ uses the client-server paradigm, but the storing and downloading of
the files are done using the peer-to-peer paradigm. For this reason, a centralized
P2P network is sometimes referred to as a hybrid P2P network.

• Napster is an example of a centralized P2P. In this type of network, a peer first

registers itself with a central server. The peer then provides its IP address and a
list of files it has to share.

• A peer, looking for a particular file, sends a query to a central server. The server
searches its directory and responds with the IP addresses of nodes that have a
copy of the file.

• The peer contacts one of the nodes and downloads the file. The directory is
constantly updated as nodes join or leave the peer.
INTRODUCTION TO P2P NETWORKS

• Centralized networks make the maintenance of the directory simple but have
several drawbacks.

• Accessing the directory can generate huge traffic and slow down the system. The
central servers are vulnerable to attack, and if all of them fail, the whole system
goes down.

Fig 5.36 Centralized Network

Decentralized Network

A decentralized P2P network does not depend on a centralized directory system.

In this model, peers arrange themselves into an overlay network, Depending on
how the nodes in the overlay network are linked, a decentralized P2P network is
classified as either unstructured or structured.

Unstructured networks

In an unstructured P2P network, the nodes are linked randomly. A search in an

unstructured P2P is not very efficient because a query to find a file must be
flooded through the network, which produces significant traffic and still the query
may not be resolved. Two examples of this type of network are Gnutella and
Freenet.
INTRODUCTION TO P2P NETWORKS

Gnutella

• The Gnutella network is an example of a peer-to-peer network that is

decentralized but unstructured i.e., the directory is randomly distributed between
nodes.

• When node A wants to access an object (such as a file), it contacts one of its
neighbors. A neighbor, in this case, is any node whose address is known to node
A.

• Node A sends a query message to the neighbor, node W. The query includes the
identity of the object (for example, file name).

• If node W knows the address of node X, which has the object, it sends a response
message that includes the address of node X.

• Node A now can use the commands defined in a transfer protocol such as HTTP
to get a copy of the object from node X.

• If node W does not know the address of node X, it floods the request from A to
all its neighbors.

• Eventually one of the nodes in the network responds to the query message, and
node A can get access to node X.

• One of the problems with the Gnutella network is the lack of scalability because of
flooding. To make the query more efficient, the new version of Gnutella
implemented a tiered system of ultra nodes and leaves.

• A node entering into the network is a leaf, not responsible for routing; nodes
which are capable of routing are promoted to ultra nodes.

• Gnutella adopted a number of other techniques such as adding Query Routing

Protocol (QRP) and Dynamic Querying (DQ) to reduce traffic overhead and make
searches more efficient.
INTRODUCTION TO P2P NETWORKS

Structured Networks

A structured network uses a predefined set of rules to link nodes so that a query
can be effectively and efficiently resolved. The most common technique used for
this purpose is the Distributed Hash Table (DHT).

Distributed Hash Table (DHT)

A Distributed Hash Table (DHT) distributes data among a set of nodes according
to some predefined rules. Each peer in a DHT-based network becomes
responsible for a range of data items.

DHT-based networks allow each peer to have a partial knowledge about the whole
network to avoid the flooding overhead.

Address Space

In a DHT-based network, each data item and the responsible peer is mapped to a
point in a large address of size 2m. The address space is distributed evenly on a
circle with 2m points (0 to 2m − 1) using clockwise direction as shown in Figure
5.37. Most of the DHT implementations use m = 160.

Fig 5.37 Address Space

INTRODUCTION TO P2P NETWORKS

Hashing Peer Identifier

The first step in creating the DHT system is to place all peers on the address space
ring. This is normally done by using a hash function that hashes the peer identifier,
normally its IP address, to an m-bit integer, called a node ID.

node ID = hash (Peer IP address)

Hashing Object Identifier

The name of the object (a file) to be shared is also hashed to an m-bit integer in the
same address space. The result in DHT parlance is called a key.

key = hash (Object name)

Storing the Object

There are two strategies for storing the object: the direct method and the
indirect method.

In the direct strategy, we create a relationship between the node ID that stores the
object and the key of the object; in the indirect strategy, we create a relationship
between the reference (pointer) to the object and the node that stores that
reference.

Routing

DHT’s main function is to route a query to the node responsible for storing the
reference to an object.

Arrival and Departure of Nodes

A DHT implementation needs to have a clear and efficient strategy to handle arrival
or departure of the nodes and the effect of this on the rest of the peers. Most DHT
implementations treat the failure of a node as a departure.
5.8 Simple Network
Management Protocol (SNMP)
Simple Network Management Protocol (SNMP)

INTRODUCTION
If an organization has 1000 devices then to check all devices, one by one every day, are
working properly or not is a hectic task. To ease these up, a Simple Network Management
Protocol (SNMP) is used
SNMP is an application layer protocol that uses UDP port number 161/162.SNMP is used to
monitor the network, detect network faults, and sometimes even to configure remote
devices.
Components of SNMP
There are mainly three components of SNMP:
1. SNMP Manager –
It is a centralized system used to monitor the network. It is also known as a Network
Management Station (NMS). A router that runs the SNMP server program is called an agent,
while a host that runs the SNMP client program is called a manager.

2. SNMP agent –
It is a software management software module installed on a managed device. The manager
accesses the values stored in the database, whereas the agent maintains the information in
the database. To ascertain if the router is congested or not, for instance, a manager can
examine the relevant variables that a router stores, such as the quantity of packets received
and transmitted.

3. Management Information Base –

MIB consists of information on resources that are to be managed. This information is
organized hierarchically. It consists of objects instances which are essentially variables. A
MIB, or collection of all the objects under management by the manager, is unique to each
agent. System, interface, address translation, IP, UDP, AND EGP , ICMP, TCP are the eight
categories that make up MIB. The mib object is home to these groups.

SNMP messages

• GetRequest : It is simply used to retrieve data from SNMP agents. In response

to this, the SNMP agent responds with the requested value through a response
message.

• GetNextRequest : To get the value of a variable, the manager sends the agent
the GetNextRequest message. The values of the entries in a table are retrieved
using this kind of communication. The manager won’t be able to access the
values if it doesn’t know the entries’ indices. The GetNextRequest message is
used to define an object in certain circumstances.

• SetRequest : It is used by the SNMP manager to set the value of an object

instance on the SNMP agent.
CRYPTOGRAPHY AND NETWORK SECURITY

• Response : When sent in response to the Set message, it will contain

the newly set value as confirmation that the value has been set.

• Trap : These are the message sent by the agent without being
requested by the manager. It is sent when a fault has occurred.

• InformRequest : It was added to SNMPv2c and is used to determine

if the manager has received the trap message or not. It is the same as
a trap but adds an acknowledgement that the trap doesn’t provide.
SNMP security levels

The type of security algorithm applied to SNMP packets is defined by

it. These are used in only SNMPv3. There are 3 security levels
namely:
1. noAuthNoPriv –
This (no authentication, no privacy) security level uses a community
string for authentication and no encryption for privacy.

2. authNopriv – This security level (authentication, no privacy) uses

HMAC with Md5 for authentication and no encryption is used for
privacy.

3. authPriv – This security level (authentication, privacy) uses HMAC

with Md5 or SHA for authentication and encryption uses the DES-56
algorithm.
Simple Network Management Protocol (SNMP)

Versions of SNMP
There are three versions of SNMP including the below ones:
1. SNMPv1 –
It uses community strings for authentication and uses UDP only. SNMPv1
is the first version of the protocol. It is described in RFCs 1155 and 1157
and is simple to set up.

2. SNMPv2c –
It uses community strings for authentication. It uses UDP but can be
configured to use TCP. Improved MIB structure elements, transport
mappings, and protocol packet types are all included in this updated
version. However, it also makes use of the current “community-based”
SNMPv1 administrative structure, which is why the version is called
SNMPv2c. RFC 1901, RFC 1905, and RFC 1906 all describe it.

3. SNMPv3 –
It uses Hash-based MAC with MD5 or SHA for authentication and DES-56
for privacy. This version uses TCP. Therefore, the conclusion is the higher
the version of SNMP, the more secure it will be. NMPv3 provides the
remote configuration of SNMP entities. This is the most secure version to
date because it also includes authentication and encryption, which may be
used alone or in combination. RFC 1905, RFC 1906, RFC 2571, RFC 2572,
RFC 2574, and RFC 2575.6 are the RFCs for SNMPv3.

Advantages of SNMP
• 1. It is simple to implement.
• 2. Agents are widely implemented.
• 3. Agent level overhead is minimal.
• 4. It is robust and extensible.
• 5. Polling approach is good for LAN based managed object.
• 6. It offers the best direct manager agent interface.
• 7. SNMP meet a critical need.
Limitation of SNMP
• 1. It is too simple and does not scale well.
• 2. There is no object orietned data view.
• 3. It has no standard control definition.
• 4. It has many implementation specific (private MIB) extensions.
• 5. It has high communication overhead due to polling
File Transfer Protocol (FTP)

• FTP is a standard internet protocol provided by TCP/IP used for transmitting

the files from one host to another.
• It is mainly used for transferring the web page files from their creator to the
computer that acts as a server for other computers on the internet.
• It is also used for downloading the files to computer from other servers.
Objectives of FTP
• It provides the sharing of files.
• It is used to encourage the use of remote computers.
• It transfers the data more reliably and efficiently.
Why FTP?
Although transferring files from one system to another is very simple and
straightforward, but sometimes it can cause problems. For example, two
systems may have different file conventions. Two systems may have different
ways to represent text and data. Two systems may have different directory
structures. FTP protocol overcomes these problems by establishing two
connections between hosts. One connection is used for data transfer, and
another connection is used for the control connection.
Mechanism of FTP
File Transfer Protocol (FTP)

The above figure shows the basic model of the FTP. The FTP client has three
components: the user interface, control process, and data transfer process.
The server has two components: the server control process and the server
data transfer process.

There are two types of connections in FTP:

• Control Connection: The control connection uses very simple rules for
communication. Through control connection, we can transfer a line of
command or line of response at a time. The control connection is made
between the control processes. The control connection remains connected
during the entire interactive FTP session.
• Data Connection: The Data Connection uses very complex rules as data
types may vary. The data connection is made between data transfer
processes. The data connection opens when a command comes for
transferring the files and closes when the file is transferred.
5.9 FIREWALLS
FIREWALLS

• A firewall is a device (usually a router or a computer) installed between the

internal network of an organization and the rest of the Internet.

• It is designed to forward some packets and filter others. Figure 5.39 shows a
firewall.

• For example, a firewall may filter all incoming packets destined for a specific host
or a specific server such as HTTP.

• A firewall can be used to deny access to a specific host or a specific service in the
organization.

• A firewall is usually classified as a packet-filter firewall or a proxy-based

firewall.

Fig 5.39 Firewall

Packet-Filter Firewall

A firewall can be used as a packet filter. It can forward or block packets based on
the information in the network-layer and transport-layer headers: source and
destination IP addresses, source and destination port addresses, and type of
protocol (TCP or UDP).
FIREWALLS

A packet-filter firewall is a router that uses a filtering table to decide which

packets must be discarded (not forwarded). Figure 5.40 shows an example of a
filtering table for this kind of a firewall.

Fig 5.40 Packet Filter Firewall

According to the figure, the following packets are filtered:

1. Incoming packets from network 131.34.0.0 are blocked (security precaution).

Note that the * (asterisk) means “any.”

2. Incoming packets destined for any internal TELNET server (port 23) are blocked.

3. Incoming packets destined for internal host 194.78.20.8 are blocked. The
organization wants this host for internal use only.

4. Outgoing packets destined for an HTTP server (port 80) are blocked. The
organization does not want employees to browse the Internet.

A packet-filter firewall filters at the network or transport layer.

FIREWALLS

Proxy Firewall

• The packet-filter firewall is based on the information available in the network layer
and transport layer headers (IP and TCP/UDP). However, sometimes we need to
filter a message based on the information available in the message itself (at the
application layer).

• One solution is to install a proxy firewall (computer) (sometimes called an

application gateway), which stands between the customer computer and the
corporation computer.

• When the user client process sends a message, the application gateway runs a
server process to receive the request.

• The server opens the packet at the application level and finds out if the request is
legitimate. If it is, the server acts as a client process and sends the message to
the real server in the corporation.

• If it is not, the message is dropped and an error message is sent to the external
user. In this way, the requests of the external users are filtered based on the
contents at the application layer. Figure 5.41 shows an application gateway
implementation for HTTP.

Fig 5.41 Proxy Firewall

A proxy firewall filters at the application layer.

Links for online Lecture Videos and
Lecture PPTs
LINKS FOR ONLINE LECTURE VIDEOS AND LECTURE
SLIDES

Link for Lecture Slides

S.NO Topic Link for Video Lecture
for all topics of Unit V
https://drive.google.com
/drive/folders/1ttw7WDL
1 Application Layer
8sTQYgSMyB8zWYK0oOF
YxZZ2G?usp=sharing
Assignments
Assignments

No Assignments Course K-
Outcome Level
1 Assume there is a server with the domain name CO5 K4
www.common.com.
a. Show an HTTP request that needs to retrieve
the document /usr/users/doc.
The client accepts MIME version 1, GIF or JPEG
images, but the document should not be more
than 4 days old.
b. Show the HTTP response to part a for a
successful request.
2. In HTTP, draw a figure to show the application of CO5 K3
cookies in a scenario in which the server allows
only the registered customer to access the server.

3. Using RFC 1939, assume a POP3 client is in the CO5 K4

download-and-delete mode.
Show the transaction between the client and the
server if the client has only two messages of 230
and 400 bytes to download from the server.
4. A general program to implement substitution CO5 K4
(additive) cipher (encryption and decryption).
The input to the program is a flag that demands
encryption or decryption, the symmetric key, and
the plaintext or ciphertext. The output is the
ciphertext or the plaintext, depending on the
flag.
5. Use the additive cipher with k = 10 to encrypt CO5 K3
the plaintext “book”. Then decrypt the message
to get the original plaintext.
6. Assume Alice needs to send an e-mail to Bob. CO5 K3
Explain how the confidentiality of the e-mail is
achieved using S/MIME.
7. When we talk about authentication in SSL, do we CO5 K2
mean message authentication or entity
authentication? Explain.
8. We defined two security services for e-mail (PGP CO5 K3
and S/MIME). Explain why e-mail applications
cannot use the services of SSL/TLS and need to
use either PGP or S/MIME.
Assignment

No Assignment Course K-
Outcome Level
9. Write a method in Java to accept a string CO5 K4
representing an IP address in the form “x.y.z.t”
and change it to an unsigned integer.
10. Write a method in Java to extract the prefix of an CO5 K4
address (as an integer) given a string
representing a CIDR notation in the form
“x.y.z.t/n”.
Part A Q & A (With K - Level and CO)
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
1. What is the mail transfer protocol used in the CO5 K2
Internet?

Simple Mail Transfer Protocol (SMTP) is the mail

transfer protocol used in the Internet. It is the part
of Application Layer of the TCP / IP Protocol.
2. State the operation of the Packet - Filter Firewall. CO5 K2

A packet-filter firewall is a router that uses a filtering

table to decide which packets must be discarded
(not forwarded).
It can forward or block packets based on the
information in the network-layer and transport-layer
headers: source and destination IP addresses,
source and destination port addresses, and type of
protocol (TCP or UDP).
3. Consider an HTTP Client that wants to retrieve CO5 K3
web document at a given URL. The IP address
of the HTTP Server is initially unknown. What
transport and application layer protocols are
needed in this scenario?

Transport layer protocols: UDP for DNS;

TCP for HTTP

Application layer protocols: DNS and HTTP

4. What is the use of SNMP protocol in a CO5 K2
network?

Simple Network Management Protocol (SNMP) is a

framework for managing devices in an internet
using the TCP/IP protocol suite.
It provides a set of fundamental operations for
monitoring and maintaining an internet.
5. Write the uses of HTTP. CO5 K2

The HyperText Transfer Protocol (HTTP) is used to

define how the client-server programs can be
written to retrieve web pages from the Web.
Accessing Web Pages, Information Retrieval from Web
servers.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
6. What is DNS? CO5 K2

The Domain Name System (DNS) is a client-server

application that identifies each host on the Internet
with a unique name.
DNS organizes the name space in a hierarchical
structure to decentralize the responsibilities involved
in naming.
7. State the usage of conditional GET in HTTP. CO5 K2

HyperText Transfer Protocol (HTTP) is the main

protocol used to access data on the Web.
The Conditional GET method is intended to reduce
the unnecessary network usage by allowing cached
entities to be refreshed without requiring multiple
requests or transferring data already held by the
client.
8. Present the information contained in a DNS CO5 K2
resource record.

The zone information associated with a server is

implemented as a set of resource records.
In other words, a name server stores a database of
resource records. A resource record is a 5-tuple
structure, as shown below:
(Domain Name, Type, Class, TTL, Value)
9. Draw the scenario of Electronics Mail. CO5 K3

10. Draw a diagram that illustrate tunneling CO5 K3

strategy.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
11. Explain which entity provides service and
which one receives service in the client-server
paradigm.
CO5 K2
In a client-server paradigm, a server provides
service and a client receives service.
12. In the client-server paradigm, explain why a
server should be run all the time, but a client
can be run when it is needed.
CO5 K3
A server should always be on because a client may
need to access it at any time. A client is normally
the initializer of the connection; it can be run when
it is needed.
13. During the weekend, Alice often needs to
access files stored on her office desktop from
her home laptop. Last week, she installed a
copy of the FTP server process on her desktop
at her office and a copy of the FTP client
pro_x0002_cess on her laptop at home. She
was disappointed when she could not access
CO5 K3
her files during the weekend. What could have
gone wrong?

Probably Alice turned off her desktop, which

stopped the FTP server, when she left the office. A
server process should be running all the time,
waiting for clients to access it.
14. Alice has a video clip that Bob is interested in
getting; Bob has another video clip that Alice
is interested in getting. Bob creates a web
page and runs an HTTP server. How can Alice
get Bob’s clip? How can Bob get Alice’s clip?
CO5 K3
If Bob posts his clip on his website, Alice can get it
by running an HTTP client (a browser) using a GET
message. Since Alice is not running an HTTP server,
she needs to use the PUT command and post her
clip on Bob’s site.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
15 In a nonpersistent HTTP connection, how can
HTTP inform the TCP protocol that the end of
the message has been reached?

If the message has no body section, the lack of any

CO5 K2
character after the blank line is an indication that
the message is over. If the message has a body,
either the body needs to have an end-of-file marker
or the message should have the Content-Length
header to define the size of the body.
16 In DNS, which of the following are FQDNs and
which are PQDNs?
a. xxx b. xxx.yyy.net c. zzz.yyy.xxx.edu.
CO5 K3
a. PQDN (It does not end with a dot.)
b. PQDN (It does not end with a dot.)
c. FQDN (It does end with a dot.)
17 What is Caching?

Each time a server receives a query for a name that

is not in its domain, it needs to search its database
for a server IP address. Reduction of this search
time would increase efficiency.

DNS handles this with a mechanism called caching. CO5 K2

When a server asks for a mapping from another

server and receives the response, it stores this
information in its cache memory before sending it to
the client. If the same or another client asks for the
same mapping, it can check its cache memory and
resolve the problem.
18 What is POP3?

Post Office Protocol, version 3 (POP3) is a e-mail

message access protocol.
The client POP3 software is installed on the recipient CO5 K2
computer; the server POP3 software is installed on
the mail server. Mail access starts with the client
when the user needs to download its e-mail from
the mailbox on the mail server.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
19 What is the use of IMAP4?

Internet Mail Access Protocol, version 4 (IMAP4) is a

mail access protocol. IMAP4 is similar to POP3, but it
has more features; IMAP4 is more powerful and
more complex.

IMAP4 provides the following extra functions:

❑ A user can check the e-mail header prior to downloading. CO5 K2
❑ A user can search the contents of the e-mail for a specific
string of characters prior to downloading.
❑ A user can partially download e-mail. This is especially
useful if bandwidth is limited and the e-mail contains
multimedia with high bandwidth requirements.
❑ A user can create, delete, or rename mailboxes on the mail
server.
❑ A user can create a hierarchy of mailboxes in a folder for e-
mail storage.

20 Define MIME.

Multipurpose Internet Mail Extensions (MIME) is a

supplementary protocol that allows non-ASCII data
to be sent through e-mail. MIME transforms non- CO5 K2
ASCII data at the sender site to NVT ASCII data and
delivers it to the client MTA to be sent through the
Internet. The message at the receiving site is
transformed back to the original data.
21 Write short note on Peer to Peer Network.

In a peer-to-peer network, Internet users that are

CO5 K2
ready to share their resources become peers and
form a network. Peer-to-peer networks are divided
into centralized and decentralized.
22 Distinguish between centralized and
decentralized P2P networks.

In a centralized P2P network, the directory

system uses the client-server paradigm, but the
CO5 K2
storing and downloading of the files are done using
the peer-to-peer paradigm.
In a decentralized network, both the directory
system and storing and downloading of flies are
done using the peer-to-peer paradigm.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
23 What are the three goals of Network Security?

The three goals of security are confidentiality,

integrity, and availability.
CO5 K2
These goals are threatened by attacks such as
snooping, traffic analysis, modification,
mas_x0002_querading, replaying, repudiation, and
denial of service.
24 How Data Confidentiality is achieved in a
Network?

Confidentiality is achieved through asymmetric-key

and symmetric-key ciphers.
CO5 K2
In a symmetric-key cipher the same key is used for
encryption and decryption, and the key can be used
for bidirectional communication.

In asymmetric-key cryptography there are two

separate keys: one private and one public.
25 What is SNMP?
SNMP is an application layer protocol that uses
UDP port number 161/162.SNMP is used to CO5 K2
monitor the network, detect network faults, and
sometimes even used to configure remote devices.

26 What are SNMP agents?

It is a software module installed on a managed CO5 K2

device. Managed devices can be network devices
like PC, routers, switches, servers, etc.
27 Is SNMP provide security?
SNMP provide security , to secure the
communication between users it provide CO5 K2
encryption technique and authentication between
agents.
Part-A Q & Ans
Course
Q.No Question K-Level
Outcome
28 Which of the following words means “secret
writing”? Which one means “covered
writing”?
a. cryptography b. steganography
CO5 K2
a. Cryptography means "secret writing."

b. Steganography means "covered writing."

29 Define the type of attack in each of the
following cases:
a. A student breaks into a professor’s office to
obtain a copy of the next test.

b. A student gives a check for $10 to buy a

used book. Later the student finds out that
the check was cashed for $100.

c. A student sends hundreds of e-mails per

day to the school using a phony return e-mail
address.
CO5 K3
a. This is snooping (an attack to confidentiality).
Although the contents of the test are not
confidential on the day of the test, they are
confidential before the test day.

b. This is modification (an attack to integrity). The

value of the check is changed (from $10 to $100).

c. This is denial of service (an attack to availability).

Sending so many emails may crash the server and
the service may be interrupted.
30 What are the different sections of a domain
name system?

In the Internet, the domai name space (tree) was CO5 K2

originally divided into three different sections:
generic domains, country domains, and the inverse
domains.
Part B Q's (With K - Level and CO)
Question bank

Q.No Question Course K-

Outcome Level
1. Is recursive resolution of an DNS resolver faster K3
CO5
than interactive one? Justify. (13)
2. Explain the basics of POP and IMAP mail access K2
CO5
protocols.
3. Explain in detail how electronic mail application is K2
carried out in a network. Also explain the CO5
protocols used in this application.
4. Briefly explain the Domain Name Service Protocol K2
CO5
with an example.
5. A Student attaches a laptop to the campus
network and requests / receives a webpage from
www.google.com. Explain the sequence of
CO5 K4
operations carried out with the help of different
protocols used in Application, Transport, Network
and Link layers.
6. Describe how SMTP transfers messages from one
CO5 K2
host to another with suitable illustrations.
7. Explain IMAP with necessary diagrams. CO5 K2
8. Explain the working of an e-Mail in detail with all
necessary diagram. CO5 K2

9. Tabulate the various HTTP request operations CO5 K2

10. In the client-server paradigm, explain why a
server should be run all the time, but a client can
CO5 K3
be run when it is needed. Explain the concept
with necessary diagrams.
11. In a nonpersistent HTTP connection, how can
HTTP inform the TCP protocol that the end of the
message has been reached? Explain the CO5 K2
persistent connections is HTTP with necessary
diagrams.
12. Explain about the P2P networks and distinguish
between centralized and decentralized P2P CO5 K2
networks.
Question bank

Q.No Question Course K-

Outcome Level
What is the purpose of a firewall? Elaborate each
13. CO5 K2
types of Firewall with necessary diagrams.
14. Alice has found a way to write secretly to Bob.
Each time, she takes a new text, such as an
article from the newspaper, but inserts one or
two spaces between the words. A single space
means a binary digit 0; a double space means a CO5 K4
binary digit 1. Bob extracts the binary digits and
interprets them using ASCII code.
Is this an example of cryptography or
steganography? Explain.
15. What are the three major goals of information
security and Explain how attacks can be
threatening to these goals. CO5 K2
Also define the two techniques to implement the
security goals and prevent attacks.
16 Consider the scenario, where you are requesting
for a web page http://www.acm.org/index.html.
This home page has 8 images. State how many
requests will be made from your system to the CO5 K4
server to load the entire page? Write down the
corresponding request and response message.
(13)
Supportive Online
certification Courses
Supportive Online Courses for
22EC503– Computer Networks

S.no Name of the Course Name of the Duration

Online Platform
1 The Bits and Bytes of Computer Coursera 6 Weeks
Networking
2 Computer Communications Coursera 4 Course
Specializations
3 TCP/IP and Advanced Topics Coursera 5 Weeks
Realtime Applications
Realtime Applications

We learned about IP. Now we are able to to use IPsec to create a

secure IP connection between two ends. - Practice the scenario in the
real world situation.
Ref: Use Wireshark to simulate two protocols:
Secure Shell (SSH) and
HyperText Transfer Protocol Secure (HTTPS)
______________________________________________________________________

Check the types of Network security technology implemented in the

Wireless Router in your home environment and ensure the secured
transmissions and reception of information through your wireless
environment.

____________________________________________________________________

Assume that you are an information security engineer of an organization

and you are responsible for securing the organization data generated on
the network from external attacks. Configure the firewall and security
related parameters on the company server and demonstrate the ACL
configuration skills that you have implemented. Use any simulation
software for demonstration purpose.
Content Beyond Syllabus
Content Beyond Syllabus

Value Added Course related to CoE

Introduction to IoT - Cisco Networking Academy Portal

Assessment Schedule
Assessment Schedule

S.NO TEST PROPSED DATE ACTUAL DATE

1 Unit Test 1 31.07.24

2 First internal
Assessment Test 23.08.24

3 Unit Test 2 14.09.24

4 Second Internal
Assessment Test 04.10.24

5 Model Examination 04.11.24

Text Book and Reference Books
Text Book and Reference Books
TEXT BOOK:
1. Data Communications and Networking, Behrouz A. Forouzan, McGraw
Hill Education, 5th Ed., 2017.(UNIT I –V)
REFERENCES:
1. Computer Networking- A Top-Down Approach, James F. Kurose,
University of Massachusetts and Amherst Keith Ross, 8th Edition, 2021.

2. Computer Networks, Andrew S. Tanenbaum, Sixth Edition, Pearson,

2021.

3. Data Communications and Computer Networks, P.C. Gupta, Prentice-

Hall of India, 2006.

4. Computer Networks: A Systems Approach, L. L. Peterson and B. S.

Davie, Morgan Kaufmann, 3rd ed., 2003.
Mini Project Ideas
Projects to be Carried out

Project - 1

Examine the Contents of SSL /TLS packets in HTTPS

Objective:

To use HTTPS in this Project and capture the packet with Wireshark and to examine
the contents of the SSL/TLS packets when used with HTTPS.

Description:
HTTP, the protocol used to access web pages from the Internet. HTTP per se does
not provide security. However, we can combine HTTP and SSL/TLS to add security to
HTTP. The new protocol is called HyperText Transfer Protocol Secure (HTTPS).

(Generate the report for this examined SSL/TLS Packets when using HTTPS.)

______________________________________________________________________
_

Project - 2
Dictionary Bot
Objective:
To develop the Dictionary bot on the programming language of your choice.

Description:
English words and its meanings can be updated in the Bot and Search option for the
user can be enabled for different words. Choose the programming language of your
choice to develop the project.
____________________________________________________________________

120
Projects to be Carried out
Project - 3

IOT Early Flood Detection & Avoidance

Objective:
To Detect the Flood and alert the public using IOT sensor Technology.

Description:

To detect a flood the system observes various natural factors, which includes
humidity, temperature, water level and flow level. To collect data of mentioned
natural factors the system consist of different sensors which collects data for
individual parameters.

It is a advanced sensor module with consists of resistive humidity and temperature

detection components. The water level is always under observation by a float sensor,
which work by opening and closing circuits (dry contacts) as water levels rise and
fall. All the sensors are connected to Arduino UNO, which processes and saves data.
The system should have wifi / GSM feature, which is useful to access the system and
its data over IoT.

___________________________________________________________________

Project – 4
SMART HOME AUTOMATION SYSTEM

Description:
implement a entire home automation system controlled by an raspberrypi board and
demonstrate the automation process with simple home appliances.

121
Thank you

Disclaimer:

This document is confidential and intended solely for the educational purpose of RMK Group of
Educational Institutions. If you have received this document through email in error, please notify the
system manager. This document contains proprietary information and is intended only to the
respective group / learning community as intended. If you are not the addressee you should not
disseminate, distribute or copy through e-mail. Please notify the sender immediately by e-mail if you
have received this document by mistake and delete this document from your system. If you are not
the intended recipient you are notified that disclosing, copying, distributing or taking any action in
reliance on the contents of this information is strictly prohibited.

122