"antivirus" is protective software designed to defend your computer against

malicious software. Malicious software, or "malware" includes: viruses, Trojans,

keyloggers, hijackers, dialers, and other code that vandalizes or steals your
computer contents. In order to be an effective defense, your antivirus software
needs to run in the background at all times, and should be kept updated so it
recognizes new versions of malicious software.

Significance
 Every computer connected to the Internet or on a network needs to have an antivirus program
installed. Virus prevention is an essential component needed by everyon

Viruses
 A virus is a software program that infects computers without the owners' permission. Viruses
are different from other forms of malware in that viruses are spread from one computer to the
next.
Antivirus
 Antivirus software scans for infections on a computer. Some antivirus programs include
automated scheduled scannings and additional features.
Types of Antivirus
Commercial antivirus and Internet security programs are available, such as Norton and
McAfee. Free programs include AVG Free and Avira.

What are Routing Protocols?

A routing protocol is the implementation of a
routing algorithm in software or hardware.

A routing protocol uses metrics to determine which path to utilize to transmit a packet across an
internetwork.
The metrics used by routing protocols include:
• Number of network layer devices along the path (hop count)
• Bandwidth
• Delay
• Load
• MTU
• Cost
Routing protocols store the results of these metrics in a routing table.
Interior vs. Exterior Routing Protocols
Some routing protocols are designed for use within an organization, while other routing
protocols are designed for use between organizations.
The current lead Interior Gateway Protocol (IGP) is OSPF. Other Interior Gateway Protocols
include IS-IS, RIP, and EIGRP.
The current lead Exterior Gateway Protocol is BGP. The current revision of BGP is BGP4. There
are no other Exterior Gateway Routing protocols in current competition with BGP4.
Distance Vector vs. Link State Routing Protocols
Routing protocols such as RIP and EIGRP are Distance Vector routing protocols. These are
called Distance Vector protocols because they base routing decisions on the "distance" of the
remote destination in terms of the number of network layer hops which the packet will have to
traverse.
OSPF and IS-IS are Link State routing protocols. They are called Link State protocols because
they base routing decisions on messages received from other routers in the internetwork which
give information about state of the links connected to them.

---------------What Is an IP Address?
An IP address is an address used to uniquely identify a device on an IP network. An IP network
is nothing but a connection of multiple computers forming a network. An IP address can be
given to any kind of network component that has to communicate over the network, such as
computers, servers, routers, switches, etc. Any two computers, or any other network devices,
cannot communicate with each other if they do not have an assigned IP address. They are
designed to uniquely identify each network device and allow them to communicate with each
other, regardless of the physical location of the sender and receiver.
Hence, an IP address is the unique identity of any network device where each one should have
their own IP address defined. On the Internet, computers are recognized by their IP addresses
only. IP addresses have an equal significance as the postal addresses have for human beings. Can
you send a letter to anyone if you do not know where he/she lives? This should explain the
importance of an “IP address”.
An IP address is 32 (thirty two) bits in length, which can be divided into a network portion and a
host portion with the help of a subnet mask. It is represented in form of four octets, where 1 octet
= 8 bits. Each octet is converted to a decimal format and is separated by a dot (‘.’). For this
reason, an IP address is said to be expressed in a ‘dotted decimal format’.
Examples of IP addresses in decimal format: 10.1.1.1, 255.255.255.255, 220.3.1.5
The value in each octet ranges from 0 to 255 in decimal format. The ‘dotted decimal format’ is
used to make it easier for the humans to read and remember the numbers, but computers use IP
addresses in a binary format only.
Example of an IP address in binary format: 10011101.11100010.10101110.11101000
Public IP Address : It is a unique IP address assigned by IANA (Internet Assigned
Network Authority). Duplication of the public IP addresses is impossible; hence
these addresses need to be bought.

Summary: Every device on an TCP/IP network must have a unique IP address. IP addresses are
assigned, either automatically by DHCP, or by manual configuration.

Given that IP address must be unique for every computer attached to the internet,how is it
possible that we do not plug in IP addresses for the computer we want to connect?
Well, every device connected to the internet must have a unique IP, it's true. And they're
assigned one of two ways: static or dynamic. But there's also a useful trick that lets multiple
computers share a single IP address ... and that trick is called a router.
•
Static IP addresses are exactly that: static or unchanging. They are assigned by your network
administrator or ISP, and yes, you do have to configure the computer or other internet device
manually to respond to that specific address.
But, as you point out, most folks don't need to do that. So how do they get their IP addresses?
Enter the dynamic IP address and "DHCP" or Dynamic Host Configuration Protocol.
Using DHCP (which is the default for Windows TCP/IP connections) the computer broadcasts a
special request for an IP address to the network. An upstream device, commonly belonging to
your ISP, responds with an IP address that the computer then configures itself to use. Especially
when many computers aren't connected continuously, this allows the ISP to reuse the IP
addresses of computers that have disconnected from the internet.
If you need your computer to be identifiable on the internet ... for example if you're running a
web server or want people to be able to connect to your machine, you'll probably need or use a
static IP address. On the other hand, if all you do is connect out to surf or read email, as most
users do, then a dynamic IP address is the easiest to configure.
Routers are devices that allow multiple computers to "share" a single IP address. The device
that's connected to the internet is the router, and it has a unique IP address. The router can then
act as the DHCP server to the local network handing out local IP addresses to the computers
connected to it. As traffic flows across the router, it does the job of translating the IP addresses
from the local addresses it has assigned, to the external IP address it was assigned, and routing
the right bits of data to the right computer ... hence the name.
One of the many side effects of using a router is that it can be assigned a static address on the
internet, d hand out dynamic IP addresses locally, vice versa, or any combination.

It is done at Start, Settings, Control, Panel, Network, the Properties of the instance
of the TCP/IP protocol bound to (associated with) the network adapter, IP Address
Tab. They are known as static IP addresses. 192.168.0.1 is usually assigned to the
computer with the Internet sharing software and 192.168.0.2, 192.168.0.3, etc. are
usually assigned to the client computers. The subnet mask should be 255.255.255.0
on all of the computers. You will need to enable DNS (domain name service) in the
DNS Configuration tab and enter the IP addresses of your ISP’s (Internet Service
Provider) DNS servers. Most ISPs have a primary and secondary DNS server and
that info is usually provided in the paperwork the ISP sent you when you signed-up.
It is also usually available on the ISPs web site. I do not like proxy servers. NATs
(Network Address Translators) are easier to install. Discussion of other solutions
starts at http://duxcw.com/faq/ics/waysshare.htm.

Technically, a "public" address would be an address that anyone can use. Such as:
192.168.x.y

These public address that anyone can use are "classful" or based on older Class A,B,
and C IP networks.

These "public" ranges would be the 10.x.y.z network (/slash 8)

172.16.x.y - 172.22.x.y (i could be wrong, off the top of my head)
and 192.168.x.y (/slash 16)

These are reserved and have no global significance.

Shown below is the Public IP Address Range & Private IP Address Range.

Public IP Address Range:

Class A(Netid.hostid.hostid.hostid) : 1.0.0.0 to 126.0.0.0

Class B(Netid.Netid.hostid.hostid) : 128.0.0.0 to 191.0.0.0
Class C(Netid.Netid.Netid.hostid) : 192.0.0.0 to 223.0.0.0
Class D(Multicast) : 224.0.0.0 to 239.0.0.0
Class E(For Research) : 240.0.0.0 to 255.0.0.0

Private IP Address Range:

Class A(/8) : 10.0.0.0 to 10.255.255.255

Class B(/12) : 172.16.0.0 to 172.31.255.255
Class C(/16) : 192.168.0.0 to 192.168.255.255

Note:

/8 = First 8 Bits are used for Network ID

/12 = First 12 Bits are used for Network ID
/16 = First 16 Bits are used for Network ID

Application layer: Provides a means for the user to access information on the network through an
application. This layer is the main interface for the user to interact with the application and therefore the
network.
The application layer is the OSI layer closest to the end user, which means that both the OSI
application layer and the user interact directly with the software application. This layer interacts with
software applications that implement a communicating component. Such application programs fall outside
the scope of the OSI model.
Application layer functions typically include
identifying communication partners,
determining resource availability,
and synchronizing communication.

When identifying communication partners, the application layer determines the identity and
availability of communication partners for an application with data to transmit.
When determining resource availability, the application layer must decide whether sufficient
network resources for the requested communication exist.
In synchronizing communication, all communication between applications requires cooperation
that is managed by the application layer.
Some examples of application layer implementations include Telnet, File Transfer Protocol (FTP),
and Simple Mail Transfer Protocol (SMTP).
Or
The Application Layer is the highest layer of the OSI architecture, the purpose of which is to
serve as a window between correspondent application processes so that they may exchange
information on the open environment. The progams which use the Application Layer are known
as Application Processes. A user program may interface directly with the Presentation Layer in
which case it must include protocol modules to initialise communication with peer application
processes, establish the appropriate Presentation context and transfer files or messages.
Alternatively, the user process may include available modules which suppport commonly
required application related services. Such modules are referred to as Application Specific
Elements and are defined as an integrated set of functions which together provide one or more
application related communication capabilities. These capabilities are defined by a protocol in a
very similar manner to that used to specify a service provided by the layer below. The protocol
may specify direct use of presentation layer services and/or those provided by other ASEs. The
grouping of a user process (or application entity), relevant ASEs and interfaces between them is
known as an application process.

Application Layer protocols are classified into Common Application Specific Elements (CASE)
and Specific Application Specific Elements (SASE). CASE elements are commonly required by
user elements and SASEs, whereas SASEs are only included in an application process when their
particular service is specifically required. For more information on SASEs Group Xs project can
be consulted (LINK).
There are four CASEs currently defined. These are...
1. Association Control ACSE,

2. Reliable Transfer RTSE,

3. Remote Operations ROSE and
4. Recovery CCR.
• ACSE (Padraig Butler) enables users to establish or terminate an association between
application processes.
• RTSE (Caroline O'Reilly) enables reliable transfer of information between peers.
• ROSE (Emma Kilcoyne) enables users to initate operations at a remote site.
• CCR (Dave Barry) enables users to recover from failure during execution of a task.
•
•
1.2 Presentation layer: Manages the presentation of the information in an ordered and meaningful
manner. This layer's primary function is the syntax and semantics of the data transmission. It converts
local host computer data representations into a standard network format for transmission on the network.
On the receiving side, it changes the network format into the appropriate host computer's format so that
data can be utilized independent of the host computer. ASCII and EBCDIC conversions, cryptography,
and the like are handled here.
The presentation layer provides a variety of coding and conversion functions that are applied to
application layer data. These functions ensure that information sent from the application layer of one
system would be readable by the application layer of another system. Some examples of presentation
layer coding and conversion schemes include common data representation formats, conversion of
character representation formats, common data compression schemes, and common data encryption
schemes.

Common data representation formats, or the use of standard image, sound, and video formats,
enable the interchange of application data between different types of computer systems. Using different
text and data representations, such as EBCDIC and ASCII, uses conversion schemes to exchange
information with systems. Standard data compression schemes enable data that is compressed. or
encrypted at the source device to be properly decompressed, or deciphered at the destination.

Presentation layer implementations are not typically associated with a particular protocol stack.
Some well-known standards for video include QuickTime and Motion Picture Experts Group (MPEG).
QuickTime is an Apple Computer specification for video and audio, and MPEG is a standard for video
compression and coding.
Among the well-known graphic image formats are Graphics Interchange Format (GIF), Joint Photographic
Experts Group (JPEG), and Tagged Image File Format (TIFF). GIF is a standard for compressing and
coding graphic images. JPEG is another compression and coding standard for graphic images, and TIFF
is a standard coding format for graphic images.

Presentation Layer Functions

Here are some of the specific types of data handling issues that the presentation layer
handles:
○ Translation: Networks can connect very different types of computers together:
PCs, Macintoshes, UNIX systems, AS/400 servers and mainframes can all exist
on the same network. These systems have many distinct characteristics and
represent data in different ways; they may use different character sets for
example. The presentation layer handles the job of hiding these differences
between machines.

○ Compression: Compression (and decompression) may be done at the

presentation layer to improve the throughput of data. (There are some who
believe this is not, strictly speaking, a function of the presentation layer.)

○ Encryption: Some types of encryption (and decryption) are performed at the

presentation layer. This ensures the security of the data as it travels down the
protocol stack. For example, one of the most popular encryption schemes that is
usually associated with the presentation layer is the Secure Sockets Layer (SSL)
protocol. Not all encryption is done at layer 6, however; some encryption is often
done at lower layers in the protocol stack, in technologies such as IPSec.
Or

We deal with the following aspects of the presentation layer:

 OSI Definition of Presentation Layer and ISO Presentation Service
A quick run through the OSI Definition of the Presentation Layer, outlining among other
things the services provided by the presentation layer and the functions of the
presentation layer. The ISO Presentation Service is covered in detail.

ISO Presentation Protocol and Concepts

Presentation Layer Concepts and the ISO Presentation Layer. There is no mention of data
encryption here because the actual presentation protocol is concerned only with the
syntax of messages during their transfer across the network.

Abstract Syntax and Transfer Syntax

Application exchanges involve transmitting data structures which may be complicated.
OSI introduced the notion of abstract syntax and transfer syntax. Included is a
comparison between BER (Basic Encoding Rules) and Sun Microsystems' XDR
(External Data Representation).
Data Encryption and Data Compression
Data Encryption is used to prevent listening or masquerading. In the context of the OSI
Reference Model, the most appropriate layer to perform such encryption is the
presentation layer. Data compression is done if required.

Summarizes the features of peer-to-peer and server-based networks:

Feature Peer-to-peer Network Server-based Network

Size Good for up to 10 users

Limited only by server and
network hardware

Offers extensive user

Security
Users are responsible for their security
own security

Administration Is centrally administered

Is administered by the user of
each computer
Peer to Peer everybody is equal, security is slack, and you can only have a few
comps on network

server based offers better security, monitor users, more technical and time
consuming to set-up, less likely to cause problems if set-up correctly, any amount of
comps etc....

In a Peer to peer network, all nodes are equal. They are both client and server. Most
P2P networks use a mesh topology.

In the client/server model, the data is centralised with all data residing on a single
node (the server) clients request the data and the server sends it. Data on one
client must pass through the server to be available to another client. Most
client/server networks use a star topology.

Client Server has the advantage of centralised management and data integrity
whilst P2P has the advantage of faster data transfer and avoids network
bottlenecks.

What Is DHCP?
DHCP, the Dynamic Host Configuration Protocol, describes the means by which a system can
connect to a network and obtain the necessary information for communication upon that
network. FreeBSD versions prior to 6.0 use the ISC (Internet Systems Consortium) DHCP client
(dhclient(8)) implementation. Later versions use the OpenBSD dhclient taken from
OpenBSD 3.7. All information here regarding dhclient is for use with either of the ISC or
OpenBSD DHCP clients. The DHCP server is the one included in the ISC distribution.
29.5.2 What This Section Covers
This section describes both the client-side components of the ISC and OpenBSD DHCP client
and server-side components of the ISC DHCP system. The client-side program, dhclient,
comes integrated within FreeBSD, and the server-side portion is available from the net/isc-
dhcp3-server port. The dhclient(8), dhcp-options(5), and dhclient.conf(5) manual pages, in
addition to the references below, are useful resources.
29.5.3 How It Works
When dhclient, the DHCP client, is executed on the client machine, it begins broadcasting
requests for configuration information. By default, these requests are on UDP port 68. The server
replies on UDP 67, giving the client an IP address and other relevant network information such
as netmask, router, and DNS servers. All of this information comes in the form of a DHCP
“lease” and is only valid for a certain time (configured by the DHCP server maintainer). In this
manner, stale IP addresses for clients no longer connected to the network can be automatically
reclaimed.
DHCP clients can obtain a great deal of information from the server. An exhaustive list may be
found in dhcp-options(5).

Short for Dynamic Host Configuration Protocol, a protocol for assigning dynamic IP addresses
to devices on a network. With dynamic addressing, a device can have a different IP address
every time it connects to the network. In some systems, the device's IP address can even change
while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software keeps track of IP
addresses rather than requiring an administrator to manage the task. This means that a new
computer can be added to a network without the hassle of manually assigning it a unique IP
address. Many ISPs use dynamic IP addressing for dial-up users.
Attenuation is a general term that refers to any reduction in the strength of a signal.
Attenuation occurs with any type of signal, whether digital or analog. Sometimes
called loss, attenuation is a natural consequence of signal transmission over long
distances. The extent of attenuation is usually expressed in units called decibels
(dBs).

Attenuation and distortion

As a signal travels from one device to another it has two problems to overcome. The first is that
it gets weaker the further it travels, because some of its energy is absorbed by the transmission
medium. This effect is known as attenuation. The extent of attenuation depends on the distance
it has to travel and on the type of medium it is travelling through. An amplifier can be used to
boost the signal power at the transmitter and receiver, and if necessary at various points in the
transmission link, so that signal power can be maintained at a usable level.
The second problem is that the signal can become distorted by external influences as it travels
along the communication path. This can be caused by other signals travelling in the vicinity, or
by waves of energy such as solar energy, lightning, and pulses of energy from electrical
machinery. You might have come across instances of distortion in your own domestic
equipment. For example, I have a small TV in my bedroom and when I use my hairdryer nearby
I can see spots and lines on the TV screen that are caused by the electromagnetic energy
generated by the motor in the hairdryer. If I place my mobile phone next to my radio I often hear
‘beeps’ on my radio as the phone sends signals to the phone network.
Unless distortion can be removed from the signal at the receiving end then any amplification to
overcome the problems of attenuation will also amplify any distortion in the received signal.
Binary signals are quite resistant to distortion because they represent only two states that can
usually be distinguished quite easily from any unwanted effects.

TCP Header Format

TCP segments are sent as internet datagrams. The Internet Protocol header carries several
information fields, including the source and destination host addresses [2]. A TCP header
follows the internet header, supplying information specific to the TCP protocol. This division
allows for the existence of host level protocols other than TCP.

• Source Port and Destination Port

 • Sequence Number - The number assigned to the first byte of data in the current message
• Acknowledgment Number - Contains the sequence number of the next byte of data the
sender of this packet expects from the other host
• Data Offset - Indicates the number of 32-bit words in the TCP header
• Reserved - For future use
• Flags - Variety of control information, including SYN, ACK and FIN bits
• Window - Size of the sender's receive window
• Checksum - Error checking
• Urgent Pointer - Points to the first urgent data byte in the packet

The TCP header format

16 16

Source Port Destination Port

Sequence Number

Acknowledgement Number

Data offset Reserved Flags Window

Checksum Urgent Pointer

Option + Padding

Data

Source Port: 16 bits

The source port number.
Destination Port: 16 bits
The destination port number.
Sequence Number: 32 bits
The sequence number of the first data octet in this segment (except
when SYN is present). If SYN is present the sequence number is the
initial sequence number (ISN) and the first data octet is ISN+1.
Acknowledgment Number: 32 bits
If the ACK control bit is set this field contains the value of the
next sequence number the sender of the segment is expecting to
receive. Once a connection is established this is always sent.
Data Offset: 4 bits
 The number of 32 bit words in the TCP Header. This indicates where
the data begins. The TCP header (even one including options) is an
integral number of 32 bits long.
Reserved: 6 bits
Reserved for future use. Must be zero.
Control Bits: 6 bits (from left to right):
URG: Urgent Pointer field significant
ACK: Acknowledgment field significant
PSH: Push Function
RST: Reset the connection
SYN: Synchronize sequence numbers
FIN: No more data from sender
Window: 16 bits
The number of data octets beginning with the one indicated in the
acknowledgment field which the sender of this segment is willing to
accept.
Checksum: 16 bits
The checksum field is the 16 bit one's complement of the one's
complement sum of all 16 bit words in the header and text. If a
segment contains an odd number of header and text octets to be
checksummed, the last octet is padded on the right with zeros to
form a 16 bit word for checksum purposes. The pad is not
transmitted as part of the segment. While computing the checksum,
the checksum field itself is replaced with zeros.

The checksum also covers a 96 bit pseudo header conceptually

prefixed to the TCP header. This pseudo header contains the Source
Address, the Destination Address, the Protocol, and TCP length.
This gives the TCP protection against misrouted segments. This
information is carried in the Internet Protocol and is transferred
across the TCP/Network interface in the arguments or results of
calls by the TCP on the IP.

+--------+--------+--------+--------+
| Source Address |
+--------+--------+--------+--------+
| Destination Address |
+--------+--------+--------+--------+
| zero | PTCL | TCP Length |
+--------+--------+--------+--------+

The TCP Length is the TCP header length plus the data length in
octets (this is not an explicitly transmitted quantity, but is
computed), and it does not count the 12 octets of the pseudo
header.
Urgent Pointer: 16 bits
This field communicates the current value of the urgent pointer as a
positive offset from the sequence number in this segment. The
urgent pointer points to the sequence number of the octet following
the urgent data. This field is only be interpreted in segments with
the URG control bit set.
Options: variable
Options may occupy space at the end of the TCP header and are a
multiple of 8 bits in length. All options are included in the
checksum. An option may begin on any octet boundary. There are two
cases for the format of an option:

Case 1: A single octet of option-kind.

Case 2: An octet of option-kind, an octet of option-length, and

the actual option-data octets.

The option-length counts the two octets of option-kind and

option-length as well as the option-data octets.

Note that the list of options may be shorter than the data offset
field might imply. The content of the header beyond the
End-of-Option option must be header padding (i.e., zero).

A TCP must implement all options.

Currently defined options include (kind indicated in octal):

Kind Length Meaning

---- ------ -------
0 - End of option list.
1 - No-Operation.
2 4 Maximum Segment Size.

Specific Option Definitions

End of Option List

+--------+
|00000000|
+--------+
Kind=0

This option code indicates the end of the option list. This
might not coincide with the end of the TCP header according to
the Data Offset field. This is used at the end of all options,
not the end of each option, and need only be used if the end of
the options would not otherwise coincide with the end of the TCP
header.

No-Operation

+--------+
|00000001|
+--------+
Kind=1

This option code may be used between options, for example, to

align the beginning of a subsequent option on a word boundary.
There is no guarantee that senders will use this option, so
receivers must be prepared to process options even if they do
not begin on a word boundary.
 Maximum Segment Size

+--------+--------+---------+--------+
|00000010|00000100| max seg size |
+--------+--------+---------+--------+
Kind=2 Length=4

Maximum Segment Size Option Data: 16 bits

If this option is present, then it communicates the maximum

receive segment size at the TCP which sends this segment.
This field must only be sent in the initial connection request
(i.e., in segments with the SYN control bit set). If this
option is not used, any segment size is allowed.
Padding: variable
The TCP header padding is used to ensure that the TCP header ends
and data begins on a 32 bit boundary. The padding is composed of
zeros.