CS Network Quiz 6

¡Supera tus tareas y exámenes ahora con Quizwiz!

Botnet

A logical computer network of zombies under the control of an attacker.

Electronic mail

Three major components: §user agents §mail servers §simple mail transfer protocol: SMTP

denial-of-service (DoS) attacks

attack renders a network, host, or other piece of infrastructure unusable by legitimate users. Three main kinds: • Vulnerability attack. This involves sending a few well-crafted messages to a vulnerable application or operating system running on a targeted host. If the right sequence of packets is sent to a vulnerable application or operating system, the service can stop or, worse, the host can crash. • Bandwidth flooding. The attacker sends a deluge of packets to the targeted host—so many packets that the target's access link becomes clogged, preventing legitimate packets from reaching the server. • Connection flooding. The attacker establishes a large number of half-open or fully open TCP connections at the target host. The host can become so bogged down with these bogus connections that it stops accepting legitimate connections.

POP3

copies and keeps copies of messages on different clients, stateless across sessions

DASH: Dynamic, Adaptive Streaming over HTTP

server: • divides video file into multiple chunks • each chunk stored, encoded at different rates • manifest file: provides URLs for different chunks client: • periodically measures server-to-client bandwidth • consulting manifest, requests one chunk at a time • chooses maximum coding rate sustainable given current bandwidth • can choose different coding rates at different points in time (depending on available bandwidth at time) "intelligence" at client: client determines • when to request chunk (so that buffer starvation, or overflow does not occur) • what encoding rate to request (higher quality when more bandwidth available) • where to request chunk (can request from URL server that is "close" to client or has high available bandwidth)

bring home:

smaller number (10's) of larger clusters in POPs near (but not within) access networks • used by Limelight

Intercepting DNS queries

sniffing+spoofing As no encryption is applied to DNS messages, any on-path attacker can sniff a query and try to beat the legitimate server by quickly crafting a spoofed answer

CDN

stores copies of content at nodes • e.g. Netflix stores copies of MadMen subscriber requests content • directed to nearby copy, retrieves content • may choose different copy if network path congested

authoritative DNS servers:

• organization's own DNS server(s), providing authoritative hostname to IP mappings for organization' s named hosts • can be maintained by organization or service provider

top-level domain (TLD) servers:

• responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp • Network Solutions maintains servers for .com TLD • Educause for .edu TLD

Malware

Once it infects our device it can do all kinds of devious things, including deleting our files; installing spyware that collects our private information, such as social security numbers, passwords, and keystrokes, and then sends this (over the Inter- net, of course!) back to the bad guys.

Worms

malware that can enter a device without any explicit user interaction.

Viruses

malware that requires some form of user interaction to infect the user's device. The classic example is an e-mail attachment containing malicious executable code. If a user receives and opens such an attachment, the user inadvertently runs the malware on the device.

enter deep:

push CDN servers deep into many access networks • close to users • used by Akamai, 1700 locations

Attacking DNS

DDoS attacks: § bombard root servers with traffic • not successful to date • traffic filtering • local DNS servers cache IPs of TLD servers, allowing root server bypass § bombard TLD servers • potentially more dangerous redirect attacks: § man-in-middle • Intercept queries § DNS poisoning § Send bogus relies to DNS server, which caches

DNS Resource Records

Format: (name, value, type, ttl) type=A § name is hostname § value is IP address type=NS • name is domain (e.g., foo.com) • value is hostname of authoritative name server for this domain type=CNAME § name is alias name for some "canonical" (the real) name § www.ibm.com is really servereast.backup2.ibm.com § value is canonical name type=MX § value is name of mailserver associated with name

packet sniffer

Software or hardware used to collect packets travelling over a network.

SMTP vs HTTP

§ HTTP: pull § SMTP: push § both have ASCII command/response interaction, status codes § HTTP: each object encapsulated in its own response message § SMTP: multiple objects sent in multipart message

DNS: root name servers

§ contacted by local name server that can not resolve name § root name server: • contacts authoritative name server if name mapping not known it gets mapping • returns mapping to local name server

iterated query:

§ contacted server replies with name of server to contact § "I don't know this name, but ask this server "

Domain Name System:

§ distributed database implemented in hierarchy of many name servers § application-layer protocol: hosts, name servers communicate to resolve names (address/name translation)

Local DNS name server

§ does not strictly belong to hierarchy § each ISP (residential ISP, company, university) has one • also called "default name server" § when host makes DNS query, query is sent to its local DNS server • has local cache of recent name-to-address translation pairs (but may be out of date!) • acts as proxy, forwards query into hierarchy

DNS services

§ hostname to IP address translation § host aliasing: canonical, alias names § mail server aliasing § load distribution- replicated Web servers: many IP addresses correspond to one name

IMAP

§ keeps all messages in one place: at server § allows user to organize messages in folders § keeps user state across sessions: names of folders and mappings between message IDs and folder name

Pure P2P architecture

§ no always-on server § arbitrary end systems directly communicate § peers are intermittently connected and change IP addresses

recursive query:

§ puts burden of name resolution on contacted name server § heavy load at upper levels of hierarchy?

DNS protocol, messages

§ query and reply messages, both with same message format message header § identification: 16 bit # for query, reply to query uses same # flags: § query or reply § recursion desired § recursion available § reply is authoritative

why not centralize DNS?

§ single point of failure § traffic volume § distant centralized database § maintenance

Video

§ video: sequence of images displayed at constant rate (e.g., 24 images/sec) § digital image: array of pixels where each pixel represented by bits § coding: use redundancy within and between images to decrease # bits used to encode image • spatial (within image) • temporal (from one image to next) § CBR: (constant bit rate): video encoding rate fixed § VBR: (variable bit rate): video encoding rate changes as amount of spatial, temporal coding changes

User Agent

§a.k.a. "mail reader" §composing, editing, reading mail messages §e.g., Outlook, Thunderbird, iPhone mail client §outgoing, incoming messages stored on server

mail servers:

§mailbox contains incoming messages for user §message queue of outgoing (to be sent) mail messages §SMTP protocol between mail servers to send email messages •client: sending mail server •"server": receiving mail server

SMTP

§uses TCP to reliably transfer email message from client to server, port 25 §direct transfer: sending server to receiving server §three phases of transfer 1)handshaking (greeting) 2)transfer of messages 3)closure §command/response interaction (like HTTP) •commands:ASCII text •response:status code and phrase §messages must be in 7-bit ASCI § SMTP uses persistent connections


Conjuntos de estudio relacionados

MMC Chapter 8 TV, Cable, and Mobile Video

View Set

Microecon Chapter 10: Externalities

View Set

CH 28 Drugs for Coronary Heart Disease (E3)

View Set

Ch 12: Pregnancy at Risk: Gestational Conditions

View Set

The Vice President and Succession Pre-Test

View Set

Anthropology Mid-Term Monica Cox

View Set

Special Senses - Chapter 15 - Workbook - Exercise 24.3 - A. Structure of the Eye and Vision - 2. Structure of the Eyeball

View Set

Health Assessment Review/Quiz Questions Exams 1-4

View Set