Computer networks for dummies
Hello!
After reading such material as “PHP 7 D. Koterov”, or “byte Of Python”, one very interesting question may arise, and no, it will not be related to the language that the book was about, it will usually be taken from the first chapters books that are usually devoted to the “Internet device”, as a rule, such books do not immerse the user very deeply, and leave it at the level of application data, that is, no further than the HTTP protocol, and TCP / IP work. But as we all know, there are very “voracious” minds, who alone
The basic terms and concepts of computer networks, roughly speaking, computer networks, are ordinary “networks” consisting of end machines. The end machines are any computers on the network that want to exchange data.
')
Such networks, as a rule, transmit data via physical transmitters, namely (the most popular / easy-to-understand types will be considered):
Here the question immediately arises, really all computers are simply connected via cable with each other, the answer is: yes and no. As you understand, if you bought a new laptop, you would have to connect to all computers in the world, but you don’t do it, instead of that you either just insert it into your laptop, cable, or connect via WI-FI, this is where our “ and yes and no ”manifests itself, as you see in the manual, you don’t do everything, but when you connect to your internet at home, you buy it from your provider, respectively, you’re connected to the provider that’s already connected to the whole internet . But, it still does not cancel the question, is the provider that is also connected to all PCs in the world? No, everything is different, let's start with the fact that there are many providers, there are providers who buy Internet from a regional provider (this is a provider that works in the region, say Krasnodar), such providers are called local (for example, they broadcast the Internet to some village or small city), regional providers, in turn, take the Internet from providers of the country, and those in turn, from providers of the continent, it turns out something like this:
But, as you understand, this is not all, we can’t be directly connected via cable to providers, and those to a higher level with providers, and so on. No, this is not so, in fact, between end systems, providers, and other nodes, there are special switches and kilometers of cables, about switches - namely, routers, routers, these are special units, computers that have several I / Os ( maybe so and so, such inputs / outputs are called interfaces), and have a table onboard that describes 1 address in the network of the next router or the very end system, for sending data to the end system for which the request is made, 2 kilometers (this is not an exact definition, there are considered special units), 3 is a mask for the network (this is not all, but routers will not be disclosed in detail in this article).
Now the network looks like this.
Computers highlighted in color, want to communicate with each other, on the way they have several routers, and other computers. The question arises, how does the router know where exactly the final system is, is there a router at all at the address, and which way is longer, and also to which router, then send the data. When asked where the end system is, and to which router the data will be sent next, the addressing on the network, namely the IP addresses, answers: 192.168.0.1, the router accepting the data that came from the computer or from another router looks at all 4 address blocks (blocks separated by dots), let's say the original path is 176.123.82.129, the data comes to the router 176.123.82.130, two routers are connected to it, 176.123.82.120, 176.123.82.125, and one computer 176.123.82.129, this router will look at its table addresses and send the data to where they are “faster will reach "the final system, that is, he himself will send there data using IP in the data, and his table. The length of the path is calculated using the table with the "mileage" (not exactly, because it has its own unit of calculation). With routers everything, in fact, they still have a lot of inaccuracies and functions, but I will not reveal them in detail here, for it will take quite a lot of time.
What do we get in the end? We have networks, from end systems, providers, they are interconnected by cables, but through adapters “routers” that perform the role of the main data routers.
Not much refinement, “data” is a data packet containing bits of information, the order of processing such a “packet” on the router, something like this - a packet comes, usually a packet, it is only a part of all the data that the final system transmitted, so the router does the processing , pulls out the headers of the network layer of the network (more on that later) back packs the packet, sends it off on the principle described above. I will clarify, routers, there are those who are waiting for all the data with the final system to arrive, and who immediately send the data immediately, without waiting for the others, but when the rest arrive, it sends them to the same place where they sent the first ones (all these calculations are done by the router itself) , due to the headers in each individual packet), and the final system to which the packets came should be engaged in further processing and gluing the packets, and if the packet was lost or an error occurred, the router must terminate the connections and repeat rit attempt.
As you understand, in order for everything described above to work correctly, there must be a certain standard, this de facto standard is the TCP / IP + protocol stack of the OSI level.
First, a few terms.
What is a protocol? The protocol is a kind of communication rules between the two systems, the most pickling and popular example is the interaction of two people, let's say you fit into a person, what do you usually tell him? “Hello”, the person will process it, and answer “Hello”, after that, as the communication agreement passed, you ask “how much time”, the person will process it and answer for example “14:00”, after this communication will end with the words “ thank you and goodbye. This is the type of communication, and there is a protocol, namely from the example above, we almost had a browser, and hosting that work through HTTP TCP.
What is a port? How do I communicate computers through networks? Computers communicate, through special applications, and so, these applications work, through special interfaces “sockets”, in order to correctly process an HTTP request to a web server, for example, it is necessary for a web server to trigger an HTTP process located on port 80, it will work on such a port hosting, so that the web server handles TCP, you need to access the process with port 443. That is, the port is the process identifier on the target system so that the socket can access it.
What is a socket? One of the most frequent questions of newbies, a socket, is just an interface between the network’s application layer protocol and the computer process, roughly speaking, there are two houses facing each other, Ivan lives in the left house, Sergey wants to give the letter to Sergey in the right, then Ivan comes out of his house, through the door (the process on the computer sends the packet, through the socket, the socket in this case is the door), cross the road, the sidewalk (computer network, routers), knock on the door, shake hands with Sergey, and come through the door to his house (makes a request knocking ", agrees about the" shakes hands ", and the package comes through the" door "socket).
What is the process? Everything is simple, this is a “program” that works in the background, all the time, let's say it's an HTTP handler.
What is the agreement mentioned earlier? This is not a mandatory procedure, the agreement of the two processes, communication on such a port, such an IP, an example, a browser and a web server, begin to communicate only after a three-way handshake agreement, this is when you enter the website address, browser in the address bar of the browser first sends a request to the server with the question “we will work”, the server can answer “yes” or “no”, if so, the browser sends another request, and the connection is started, if not, the browser writes some error about denying access . I note that not all computer networks, and protocols necessarily some kind of "agreement".
Let's go back to the five-level network model, and so, the five network levels are special network levels that make it easier to calculate at what level the error was detected, it allows the application to work more easily with data from the network, and allows developers to add their own protocol , do not study higher mathematics.
I will give an example used in the book “Computer Networks. Visually ", with some modifications. Imagine the airport, the airport is essentially a network model, only in other realities, how does the airport work? A person (will act as a package), comes into the building, and comes to the checkout, to buy a ticket, he buys a ticket, and goes to check in baggage, reaching the check in baggage, check in baggage, then he goes to board the plane, after which the plane takes off on the runway, and then it flies (the package “flies” over the network), after which the plane lands, and everything described earlier happens, only in reverse order, namely, the plane lands on the runway, the person leaves the plane, the person picks up the luggage and can file a sting at will I have a ticket. Now imagine, if instead of each individual service, there was only one, which would deal with boarding the plane, selling tickets, and so on. Here, just the queues first come to mind, there would be huge queues. All the same thing happens with the network model.
Example, we have a chat, one application on our PC, and another on our friend's PC, we send messages, and the following happens, namely, the package is assembled by the client (our) final machine process, and is sent via a socket to the model level called “Transport”, which in turn through the TCP protocol makes up a packet (data length, data ...), and sends the packet even lower to the layer, to the network layer, which adds data to the packet about the recipient of the packet (all data , besides the originally transmitted, called the title Vkami, then we will call them so) (this data generates the process itself), then the process sends a packet to the data link layer, this layer is responsible for finding and correcting errors in the network, as well as routing in the local network, for example WI -FI, the data link layer, in turn, sends to the physical layer, the physical layer, encrypts all data, and sends it via the interface (port to PC, or via WI-Fi) to where it provided the network layer, then on the recipient's end machine, data is being processed, namely, the physical layer on the recipient, decrypts the data, and transmits them to the channel, he also decrypts them (removes his headers, taking all the necessary data), and sends the data to the network layer, he processes, if the address is correctly taken, whether everything works, takes its headers, and gives the data to the transport level, which in turn finally decrypts everything, and gives the data to our “chat”.
I’ll clarify that if our process suddenly wants to take only data from the network layer, then it will not be able to skip the first two layers, that is, it will have to decrypt the physical layer first, send data to the channel, and only after that go to the network level, jump over not possible. It is important! It will be needed for further homework (the answer will be described at the end).
Here's what the network levels look like.
To clarify, beginners may wonder what the arrows between the levels of the network mean? In fact, these arrows do not, in fact, the right pillar of the levels, works with the package simply on the protocol on which it was sent in the left column, it does not deal with the level that sent this package, it only works with the package , on the protocol on which the level of the left column worked.
And now think about the advantages, for example, the main plus is that if we admit an error on the data link layer, it will not be difficult for us to find out just by passing a special return request over the network. Another plus, if we want to build on our protocol, we don’t have to change all levels of the network, we’ll just make a protocol that works correctly with the current network level. Next will be discussed in more detail each level.
But first, the question is - routers, do they work with network layers? What exactly? What reach? What are reading? (Answer at the end).
The application layer is not a required level in the use of the network, it is mainly responsible for formatting data that comes to the transport level, on the final receiver system, let's say an example is a web server and a web browser, they directly work with HTML markup, when developing the web , we decided that it was not very good to transmit directly to the layout through the transport layer, and the HTTP application level protocol was created, this protocol was specifically created for the transfer of HTML documents. But as I mentioned earlier, the application layer is not at all mandatory; almost all chat programs, even before the popularity of online chat, exchanged data through the transport layer, without using the application layer.
The transport layer , this network layer, is responsible for transporting data over the network, that is, it receives the data itself, its length, and some other headers, and sends it all to the network layer, this level should be sent as a reference when the system fails, and one of the most popular protocols of this level, is TCP, followed by UPD.
The network layer , this layer is responsible for the addressing of the packet, at this level the IP address, the mask for the network is saved, there are still some headers, but we will not consider them. It is responsible for routing the packet over the network.
The link layer , this layer is responsible for routing a packet on the local network, for example, to determine which computer to send a packet on the WI-FI network, and this layer is also responsible for detecting and correcting errors during packet transmission.
The physical layer , this layer directly works with PC interfaces, and deals with data encryption, in different types of frequencies, we will not consider it in detail.
There are many types of networks, ranging from applied ones to low-level ones. I will consider here the two most popular types of networks, these are “P2P” and “client server”. But for starters the terms.
What is a customer? This client is like the rules of the end machine (or the process of the end machine) that requests data from the server.
What is a server? A server, as a rule, a terminal machine (or a process of a terminal machine), which, upon request, gives the requested data, or any other response, is generally called a server that processes requests that arrive at it, and responds to them.
P2P (“peer-to-peer” decryption) is a type of network when in, on a computer network, all end machines can be servers and clients, an example is a Skype group, when you call someone, you become a client ( your skype), which requests a video exchange from the server (from skype to whom you are calling), now you have disconnected from the call, and the one with whom you just spoke called you sharply, now you are not a client, and the server (your skype now does not requests, and responds to them), and the Skype of the caller is not the server but the client (does not respond to the requests, but sends them). This is how P2P works, when all machines are potentially both clients and servers. Again, an example of such a network is Skype.
A client is a server , it is a type of network, when we strictly have clients and server / server strictly. That is, you can always only send requests, and the server respond to them, so the chat can work, your client (process) sends requests, whether there are any new messages in the database, if there is, the server will return them, if not, another will return reply, when you send messages, it flies to the server with a request like “save new messages to the database”. That is, we have a group of clients, and the server, if two clients want to communicate, everything will pass through the server, and clients will only make requests to the server, asking them to “return all new messages”, and the server will only respond. An example of such a network is the most applied network at the moment, this is the web. All your actions in the browser, such as entering the address in the address bar, make a request to the server, and the server only responds. Your browser cannot become a server, and the server cannot become a browser. (Browser client process, server process server).
Security in computer networks, it is now one of the most popular topics, information security, and a short article is not enough to explain even the most basic aspects. Here I will only talk about a couple of the most popular vulnerabilities, and attacks on computer networks.
Interception of packets , as mentioned earlier, the end machines exchange data through packets passing through the network. As you understand in the realities of our world, there are a lot of virtual structures that are related to finance, for example, it can be banks, and just paying a book in an online store is not important. All your data, in any case, will be transferred to another final machine (server), and processed, and so, the essence of this vulnerability is that the data that is transmitted to the server, namely packets, can be intercepted.
Accordingly, passwords or credit card numbers may be stolen. It can be that the packages of a web browser, that packages of any P2P network. This vulnerability can be resolved by making binding agreements between clients and servers earlier.
DDoS attack is an attack that is currently one of the most popular in computer networks. It works like this, for more endpoint systems, by advertising, spam, and other advertising methods, malware is installed (process) that is not visible, and it usually works without any user actions, in the background, at a certain hour “H”, all computers infected with this process, begin to send a huge number of requests to a specific server, in order to remove this server, or router on its way to the server, down. In the request, as a rule, not a lot of weight flies (for the extensiveness of the attack), while the most complex information is processed by the server.
Attacks of this type disable the server, thus, that the server has lost the ability to respond to more and more new requests, thus the server drops, and it’s not able to work, as well, there are very frequent cases that the router on the way to the server, because they have clogged up the buffer, and lost the opportunity to further send packets. Such attacks are usually very quickly corrected, but when such attacks occur on some Internet exchanges, or banks, that users, that the structures themselves, suffer losses.
You can protect yourself from such an attack by analyzing the number of requests per second from the same IP. The minimum dangerous attack size at the moment is 100 thousand requests per second. There is also a parent of DDoS attacks, namely DoS, but at the moment this attack is not so terrible, because the power of even the most sophisticated servers allows you to handle such a small load.
In conclusion, I want to say some details about this article.
Thank you all very much for reading!
UPD: The article is intended for those who know nothing about networks and know, but wants to start at least not from complex books, but from a general overview.
After reading such material as “PHP 7 D. Koterov”, or “byte Of Python”, one very interesting question may arise, and no, it will not be related to the language that the book was about, it will usually be taken from the first chapters books that are usually devoted to the “Internet device”, as a rule, such books do not immerse the user very deeply, and leave it at the level of application data, that is, no further than the HTTP protocol, and TCP / IP work. But as we all know, there are very “voracious” minds, who alone
Each protocol ideally “knows nothing” about which protocol “stands above it”committed is not enough. Options to take a lot of his "voracity", and today I will talk about all the main points of computer networks, briefly.
First what we come back to
The basic terms and concepts of computer networks, roughly speaking, computer networks, are ordinary “networks” consisting of end machines. The end machines are any computers on the network that want to exchange data.
')
Such networks, as a rule, transmit data via physical transmitters, namely (the most popular / easy-to-understand types will be considered):
- Optical fiber: the highest data transfer rate, due to data transmission using light signals.
- Twisted pair: lower speed (depending on type), data transfer is carried out using electric signals, via eight copper cables.
Here the question immediately arises, really all computers are simply connected via cable with each other, the answer is: yes and no. As you understand, if you bought a new laptop, you would have to connect to all computers in the world, but you don’t do it, instead of that you either just insert it into your laptop, cable, or connect via WI-FI, this is where our “ and yes and no ”manifests itself, as you see in the manual, you don’t do everything, but when you connect to your internet at home, you buy it from your provider, respectively, you’re connected to the provider that’s already connected to the whole internet . But, it still does not cancel the question, is the provider that is also connected to all PCs in the world? No, everything is different, let's start with the fact that there are many providers, there are providers who buy Internet from a regional provider (this is a provider that works in the region, say Krasnodar), such providers are called local (for example, they broadcast the Internet to some village or small city), regional providers, in turn, take the Internet from providers of the country, and those in turn, from providers of the continent, it turns out something like this:
But, as you understand, this is not all, we can’t be directly connected via cable to providers, and those to a higher level with providers, and so on. No, this is not so, in fact, between end systems, providers, and other nodes, there are special switches and kilometers of cables, about switches - namely, routers, routers, these are special units, computers that have several I / Os ( maybe so and so, such inputs / outputs are called interfaces), and have a table onboard that describes 1 address in the network of the next router or the very end system, for sending data to the end system for which the request is made, 2 kilometers (this is not an exact definition, there are considered special units), 3 is a mask for the network (this is not all, but routers will not be disclosed in detail in this article).
Now the network looks like this.
Computers highlighted in color, want to communicate with each other, on the way they have several routers, and other computers. The question arises, how does the router know where exactly the final system is, is there a router at all at the address, and which way is longer, and also to which router, then send the data. When asked where the end system is, and to which router the data will be sent next, the addressing on the network, namely the IP addresses, answers: 192.168.0.1, the router accepting the data that came from the computer or from another router looks at all 4 address blocks (blocks separated by dots), let's say the original path is 176.123.82.129, the data comes to the router 176.123.82.130, two routers are connected to it, 176.123.82.120, 176.123.82.125, and one computer 176.123.82.129, this router will look at its table addresses and send the data to where they are “faster will reach "the final system, that is, he himself will send there data using IP in the data, and his table. The length of the path is calculated using the table with the "mileage" (not exactly, because it has its own unit of calculation). With routers everything, in fact, they still have a lot of inaccuracies and functions, but I will not reveal them in detail here, for it will take quite a lot of time.
What do we get in the end? We have networks, from end systems, providers, they are interconnected by cables, but through adapters “routers” that perform the role of the main data routers.
Not much refinement, “data” is a data packet containing bits of information, the order of processing such a “packet” on the router, something like this - a packet comes, usually a packet, it is only a part of all the data that the final system transmitted, so the router does the processing , pulls out the headers of the network layer of the network (more on that later) back packs the packet, sends it off on the principle described above. I will clarify, routers, there are those who are waiting for all the data with the final system to arrive, and who immediately send the data immediately, without waiting for the others, but when the rest arrive, it sends them to the same place where they sent the first ones (all these calculations are done by the router itself) , due to the headers in each individual packet), and the final system to which the packets came should be engaged in further processing and gluing the packets, and if the packet was lost or an error occurred, the router must terminate the connections and repeat rit attempt.
Five-level TCP / IP network model
As you understand, in order for everything described above to work correctly, there must be a certain standard, this de facto standard is the TCP / IP + protocol stack of the OSI level.
First, a few terms.
What is a protocol? The protocol is a kind of communication rules between the two systems, the most pickling and popular example is the interaction of two people, let's say you fit into a person, what do you usually tell him? “Hello”, the person will process it, and answer “Hello”, after that, as the communication agreement passed, you ask “how much time”, the person will process it and answer for example “14:00”, after this communication will end with the words “ thank you and goodbye. This is the type of communication, and there is a protocol, namely from the example above, we almost had a browser, and hosting that work through HTTP TCP.
What is a port? How do I communicate computers through networks? Computers communicate, through special applications, and so, these applications work, through special interfaces “sockets”, in order to correctly process an HTTP request to a web server, for example, it is necessary for a web server to trigger an HTTP process located on port 80, it will work on such a port hosting, so that the web server handles TCP, you need to access the process with port 443. That is, the port is the process identifier on the target system so that the socket can access it.
What is a socket? One of the most frequent questions of newbies, a socket, is just an interface between the network’s application layer protocol and the computer process, roughly speaking, there are two houses facing each other, Ivan lives in the left house, Sergey wants to give the letter to Sergey in the right, then Ivan comes out of his house, through the door (the process on the computer sends the packet, through the socket, the socket in this case is the door), cross the road, the sidewalk (computer network, routers), knock on the door, shake hands with Sergey, and come through the door to his house (makes a request knocking ", agrees about the" shakes hands ", and the package comes through the" door "socket).
What is the process? Everything is simple, this is a “program” that works in the background, all the time, let's say it's an HTTP handler.
What is the agreement mentioned earlier? This is not a mandatory procedure, the agreement of the two processes, communication on such a port, such an IP, an example, a browser and a web server, begin to communicate only after a three-way handshake agreement, this is when you enter the website address, browser in the address bar of the browser first sends a request to the server with the question “we will work”, the server can answer “yes” or “no”, if so, the browser sends another request, and the connection is started, if not, the browser writes some error about denying access . I note that not all computer networks, and protocols necessarily some kind of "agreement".
Let's go back to the five-level network model, and so, the five network levels are special network levels that make it easier to calculate at what level the error was detected, it allows the application to work more easily with data from the network, and allows developers to add their own protocol , do not study higher mathematics.
I will give an example used in the book “Computer Networks. Visually ", with some modifications. Imagine the airport, the airport is essentially a network model, only in other realities, how does the airport work? A person (will act as a package), comes into the building, and comes to the checkout, to buy a ticket, he buys a ticket, and goes to check in baggage, reaching the check in baggage, check in baggage, then he goes to board the plane, after which the plane takes off on the runway, and then it flies (the package “flies” over the network), after which the plane lands, and everything described earlier happens, only in reverse order, namely, the plane lands on the runway, the person leaves the plane, the person picks up the luggage and can file a sting at will I have a ticket. Now imagine, if instead of each individual service, there was only one, which would deal with boarding the plane, selling tickets, and so on. Here, just the queues first come to mind, there would be huge queues. All the same thing happens with the network model.
Example, we have a chat, one application on our PC, and another on our friend's PC, we send messages, and the following happens, namely, the package is assembled by the client (our) final machine process, and is sent via a socket to the model level called “Transport”, which in turn through the TCP protocol makes up a packet (data length, data ...), and sends the packet even lower to the layer, to the network layer, which adds data to the packet about the recipient of the packet (all data , besides the originally transmitted, called the title Vkami, then we will call them so) (this data generates the process itself), then the process sends a packet to the data link layer, this layer is responsible for finding and correcting errors in the network, as well as routing in the local network, for example WI -FI, the data link layer, in turn, sends to the physical layer, the physical layer, encrypts all data, and sends it via the interface (port to PC, or via WI-Fi) to where it provided the network layer, then on the recipient's end machine, data is being processed, namely, the physical layer on the recipient, decrypts the data, and transmits them to the channel, he also decrypts them (removes his headers, taking all the necessary data), and sends the data to the network layer, he processes, if the address is correctly taken, whether everything works, takes its headers, and gives the data to the transport level, which in turn finally decrypts everything, and gives the data to our “chat”.
I’ll clarify that if our process suddenly wants to take only data from the network layer, then it will not be able to skip the first two layers, that is, it will have to decrypt the physical layer first, send data to the channel, and only after that go to the network level, jump over not possible. It is important! It will be needed for further homework (the answer will be described at the end).
Here's what the network levels look like.
To clarify, beginners may wonder what the arrows between the levels of the network mean? In fact, these arrows do not, in fact, the right pillar of the levels, works with the package simply on the protocol on which it was sent in the left column, it does not deal with the level that sent this package, it only works with the package , on the protocol on which the level of the left column worked.
And now think about the advantages, for example, the main plus is that if we admit an error on the data link layer, it will not be difficult for us to find out just by passing a special return request over the network. Another plus, if we want to build on our protocol, we don’t have to change all levels of the network, we’ll just make a protocol that works correctly with the current network level. Next will be discussed in more detail each level.
But first, the question is - routers, do they work with network layers? What exactly? What reach? What are reading? (Answer at the end).
The application layer is not a required level in the use of the network, it is mainly responsible for formatting data that comes to the transport level, on the final receiver system, let's say an example is a web server and a web browser, they directly work with HTML markup, when developing the web , we decided that it was not very good to transmit directly to the layout through the transport layer, and the HTTP application level protocol was created, this protocol was specifically created for the transfer of HTML documents. But as I mentioned earlier, the application layer is not at all mandatory; almost all chat programs, even before the popularity of online chat, exchanged data through the transport layer, without using the application layer.
The transport layer , this network layer, is responsible for transporting data over the network, that is, it receives the data itself, its length, and some other headers, and sends it all to the network layer, this level should be sent as a reference when the system fails, and one of the most popular protocols of this level, is TCP, followed by UPD.
The network layer , this layer is responsible for the addressing of the packet, at this level the IP address, the mask for the network is saved, there are still some headers, but we will not consider them. It is responsible for routing the packet over the network.
The link layer , this layer is responsible for routing a packet on the local network, for example, to determine which computer to send a packet on the WI-FI network, and this layer is also responsible for detecting and correcting errors during packet transmission.
The physical layer , this layer directly works with PC interfaces, and deals with data encryption, in different types of frequencies, we will not consider it in detail.
What types of networks are there?
There are many types of networks, ranging from applied ones to low-level ones. I will consider here the two most popular types of networks, these are “P2P” and “client server”. But for starters the terms.
What is a customer? This client is like the rules of the end machine (or the process of the end machine) that requests data from the server.
What is a server? A server, as a rule, a terminal machine (or a process of a terminal machine), which, upon request, gives the requested data, or any other response, is generally called a server that processes requests that arrive at it, and responds to them.
P2P (“peer-to-peer” decryption) is a type of network when in, on a computer network, all end machines can be servers and clients, an example is a Skype group, when you call someone, you become a client ( your skype), which requests a video exchange from the server (from skype to whom you are calling), now you have disconnected from the call, and the one with whom you just spoke called you sharply, now you are not a client, and the server (your skype now does not requests, and responds to them), and the Skype of the caller is not the server but the client (does not respond to the requests, but sends them). This is how P2P works, when all machines are potentially both clients and servers. Again, an example of such a network is Skype.
A client is a server , it is a type of network, when we strictly have clients and server / server strictly. That is, you can always only send requests, and the server respond to them, so the chat can work, your client (process) sends requests, whether there are any new messages in the database, if there is, the server will return them, if not, another will return reply, when you send messages, it flies to the server with a request like “save new messages to the database”. That is, we have a group of clients, and the server, if two clients want to communicate, everything will pass through the server, and clients will only make requests to the server, asking them to “return all new messages”, and the server will only respond. An example of such a network is the most applied network at the moment, this is the web. All your actions in the browser, such as entering the address in the address bar, make a request to the server, and the server only responds. Your browser cannot become a server, and the server cannot become a browser. (Browser client process, server process server).
And just a little bit, about security in the networks.
Security in computer networks, it is now one of the most popular topics, information security, and a short article is not enough to explain even the most basic aspects. Here I will only talk about a couple of the most popular vulnerabilities, and attacks on computer networks.
Interception of packets , as mentioned earlier, the end machines exchange data through packets passing through the network. As you understand in the realities of our world, there are a lot of virtual structures that are related to finance, for example, it can be banks, and just paying a book in an online store is not important. All your data, in any case, will be transferred to another final machine (server), and processed, and so, the essence of this vulnerability is that the data that is transmitted to the server, namely packets, can be intercepted.
Accordingly, passwords or credit card numbers may be stolen. It can be that the packages of a web browser, that packages of any P2P network. This vulnerability can be resolved by making binding agreements between clients and servers earlier.
What is the agreement mentioned earlier? This is not a mandatory procedure, the agreement of the two processes, communication on such a port, such an IP, an example, a browser and a web server, begin to communicate only after a three-way handshake agreement, this is when you enter the website address, browser in the address bar of the browser started sending a request to the server with the question “we will work”, the server can answer “yes” or “no”, if so, the browser sends another request, and the connection is started, if not, the browser writes some error about denying access . I note that not all computer networks, and protocols necessarily some kind of "agreement".And in this binding agreement to negotiate work on a protocol that encrypts data, for example, this is HTTPS, and its handler's process is on port 443 (this is also a port for TCP). That is to agree to communicate on port 443, this is a TCP with an operating time that works with HTTPS. What is HTTPS? This is the protocol, namely HTTP, which is encrypted with the special utility “SSL, TSL”, and the main thing is that such a packet is encrypted both on the client and on the server, respectively, intercepting such a packet, the attacker will not be able to decrypt anything, and detect passwords and other ...
DDoS attack is an attack that is currently one of the most popular in computer networks. It works like this, for more endpoint systems, by advertising, spam, and other advertising methods, malware is installed (process) that is not visible, and it usually works without any user actions, in the background, at a certain hour “H”, all computers infected with this process, begin to send a huge number of requests to a specific server, in order to remove this server, or router on its way to the server, down. In the request, as a rule, not a lot of weight flies (for the extensiveness of the attack), while the most complex information is processed by the server.
Attacks of this type disable the server, thus, that the server has lost the ability to respond to more and more new requests, thus the server drops, and it’s not able to work, as well, there are very frequent cases that the router on the way to the server, because they have clogged up the buffer, and lost the opportunity to further send packets. Such attacks are usually very quickly corrected, but when such attacks occur on some Internet exchanges, or banks, that users, that the structures themselves, suffer losses.
You can protect yourself from such an attack by analyzing the number of requests per second from the same IP. The minimum dangerous attack size at the moment is 100 thousand requests per second. There is also a parent of DDoS attacks, namely DoS, but at the moment this attack is not so terrible, because the power of even the most sophisticated servers allows you to handle such a small load.
Conclusions
In conclusion, I want to say some details about this article.
- In no case do not use this article as a textbook on computer networks, because this is just a “snack” for the consciousness of a beginner in web programming, before a special study of computer networks, nothing more.
- This article shows only the basics of the basics, all moments bordering on the basics were missed, and not all network layer protocols were shown.
- This article does not cover some things you can take as a basis, such as router buffering, data transfer delays, data units at different levels, or detailed router operation, and so on and so forth ... They were missed, for complex, and can confuse the novice.
Thank you all very much for reading!
UPD: The article is intended for those who know nothing about networks and know, but wants to start at least not from complex books, but from a general overview.
Source: https://habr.com/ru/post/335816/
All Articles