Elementary Computing CSC 100 1
Internet (2) TCP/IP and IP Addresses Hostnames and Domain Name System Internet Services Client/Server and Peer- 2- Peer Applications SPAMs & Phishing, Worms, Viruses & Trojans Botnets & Distributed Denial Of Services Attack VPN, Cookies and 2- Factor Authentication 2
Outcomes Domain Name System is a world- wide phonebook for the Internet. Common Internet Services include HTTP, FTP, emails, Remote login, etc. Peer- 2- Peer and Client/Server are two common models of communication. Phishing & malware are security risks affecting our privacy. 3
Study Guide What is TCP/IP? How does it send/receive messages? Why do we need IP Addresses? What is a hostname? What is Domain Name System? How does it work? What is a TLD? What is cctld? 4
Study Guide What are Internet Services and Port numbers? What is a Client/Server, Peer- 2- Peer application? What is Phishing? Why? What is malware? What are worms, viruses, trojans? How do they spread? What is a botnet, DDoS? What is a cookie, VPN, 2- Factor Authentication? 5
TCP/IP Protocol A protocol is a set of rules on how computers communicate with each other. The Internet is based on the TCP/IP (Transmission Control Protocol/Internet Protocol) protocols. It is based on the idea of postcards (known as packets). 6
A Postcard Model Sender s Address Message Receiver s Address 7
Properties of a Postcard It is small and has a fixed size. The message body is limited. (You can t write too many words.) Every postcard must include the addresses of the sender and the receiver. 8
Question: How to send a long letter? 9
Properties of TCP/IP Packets A packet is small and is fixed in size. Every packet must include the IP addresses of the sender and the receiver. Long messages are sent in many packets, each is labeled with a sequence number. 10
What are these IP addresses? 11
IP Addresses Each computer on the Internet has a globally unique IP address, like a phone number. For example, it is typically written as: 192.168.1.1 Each part is an number, ranging from 0 to 255. 12
The Internet uses IP addresses only. 13
You need the IP address of another computer in order to communicate with it. 14
Question: How do you keep track of millions of IP addresses of all the computers connected to the Internet? 15
Answer: We use hostnames and a BIG Internet phonebook! 16
Domain Name System IP addresses are like phone numbers for identifying computers on the Internet. A computer can register a hostname with its IP address in an Internet Phonebook. The Domain Name System (DNS) is our Phonebook, translating hostnames to IP addresses. 17
How does the Domain Name System work? 18
Top Level Domains The Internet Phonebook divides the Internet into many Top Level Domain s (or zones). Historically, there were only 20 TLDs initially. e.g., edu for education com for commercial business mil for U.S. military gov for U.S. government 19
Examples of Top Level Domains 20
When the Internet became popular, each country has its Country Code Top Level Domain. 21
Country Code TLDs 22
Question: How do you guarantee every domain name is unique? 23
First, every TLD is unique. Then, every sub- domain must be unique. 24
Every TLD or Domain is maintained by an authority. 25
The domain names and hostnames form a up- side down tree of names. 26
27
Examples of Domain Names.ca is Canada s top level domain.uk is UK s top level domain.edu is U.S. top level domain for universities uvic.ca is the domain name of University of Victoria in Canada web.uvic.ca is the hostname of UVic s web server, which belongs to the domain uvic.ca. 28
Hostnames and Domain Names A hostname on the Internet must belong to some domain, which is under a TLD. The cs.uvic.ca is a hostname for the CS Department under the uvic.ca domain. cs.uvic.ca Top Level Domain a Hostname a Domain name or a Hostname 29
PSTN Numbering and DNS Telephone Numbering System Country code (e.g., +86, +851, +1) City codes (e.g., +86-0731, +1-250) Phone numbers (e.g., +86-0731- 8987-9974) Internet Domain Name System Top Level Domains (e.g.,.cn,.ca,.edu,.com) Domains (e.g., taobao.com, uvic.ca, ) Hostnames (e.g., www.ibm.com, www.csc.uvic.ca) 30
Properties of Hostnames All Top Level Domains (TLDs) are unique. Each TLD is administered by an authority. All sub- domains under a TLD must be unique. All hostnames under a domain or sub- domain must also be unique. 31
Every hostname or domain name on the Internet is unique! 32
Purpose of DNS 1 What is the IP address of cs.uvic.ca? Your computer Domain Name System 142.104.70.162 33
Purpose of DNS 1 What is the IP address of cs.uvic.ca? Your computer 142.104.70.162 2 Domain Name System 142.104.70.162 34
Purpose of DNS 1 What is the IP address of cs.uvic.ca? Your computer 142.104.70.162 2 Domain Name System 3 send data to 142.104.70.162 142.104.70.162 35
Internet Explained 36
Internet = Network of Computers + TCP/IP + DNS 37
WWW = Internet + HTML + HTTP 38
Internet Services A computer on the Internet is a client if it uses some services, or server if it provides some services There are many servers on the Internet, e.g., yahoo, facebook, google, etc. Most of the computers (over 90%) are clients. 39
PC www.uvic.ca Server PC PC Clients PC 40
Clients & Servers Every client or server has a unique IP address. A server may provide many services, e.g., www, email, chat, stream videos, Each service is identified by a port number (much like a telephone extension). 41
PC http://www.csc.uvic.ca mcheng@csc.uvic.ca csc.uvic.ca server (142.104.70.162) PC sftp://csc.uvic.ca/~mcheng Clients PC 42
WWW Service To use World- Wide- Web service of a particular server, we use port 80. For example, www.csc.uvic.ca uses 142.104.70.162:80 IP address Port number 43
Email Service To use POP3 (Post Office Protocol) email service, we use port 110. For example, csc.uvic.ca uses 142.104.70.162:110 IP address Port number 44
File Transfer Service To use SFTP (secure FTP) service, we use port 22. For example, unix.uvic.ca uses 142.104.135.162:22 IP address Port number 45
Port Numbers If an IP address is a telephone number, then a port number is similar to a local extension. There are over 1000 well- known port numbers for standard Internet services. Port 80 for HTTP, Port 110 for POP3 (email), Port 22 for SFTP (file transfer), etc. 46
Internet Port Numbers are essentially similar to Telephone Extensions. 47
Peer- 2- Peer Services Some client communicates with other client directly, known as peer to peer. Both are equal partners! For example, a Skype/Facetime user communicates with other Skype/Facetime user directly. A Skype/Facetime server is still needed to establish the initial connection. 48
Peer- 2- Peer Applications PC Skype PC PC Skype PC Clients Clients 49
How do Skype users discover each other s IP addresses? 50
Skype server 1 my IP address is: 128.23.45.1 John s PC Mary s PC 51
Skype server 1 my IP address is: 128.23.45.1 2 Where is John? John s PC Mary s PC 52
Skype server 1 my IP address is: 128.23.45.1 2 Where is John? 3 John s IP is: 128.23.45.1 John s PC Mary s PC 53
Skype server 1 my IP address is: 128.23.45.1 2 Where is John? 3 John s IP is: 128.23.45.1 4 Hi, John! John s PC Mary s PC 54
Skype server 1 my IP address is: 128.23.45.1 2 Where is John? 3 John s IP is: 128.23.45.1 4 Hi, John! John s PC 5 Hi, Mary! Mary s PC 55
What is wrong with this? 56
57
58
!!! IMPORTANT!!! It is easy to create a fake website. 59
How could you tell real from fake websites? 60
Extended Validation (EV) Certificate 2014-10- 02 61
Extended Validation (EV) Certificate Click the padlock 62
Extended Validation (EV) Certificate Click the padlock 63
Check the actual hostname of a website that has been certified from a trusted source. 64
How about these? www.yahoo.com.ch www.tdcanadatrust.com.cz www.secure.paypal.com www.paypal@account.com www.yahoo@150.44.134.189 www.face- book.com www.bank- of- cibc.com 65
Question: Why create fake websites? 66
SPAM! (Junk emails) 67
Example SPAM 68
How about fake emails! 69
70
Phishing is the act of attempting to steal personal information from unsuspecting victims. 71
Phishing in Plain English 72
Your email address is worth money to the spammers. 73
Don t click or download anything if you think the email or website is suspicious! 74
A malware is a program that is trying to damage your computer or steal personal information. 75
A mass email virus steals your address book and SPAMs all your contacts. 76
A spyware is a hidden program that is trying to steal your secret personal information, e.g., passwords. 77
A keylogger is a spyware that records every keystroke on your computer and then sends them to a remote server. 78
Where do malware come from? from emails or attachments from downloading software on the Internet from USB drives from zombie (infected) computers 79
A trojan is a malware hidden inside a popular program, an image, a video, or an email. 80
A worm is a malware that can replicate itself across the Internet. 81
A computer virus is a malware that carries a mission, e.g., stealing personal information, or taking control of its host. 82
A virus may be controlled by a remote master. 83
A botnet is a massive network of infected computers; they can be controlled remotely to create real damages. 84
Botnet: A Network of zombies 85
Worms, Virus & Botnets 86
Distributed Denial Of Services A botnet can blackmail websites for money. If not paid, they send millions of zombie computers to attack! 87
A ransomware is a new kind of malware that encrypts your data and then asks for money to get your data back. 88
Keep your computer s security up- to- date. Windows: Security Essential OS X Sophos Anti- Virus Tool 89
Encrypt sensitive information if you must transmit it over the Internet. 90
Whenever possible, use https instead of http for secure Internet browsing. 91
What is VPN? VPN (Virtual Private Network) is an Internet technology that allows a remote computer connecting to a local private network. All remote communication behaves as if it is connected to a local network. The remote computer is also assigned a local private IP address. 92
Why uses VPN? Security and privacy: all communication over VPN is encrypted. Your remote computer will have a local private IP address (e.g., A US- based VPN will assign you a US- based IP address.) Not all VPNs are trust- worthy; they can spy on your data traffic. 93
What is a Cookie? Most web servers do not store user information (unless you have an account with them). How do they remember your shopping cart? Or bank account number? Or preference? A cookie is small piece of information that a web server stored inside your browser. 94
Cookie s Privacy Concern A browser cookie is very small; it cannot be used for spreading viruses. Cookies are personal preference information about a user. There are malware which try to track your cookies to learn about your browsing histories, thus use them for marketing. 95
Two- Factor Authentication 96
One- time Passcode Approach 97
How to Enable it? Two Factor Authentication for Apple ID Two Factor Authentication for Google Two Factor Authentication for Microsoft Two Factor Authentication for PayPal 98
How to clean up your computer if it has been infected! 99
How to Clean- Up Safari 100
How to Clean- Up Firefox 101
How to Clean- Up Chrome 102
When All Else Fail! How to reset Google Chrome browser How to reset Firefox browser How to reset Safari browser (just remove all browsing data) How to reset Internet Explorer 103
The End. 104