9.3 the internet

the internet

a network of interconnected computer networks which uses an end-to-end communication protocol

mostly wired, with cables that pass under oceans to connect faraway countries

ISP

a company that provides internet access

packet

a container in which data is transmitted over networks

components of a packet

-sender's address

-receiver's address

-contents

-time to live(TTL)

-sequence number

time to live(TTL)

holds the number of hops a packet can go through before being dropped(deleted)

decreases by one every hop and when it reaches 0 it is dropped

sequence number

contains a packet's position in relation to other packets in a message and the total number of packets in the message. allows for reassembly of the message and identification of missing packets

packet switching

where data is split into packets and each packet is sent over the most efficient route. when all packets are received the data is reassembled

router

a network device that connects different networks and sends packets to their recipient via the fastest possible route(the route with the lowest number of hops or the least congested route)

hold constantly updating tables with information relating to the fastest routes to certain devices

hopping

when a packet passes through a router on its route from its source to its destination, a hop occurs

hop can also mean the amount of hops a packet does

gateway

a network device that aids in communication between networks that use different protocols by stripping away packets' details leaving just their contents and giving them new details that conform to the new protocol

URL

uniform resource locator- an address assigned to each file on the internet

URL parts

-protocol

-subdomain and domain

-top-level and second-level domains

-directories and subdirectories

domain names

a string of alphanumeric characters which maps to an IP address and identifies a website

fully qualified domain names(FQDNs)

a domain that specifies an exact resource and can only be interpreted one way

IP addresses

internet protocol(IP) address- an address assigned to every networked device

DNS system

the domain name server(DNS) system
stores a table of domain names and their corresponding IP addresses. if a DNS has no record of the domain a user is trying to access it will pass the request onto another DNS

internet registries

an organisation responsible for the allocation of IP addresses, there are five in operation each serving a different geographical area

they protect the depleting number of unallocated IP addresses by attempting to allocate a now unused previously allocated IP address when a new IP address is requested

firewalls

software or hardware that sits between a device and the internet and controls what packets can pass through

they work as a proxy server which can perform packet filtering and stateful inspection

packet filtering

when packets are accepted or blocked based on their source IP address or their protocol

stateful inspection

when the contents of a packet are examined before it is decided whether to allow them through or block them. some firewalls keep a record of current connections in a network allowing them to filter out packets unrelated to activity on the network

proxy server

a server that sits between a public network and a private network that manages all packets passing between them

packets sent through proxy servers' addresses will be that of the proxy, aiding anonymity

symmetric encryption

the sender and receiver share the same private key which is used to encrypt and decrypt data sent between them

they must participate in a key exchange to ensure they both have a copy of their shared key

keys exchanged over a network are vulnerable to interception which poses a security risk

assymetric encryption

the sender and receiver both have a mathematically related private key and public key. when a message is encrypted with one key only the other key can decrypt it

messages are encrypted using the recipient's public key and sent, and the recipient uses the private key to decrypt it

digital signatures

a signature that can be used to verify a message is untampered with and from the sender it is claimed to be from

creation of a digital signature

-a digest(small number) of the message is created, likely through a hashing or checksum algorithm

-the digest is encrypted with the sender's private key and appended to the message

-the message is encrypted with the recipient's public key

-upon reception the message is decrypted with the recipient's private key and the digest is decrypted with the sender's public key. this verifies the sender's identity as it proves their private key was used

-the recipient then carries out the same algorithm used to create the digest. if the digests match it proves the message has not been tampered with or corrupted during transmission

digital certificate

a file issued by a certificate authority that verifies ownership of a keypair used in assymetric encryption

contains a serial number, the owner's name, an expiry date, the owner's public key and the certificate authority's digital signature

worms

malware that can self-replicate between computers

trojans

malware disguised as legitimate software

viruses

malware that resides in host files. when the host file is opened or run the virus replicates and can spread between computers

preventing malware

-keep software up to date to reduce unpatched security vulnerabilities

-employ security measures

-use antivirus software

-train users to be cautious about malware