UNIT : I

PREPARED BY ARUN PRATAP SINGH

WEB TECHNOLOGY AND COMMERCE (MCSE 201)

PREPARED BY ARUN PRATAP SINGH 1

1

INTRODUCTION TO BUILDING BLOCKS OF ELECTRONIC COMMERCE :

UNIT : I

PREPARED BY ARUN PRATAP SINGH 2

2

PREPARED BY ARUN PRATAP SINGH 3

3

IP ADDRESSING :

PREPARED BY ARUN PRATAP SINGH 4

4

An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g.,

computer, printer) participating in a computer network that uses the Internet Protocol for

communication.[1] An IP address serves two principal functions: host or network

interface identification and location addressing. Its role has been characterized as follows:

"A name indicates what we seek. An address indicates where it is. A route indicates how to get there."

PREPARED BY ARUN PRATAP SINGH 5

5

PREPARED BY ARUN PRATAP SINGH 6

6

PREPARED BY ARUN PRATAP SINGH 7

7

PREPARED BY ARUN PRATAP SINGH 8

8

PREPARED BY ARUN PRATAP SINGH 9

9

ADDRESS RESOLUTION PROTOCOL (ARP) :

ARP converts an Internet Protocol (IP) address to its corresponding physical network address.

ARP is a low-level network protocol, operating at Layer 2 of the OSI model.

The address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP) [RFC826], specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. The protocol operates below the network layer as a part of the interface between the OSI network and OSI link layer. It is used when IPv4 is used over Ethernet.

PREPARED BY ARUN PRATAP SINGH 10

10

The term address resolution refers to the process of finding an address of a computer in a network. The address is "resolved" using a protocol in which a piece of information is sent by a client process executing on the local computer to a server process executing on a remote computer. The information received by the server allows the server to uniquely identify the network system for which the address was required and therefore to provide the required address. The address resolution procedure is completed when the client receives a response from the server containing the required address.

An Ethernet network uses two hardware addresses which identify the source and destination of each frame sent by the Ethernet. The destination address (all 1's) may also identify a broadcast packet (to be sent to all connected computers). The hardware address is also known as the Medium Access Control (MAC) address, in reference to the standards which define Ethernet. Each computer network interface card is allocated a globally unique 6 byte link address when the factory manufactures the card (stored in a PROM). This is the normal link source address used by an interface. A computer sends all packets which it creates with its own hardware source link address, and receives all packets which match the same hardware address in the destination field or one (or more) pre-selected broadcast/multicast addresses.

The Ethernet address is a link layer address and is dependent on the interface card which is used. IP operates at the network layer and is not concerned with the link addresses of individual nodes which are to be used. The address resolution protocol (ARP) is therefore used to translate between the two types of address. The ARP client and server processes operate on all computers using IP over Ethernet. The processes are normally implemented as part of the software driver that drives the network interface card.

There are four types of ARP messages that may be sent by the ARP protocol. These are identified by four values in the "operation" field of an ARP message. The types of message are:

1. ARP request 2. ARP reply 3. RARP request 4. RARP reply

The format of an ARP message is shown below:

PREPARED BY ARUN PRATAP SINGH 11

11

Format of an ARP message used to resolve the remote MAC Hardware Address (HA)

To reduce the number of address resolution requests, a client normally caches resolved addresses for a (short) period of time. The ARP cache is of a finite size, and would become full of incomplete and obsolete entries for computers that are not in use if it was allowed to grow without check. The ARP cache is therefore periodically flushed of all entries. This deletes unused entries and frees space in the cache. It also removes any unsuccessful attempts to contact computers which are not currently running.

If a host changes the MAC address it is using, this can be detected by other hosts when the cache entry is deleted and a fresh ARP message is sent to establish the new association. The use of gratuitous ARP (e.g. triggered when the new NIC interface is enabled with an IP address) provides a more rapid update of this information.

Position of ARP in TCP/IP protocol suite

PREPARED BY ARUN PRATAP SINGH 12

12

ARP operation -

Encapsulation of ARP packet :

PREPARED BY ARUN PRATAP SINGH 13

13

Four cases using ARP :

PREPARED BY ARUN PRATAP SINGH 14

14

PREPARED BY ARUN PRATAP SINGH 15

15

Proxy ARP:

PREPARED BY ARUN PRATAP SINGH 16

16

RARP (REVERSE ADDRESS RESOLUTION PROTOCOL) :

RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local

area network can request to learn its IP address from a gateway server's Address Resolution

Protocol (ARP) table or cache. A network administrator creates a table in a local area network's

gateway router that maps the physical machine (or Media Access Control -MAC address)

addresses to corresponding Internet Protocol addresses. When a new machine is set up, its

RARP client program requests from the RARP server on the router to be sent its IP address.

Assuming that an entry has been set up in the router table, the RARP server will return the IP

address to the machine which can store it for future use.

RARP is available for Ethernet, Fiber Distributed-Data Interface, and token ring LANs.

The Reverse Address Resolution Protocol (RARP) is an obsolete computer networking protocol

used by a client computer to request its Internet Protocol (IPv4) address from a computer network,

when all it has available is its Link Layer or hardware address, such as a MAC address. The client

broadcasts the request, and does not need prior knowledge of the network topology or the identities

of servers capable of fulfilling its request.

RARP is described in Internet Engineering Task Force (IETF) publication RFC 903.[1] It has been

rendered obsolete by the Bootstrap Protocol (BOOTP) and the modern Dynamic Host Configuration

Protocol (DHCP), which both support a much greater feature set than RARP.

RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses

to their respective protocol addresses. Media Access Control (MAC) addresses needed to be

individually configured on the servers by an administrator. RARP was limited to serving only IP

addresses.

Reverse ARP differs from the Inverse Address Resolution Protocol (InARP) described in RFC 2390,

which is designed to obtain the IP address associated with a local Frame Relay data link connection

identifier. InARP is not used in Ethernet.

Position of ARP and RARP in TCP/IP protocol suite

PREPARED BY ARUN PRATAP SINGH 17

17

RARP operation -

PREPARED BY ARUN PRATAP SINGH 18

18

Format of an ARP message

BOOTP (Bootstrap Protocol) :

The Bootstrap Protocol (BOOTP) is a client/server protocol that configures a diskless computer

or a computer that is booted for the first time. BOOTP provides the IP address, net mask, the

address of a default router, and the address of a name server.

The Bootstrap Protocol (BOOTP) is an obsolescent computer networking protocol used in Internet

Protocol networks to automatically assign an IP address to network devices from a configuration

server. The BOOTP protocol was originally defined in RFC 951.

When a computer that is connected to a network is powered up and boots its operating system, the

system software broadcasts BOOTP protocol messages onto the network to request an IP address

assignment. A BOOTP configuration server assigns an IP address based on the request from a pool

of addresses configured by an administrator.

BOOTP is implemented with the User Datagram Protocol (UDP) as transport protocol, and operates

on IPv4 networks only.

Historically, BOOTP has also been used for Unix-like diskless workstations to obtain the network

location of their boot image, in addition to the IP address assignment. Enterprises used it to roll out a

pre-configured client (e.g., Windows) installation to newly installed PCs.

PREPARED BY ARUN PRATAP SINGH 19

19

Originally requiring the use of a boot floppy disk to establish the initial network connection,

manufacturers of network cards later embedded the protocol in the BIOS of the interface cards as well

as system boards with on-board network adapters, thus allowing direct network booting.

Although still available in many networks to support legacy equipment, BOOTP has been effectively

superseded by the Dynamic Host Configuration Protocol (DHCP), which is a more advanced protocol

for the same purpose. DHCP servers also provide the legacy BOOTP functionality.

Client and server on the same network

PREPARED BY ARUN PRATAP SINGH 20

20

Client and server on two different networks

BOOTP packet format

PREPARED BY ARUN PRATAP SINGH 21

21

Use of UDP ports

DHCP (Dynamic Host Configuration Protocol) :

The Dynamic Host Configuration Protocol (DHCP) is a standardized networking protocol used

on Internet Protocol (IP) networks for dynamically distributing network configuration parameters,

such as IP addresses for interfaces and services. With DHCP, computers request IP addresses

and networking parameters automatically from a DHCP server, reducing the need for a network

administrator or a user to configure these settings manually.

The Dynamic Host Configuration Protocol is used by computers for requesting Internet Protocol

parameters, such as an IP address from a network server. The protocol operates based on

the client-server model. DHCP is very common in all modern networks[1] ranging in size from home

networks to large campus networks and regional Internet service provider networks. Most

residential network routers receive a globally unique IP address within the provider network.

Within a local network, DHCP assigns a local IP address to devices connected to the local

network.

PREPARED BY ARUN PRATAP SINGH 22

22

When a computer or other networked device connects to a network, its DHCP client software in

the operating system sends a broadcast query requesting necessary information. Any DHCP

server on the network may service the request. The DHCP server manages a pool of IP addresses

and information about client configuration parameters such as default gateway, domain name,

the name servers, and time servers. On receiving a request, the server may respond with specific

information for each client, as previously configured by an administrator, or with a specific address

and any other information valid for the entire network, and the time period for which the allocation

(lease) is valid. A host typically queries for this information immediately after booting, and

periodically thereafter before the expiration of the information. When an assignment is refreshed

by the client computer, it initially requests the same parameter values, but may be assigned a

new address from the server, based on the assignment policies set by administrators.

On large networks that consist of multiple links, a single DHCP server may service the entire

network when aided by DHCP relay agents located on the interconnecting routers. Such agents

relay messages between DHCP clients and DHCP servers located on different subnets.

Depending on implementation, the DHCP server may have three methods of allocating IP-

addresses:

dynamic allocation: A network administrator reserves a range of IP addresses for DHCP, and

each client computer on the LAN is configured to request an IP address from the

DHCP server during network initialization. The request-and-grant process uses a lease

concept with a controllable time period, allowing the DHCP server to reclaim (and then

reallocate) IP addresses that are not renewed.

automatic allocation: The DHCP server permanently assigns an IP address to a requesting

client from the range defined by the administrator. This is like dynamic allocation, but the

DHCP server keeps a table of past IP address assignments, so that it can preferentially assign

to a client the same IP address that the client previously had.

static allocation: The DHCP server allocates an IP address based on a preconfigured mapping

to each client's MAC address. This feature is variously called static DHCP assignment by DD-

WRT, fixed-address by the dhcpd documentation, address reservation by Netgear, DHCP

reservation or static DHCP by Cisco and Linksys, and IP address reservation or MAC/IP

address binding by various other router manufacturers.

DHCP is used for Internet Protocol version 4 (IPv4), as well as IPv6. While both versions serve

the same purpose, the details of the protocol for IPv4 and IPv6 are sufficiently different that they

may be considered separate protocols.[2] For IPv6 operation, devices may alternatively

use stateless address autoconfiguration. IPv4 hosts may also use link-local addressing to achieve

operation restricted to the local network link.

PREPARED BY ARUN PRATAP SINGH 23

23

DHCP packet

PREPARED BY ARUN PRATAP SINGH 24

24

DHCP transition diagram

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to

automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope)

configured for a given network.

DHCP assigns an IP address when a system is started, for example:

1. A user turns on a computer with a DHCP client.

2. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER),

looking for a DHCP server to answer.

3. The router directs the DISCOVER packet to the correct DHCP server.

4. The server receives the DISCOVER packet. Based on availability and usage policies set on

the server, the server determines an appropriate address (if any) to give to the client. The

server then temporarily reserves that address for the client and sends back to the client an

OFFER (or DHCPOFFER) packet, with that address information. The server also configures

the client's DNS servers, WINS servers, NTP servers, and sometimes other services as well.

5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it

intends to use the address.

PREPARED BY ARUN PRATAP SINGH 25

25

6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given

a lease on the address for a server-specified period of time.

When a computer uses a static IP address, it means that the computer is manually configured to use

a specific IP address. One problem with static assignment, which can result from user error or

inattention to detail, occurs when two computers are configured with the same IP address. This creates

a conflict that results in loss of service. Using DHCP to dynamically assign IP addresses minimizes

these conflicts.

Diagram of a typical DHCP session

INTERNET CONTROL MESSAGE PROTOCOL (ICMP) :

The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol

Suite. It is used by network devices, like routers, to send error messages indicating, for example, that

a requested service is not available or that a host or router could not be reached. ICMP can also be

used to relay query messages.[1] It is assigned protocol number 1.[2] ICMP[3] differs from transport

protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor

is it regularly employed by end-user network applications (with the exception of some diagnostic tools

like ping and trace route).

ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar

protocol, ICMPv6.

PREPARED BY ARUN PRATAP SINGH 26

26

The Internet Control Message Protocol is part of the Internet Protocol Suite, as defined in RFC

792. ICMP messages are typically used for diagnostic or control purposes or generated in

response to errors in IP operations (as specified in RFC 1122). ICMP errors are directed to the

source IP address of the originating packet.

For example, every device (such as an intermediate router) forwarding an IP datagram first

decrements the time to live (TTL) field in the IP header by one. If the resulting TTL is 0, the packet

is discarded and an ICMP Time To Live exceeded in transit message is sent to the datagram's

source address.

Although ICMP messages are contained within standard IP packets, ICMP messages are usually

processed as a special case, distinguished from normal IP processing, rather than processed as

a normal sub-protocol of IP. In many cases, it is necessary to inspect the contents of the ICMP

message and deliver the appropriate error message to the application that generated the original

IP packet, the one that sent the packet that prompted the sending of the ICMP message.

Many commonly used network utilities are based on ICMP messages. The trace route command

is implemented by transmitting IP datagrams with specially set IP TTL header fields, and looking

for ICMP Time to live exceeded in transit (above) and "Destination unreachable" messages

generated in response. The related ping utility is implemented using the ICMP "Echo request"

and "Echo reply" messages.

To give an idea of how ICMP can handle the sending and receiving of ICMP messages, we

present our version of an ICMP package made of two modules: an input module and an output

module.

PREPARED BY ARUN PRATAP SINGH 27

27

General format of ICMP messages

Encapsulation for a complete ICMP packet (not showing the Ethernet preamble)

Position of ICMP in the network layer

ICMP encapsulation

ICMP messages are divided into two broad categories: error-reporting messages and query

messages. The error-reporting messages report problems that a router or a host (destination) may

encounter when it processes an IP packet. The query messages, which occur in pairs, help a host or

a network manager get specific information from a router or another host. Also, hosts can discover

and learn about routers on their network and routers can help a node redirect its messages.

PREPARED BY ARUN PRATAP SINGH 28

28

ICMP always reports error messages to the original source.

Contents of data field for the error message

DOMAIN NAME SYSTEM (DNS) :

The Domain Name System (DNS) is a hierarchical distributed naming system for computers,

services, or any resource connected to the Internet or a private network. It associates various

information with domain names assigned to each of the participating entities. Most prominently, it

translates easily memorized domain names to the numerical IP addresses needed for the purpose

of locating computer services and devices worldwide. The Domain Name System is an essential

component of the functionality of the Internet.

PREPARED BY ARUN PRATAP SINGH 29

29

An often-used analogy to explain the Domain Name System is that it serves as the phone book for

the Internet by translating human-friendly computer hostnames into IP addresses. For example,

the domain name www.example.com translates to the addresses 93.184.216.119 (IPv4) and

2606:2800:220:6d:26bf:1447:1097:aa7 (IPv6). Unlike a phone book, the DNS can be quickly

updated, allowing a service's location on the network to change without affecting the end users,

who continue to use the same host name. Users take advantage of this when they use

meaningful Uniform Resource Locators (URLs), and e-mail addresses without having to know

how the computer actually locates the services.

The Domain Name System distributes the responsibility of assigning domain names and mapping

those names to IP addresses by designating authoritative name servers for each domain.

Authoritative name servers are assigned to be responsible for their supported domains, and may

delegate authority over subdomains to other name servers. This mechanism provides distributed

and fault tolerant service and was designed to avoid the need for a single central database.

PREPARED BY ARUN PRATAP SINGH 30

30

PREPARED BY ARUN PRATAP SINGH 31

31

PREPARED BY ARUN PRATAP SINGH 32

32

TRIVIAL FILE TRANSFER PROTOCOL (TFTP) :

Trivial File Transfer Protocol (TFTP) is a file transfer protocol notable for its simplicity. It is generally

used for automated transfer of configuration or boot files between machines in a local environment.

Compared to FTP, TFTP is extremely limited, providing no authentication, and is rarely used

interactively by a user.

Due to its simple design, TFTP can be implemented using a very small amount of memory. It is

therefore useful for booting computers such as routers which may not have anydata storage devices.

It is an element of the Preboot Execution Environment (PXE) network boot protocol, where it is

implemented in the firmware ROM / NVRAM of the host's network card.

PREPARED BY ARUN PRATAP SINGH 33

33

PREPARED BY ARUN PRATAP SINGH 34

34

PREPARED BY ARUN PRATAP SINGH 35

35

TELNET :

Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional

interactive text-oriented communication facility using a virtual terminal connection. User data is

interspersed in-band with Telnet control information in an 8-bit byte oriented data connection over

the Transmission Control Protocol (TCP).

Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized

as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.

Historically, Telnet provided access to a command-line interface (usually, of an operating system) on

a remote host. Most network equipment and operating systems with a TCP/IP stack support a Telnet

service for remote configuration (including systems based on Windows NT). However, because of

serious security issues when using Telnet over an open network such as the Internet, its use for this

purpose has waned significantly in favor of SSH.

The term telnet may also refer to the software that implements the client part of the protocol. Telnet

client applications are available for virtually all computer platforms. Telnet is also used as a verb. To

telnet means to establish a connection with the Telnet protocol, either with command line client or with

a programmatic interface. For example, a common directive might be: "To change your password,

telnet to the server, log in and run the passwd command." Most often, a user will be telnetting to a Unix-

like server system or a network device (such as a router) and obtaining a login prompt to a command

line text interface or a character-based full-screen manager.

PREPARED BY ARUN PRATAP SINGH 36

36

When Telnet was initially developed in 1969, most users of networked computers were in the

computer departments of academic institutions, or at large private and government research

facilities. In this environment, security was not nearly as much a concern as it became after the

bandwidth explosion of the 1990s. The rise in the number of people with access to the Internet,

and by extension the number of people attempting to hack other people's servers, made

encrypted alternatives necessary.

Experts in computer security, such as SANS Institute, recommend that the use of Telnet for

remote logins should be discontinued under all normal circumstances, for the following reasons:

Telnet, by default, does not encrypt any data sent over the connection (including passwords),

and so it is often practical to eavesdrop on the communications and use the password later

for malicious purposes; anybody who has access to a router, switch, hub or gateway located

on the network between the two hosts where Telnet is being used can intercept the packets

passing by and obtain login, password and whatever else is typed with a packet analyzer.

Most implementations of Telnet have no authentication that would ensure communication is

carried out between the two desired hosts and not intercepted in the middle.

Several vulnerabilities have been discovered over the years in commonly used

Telnet daemons.

These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly[citation

needed], especially on the public Internet, in favor of the Secure Shell (SSH) protocol, first released

PREPARED BY ARUN PRATAP SINGH 37

37

in 1995. SSH provides much of the functionality of telnet, with the addition of strong encryption to

prevent sensitive data such as passwords from being intercepted, and public key authentication,

to ensure that the remote computer is actually who it claims to be. As has happened with other

early Internet protocols, extensions to the Telnet protocol provide Transport Layer Security (TLS)

security and Simple Authentication and Security Layer (SASL) authentication that address the

above issues. However, most Telnet implementations do not support these extensions; and there

has been relatively little interest in implementing these as SSH is adequate for most purposes.

It is of note that there are a large number of industrial and scientific devices which have only

Telnet available as a communication option. Some are built with only a standard RS-232 port and

use a serial server hardware appliance to provide the translation between the TCP/Telnet data

and the RS-232 serial data. In such cases, SSH is not an option unless the interface appliance

can be configured for SSH.