SNMP

SNMP stands for Simple Network

Management Protocol.
SNMP is a framework used for managing
devices on the internet.
It provides a set of operations for
monitoring and managing the internet.
 SNMP Concept

• SNMP has two components Manager and agent.

• The manager is a host that controls and monitors a
set of agents such as routers.
• It is an application layer protocol in which a few
manager stations can handle a set of agents.
• The protocol designed at the application level can
monitor the devices made by different
manufacturers and installed on different physical
networks.
• It is used in a heterogeneous network made of
different LANs and WANs connected by routers or
gateways.
Manager Agent

It a host that manages and controls Agents are routers.

agents.

Host that runs SNMP client programs. Routers that runs SNMP servers.

Managers is used to access the values in Agent is used to keep the information in
database. database.

Manager can compare these variables to A router can store the appropriate variable
determine whether the router is such as a no.of packets received and
congested or not. forwarded.

A server program on the agent checks the

environment. If something goes wrong the
agent sends a warning message.
Management with SNMP has three basic ideas:

• A manager checks the agent by requesting the

information that reflects the behavior of the
agent.
• A manager also forces the agent to perform a
certain function by resetting values in the
agent database.
• An agent also contributes to the management
process by warning the manager regarding an
unusual condition.
 Management Components

• Management is not achieved only through the

SNMP protocol but also the use of other
protocols that can cooperate with the SNMP
protocol.
• Management is achieved through the use of the
other two protocols: SMI (Structure of
management information) and MIB(management
information base).
• Management is a combination of SMI, MIB, and
SNMP. All these three protocols such as abstract
syntax notation 1 (ASN.1) and basic encoding
rules (BER).
 SMI

• The SMI (Structure of management

information) is a component used in network
management. Its main function is to define
the type of data that can be stored in an
object and to show how to encode the data
for the transmission over a network.
 MIB

• The MIB (Management information base) is a

second component for the network
management.
• Each agent has its own MIB, which is a
collection of all the objects that the manager
can manage. MIB is categorized into eight
groups: system, interface, address translation,
ip, icmp, tcp, udp, and egp. These groups are
under the mib object.
 SNMP
• SNMP defines five types of messages:
GetRequest, GetNextRequest, SetRequest,
GetResponse, and Trap.
• GetRequest: The GetRequest message is sent from a
manager (client) to the agent (server) to retrieve the
value of a variable.
• GetNextRequest: The GetNextRequest message is
sent from the manager to agent to retrieve the value
of a variable. This type of message is used to retrieve
the values of the entries in a table. If the manager
does not know the indexes of the entries, then it will
not be able to retrieve the values. In such situations,
GetNextRequest message is used to define an object.
• GetResponse: The GetResponse message is sent from
an agent to the manager in response to the GetRequest
and GetNextRequest message. This message contains
the value of a variable requested by the manager.
• SetRequest: The SetRequest message is sent from a
manager to the agent to set a value in a variable.
• Trap: The Trap message is sent from an agent to the
manager to report an event. For example, if the agent is
rebooted, then it informs the manager as well as sends
the time of rebooting.
e-Mail
• Electronic mail, commonly known as email, is a
method of exchanging messages over the internet.
Here are the basics of email:
• An email address: This is a unique identifier for each
user, typically in the format of name@domain.com.
• An email client: This is a software program used to
send, receive and manage emails, such as Gmail,
Outlook, or Apple Mail.
• An email server: This is a computer system
responsible for storing and forwarding emails to
their intended recipients.
• .
 To send an email:

• Compose a new message in your email client.

• Enter the recipient’s email address in the “To” field.
• Add a subject line to summarize the content of the
message.
• Write the body of the message.
• Attach any relevant files if needed.
• Click “Send” to deliver the message to the recipient’s email
server.
• Emails can also include features such as cc (carbon copy)
and bcc (blind carbon copy) to send copies of the message
to multiple recipients, and reply, reply all, and forward
options to manage the conversation
• Electronic Mail (e-mail) is one of most widely used
services of Internet.
• This service allows an Internet user to send a message in
formatted manner (mail) to the other Internet user in any
part of world.
• Message in mail not only contain text, but it also contains
images, audio and videos data.
• The person who is sending mail is called sender and
person who receives mail is called recipient.
• It is just like postal mail service.
• Components of E-Mail System : The basic components of
an email system are : User Agent (UA), Message Transfer
Agent (MTA), Mail Box, and Spool file.
• These are explained as following below.
• User Agent (UA) : The UA is normally a program which is used to
send and receive mail. Sometimes, it is called as mail reader.
• It accepts variety of commands for composing, receiving and
replying to messages as well as for manipulation of the
mailboxes.
• Message Transfer Agent (MTA) : MTA is actually responsible for
transfer of mail from one system to another.
• To send a mail, a system must have client MTA and system MTA.
• It transfer mail to mailboxes of recipients if they are connected in
the same machine.
• It delivers mail to peer MTA if destination mailbox is in another
machine.
• The delivery from one MTA to another MTA is done by
Simple Mail Transfer Protocol.
• Mailbox : It is a file on local hard drive to
collect mails.
• Delivered mails are present in this file.
• The user can read it delete it according to
his/her requirement.
• To use e-mail system each user must have a
mailbox .
• Access to mailbox is only to owner of mailbox.
• Spool file : This file contains mails that are to be sent. User
agent appends outgoing mails in this file using SMTP.
• MTA extracts pending mail from spool file for their delivery.
E-mail allows one name, an alias, to represent several
different e-mail addresses.
• It is known as mailing list, Whenever user have to sent a
message, system checks recipient’s name against alias
database.
• If mailing list is present for defined alias, separate
messages, one for each entry in the list, must be prepared
and handed to MTA.
• If for defined alias, there is no such mailing list is present,
name itself becomes naming address and a single message
is delivered to mail transfer entity.
TFTP
 TFTP (Trivial File Transfer Protocol)
• TFTP stands for Trivial File Transfer Protocol.
• TFTP is defined as a protocol that is used to transfer a file
from a client to a server and from a server to a client.
• TFTP is majorly used when no complex interactions are
required by the client and server.
• The service of TFTP is provided by UDP (User Datagram
Protocol) and works on port number 69.
• TFTP does not provide security features therefore it is
not used in communications that take place over the
Internet.
• Therefore it is used only for the systems that are set up
on the local internet.
• TFTP requires less amount of memory.
 TFTP Message Formats

• There are four types of TFTP Message formats.

They are as follows
• 1. Read Request
• 2. Write Request
• 3. Data
• 4. Acknowledgement
 1. Read Request:

• Read Request is also known as Type 1.

• A read request is used by the client to get a
copy of a file from the server.
• Below is the format of the Read Request

Read Request (1) File Name 0 Mode 0

(2 Octets) (variable) (1 Octet) (Variable) (1 Octet)
 2. Write Request

• Write Request is also known as Type 2.

• Write Request is being used by the client
for writing a file into the server.
• Below is the format of the Write Request.

Write
File Name 0 Mode 0
Request(2)
(variable) (1 Octet) (Variable) (1 Octet)
(2 Octets)
 3. Data
• Data is also known as Type 3.
• Data consists of a portion of a file
that is being copied.
• The data block is of fixed size that is
512 octets.
• Below is the format of the Data.

Data (3) Sequence Number Data

(2 Octets) (2 Octets) (Upto 512 octets)
 4. Acknowledgement
• Acknowledgment is also known as
Type 4. The data present at the last in
the message consists of the End of
File(EOF) where the size is less than
512 octets.
• This acknowledgment is used by both
client and server for acknowledging
the received data.

Ack(4) Sequence Number

(2 Octets) (2 Octets)
 Working of TFTP
• TFTP makes use of port number 69 as it uses User Datagram Protocol
(UDP).
• When the connection is established successfully between client and
server, the client makes a Read Request (RRQ) or
• Write Request( WRQ). If a client wants to only read the file it requests
RRQ and if the client wants to write some data into a server then it
requests for WRQ.
• Once the connection is established and a request is made communication
of files takes place in the form of small packets. These packets are 512
bytes each.
• The server then communicates the packet back to the client and waits
until it receives an acknowledgment from the client that the packet has
been received.
• When the acknowledgment is received from the client side, the server
again sends the next packet which is 512 bytes each.
• The same steps as mentioned above continue until the last packet is sent
by the server to the client.
Difference between FTP and TFTP
Feature FTP TFTP

Purpose Transfer files between computers Transfer files between computers

Establishes a connection between two Establishes a connection between two

Connection computers, allowing for a more complex computers, but with a more limited set
set of commands and options of commands and options

Uses username and password for

Authentication Does not support authentication
authentication

Security Encrypts data transfer Does not encrypt data transfer

Error handling Can recover from errors during transfer Does not have error recovery

Supports both ASCII and binary transfer

File transfer mode Only supports binary transfer mode
modes

Supports resuming interrupted transfers

Transfer options and setting transfer mode, transfer Does not support any transfer options
type, and other options
 What is a Firewall?

• A firewall can be defined as a special type of network

security device or a software program that monitors
and filters incoming and outgoing network traffic based
on a defined set of security rules.
• It acts as a barrier between internal private networks
and external sources (such as the public Internet).
• The primary purpose of a firewall is to allow non-
threatening traffic and prevent malicious or unwanted
data traffic for protecting the computer from viruses
and attacks.
• A firewall is a cyber security tool that filters network
traffic and helps users block malicious software from
accessing the Internet in infected computers.
 Firewall: Hardware or Software

• This is one of the most problematic questions whether a firewall is a

hardware or software. As stated above, a firewall can be a network security
device or a software program on a computer. This means that the firewall
comes at both levels, i.e., hardware and software, though it's best to have
both.
• Each format (a firewall implemented as hardware or software) has different
functionality but the same purpose. A hardware firewall is a physical device
that attaches between a computer network and a gateway. For example, a
broadband router. On the other hand, a software firewall is a simple program
installed on a computer that works through port numbers and other installed
software.
• Apart from that, there are cloud-based firewalls. They are commonly referred
to as FaaS (firewall as a service). A primary advantage of using cloud-based
firewalls is that they can be managed centrally. Like hardware firewalls,
cloud-based firewalls are best known for providing perimeter security.
 Why Firewall?

• Firewalls are primarily used to prevent malware and network-

based attacks.
• Additionally, they can help in blocking application-layer attacks.
• These firewalls act as a gatekeeper or a barrier.
• They monitor every attempt between our computer and another
network.
• They do not allow data packets to be transferred through them
unless the data is coming or going from a user-specified trusted
source.
• Firewalls are designed in such a way that they can react quickly to
detect and counter-attacks throughout the network.
• They can work with rules configured to protect the network and
perform quick assessments to find any suspicious activity.
• In short, we can point to the firewall as a traffic controller.
Some of the important risks of not having a firewall are:

• Open Access
• If a computer is running without a
firewall, it is giving open access to
other networks. This means that it is
accepting every kind of connection that
comes through someone. In this case,
it is not possible to detect threats or
attacks coming through our network.
Without a firewall, we make our
devices vulnerable to malicious users
and other unwanted sources.
• Lost or Comprised Data
• Without a firewall, we are leaving our
devices accessible to everyone. This
means that anyone can access our
device and have complete control
over it, including the network. In this
case, cybercriminals can easily
delete our data or use our personal
information for their benefit
• Network Crashes
• In the absence of a firewall, anyone could
access our network and shut it down. It
may lead us to invest our valuable time
and money to get our network working
again.
• Therefore, it is essential to use firewalls
and keep our network, computer, and
data safe and secure from unwanted
sources.
 How does a firewall work?
• A firewall system analyzes network traffic based on pre-
defined rules.
• It then filters the traffic and prevents any such traffic
coming from unreliable or suspicious sources.
• It only allows incoming traffic that is configured to accept.
• Typically, firewalls intercept network traffic at a computer's
entry point, known as a port.
• Firewalls perform this task by allowing or blocking specific
data packets (units of communication transferred over a
digital network) based on pre-defined security rules.
• Incoming traffic is allowed only through trusted IP
addresses, or sources.
 Important Features of Bootstrap Protocol :
• Here, we will discuss the features of Bootstrap Protocol as
follows.
• Bootstrap Protocol (BOOTP) is a basic protocol that
automatically provides each participant in a network
connection with a unique IP address for identification and
authentication as soon as it connects to the network.
• This helps the server to speed up data transfers and connection
requests.
• BOOTP uses a unique IP address algorithm to provide each
system on the network with a completely different IP address
in a fraction of a second.
• This shortens the connection time between the server and the
client. It starts the process of downloading and updating the
source code even with very little information.
• BOOTP uses a combination of TFTP (Trivial File Transfer
Protocol) and UDP (User Datagram Protocol) to request
and receive requests from various network-connected
participants and to handle their responses.
• In a BOOTP connection, the server and client just need an
IP address and a gateway address to establish a successful
connection. Typically, in a BOOTP network, the server and
client share the same LAN, and the routers used in the
network must support BOOTP bridging.
• A great example of a network with a TCP / IP configuration
is the Bootstrap Protocol network. Whenever a computer
on the network asks for a specific request to the server,
BOOTP uses its unique IP address to quickly resolve them.