Computer networking ch 1-3.4

Ace your homework & exams now with Quizwiz!

explain Cache poisoning.

-A compromised DNS server may put incorrect DNS records in the reply, which will be cached at remote server. -An attacker may craft a DNS query carrying forged DNS records to a remote DNS server. then the next time someone makes a querie the bogus record gets replied

how does sending chunks tit for tat work in bittorrenting?

-Alice sends chunks to those four peers currently sending her chunks at highest rate •other peers are choked by Alice (do not receive chunks from her) •re-evaluate top 4 every10 secs -every 30 secs: randomly select another peer, starts sending chunks •"optimistically unchoke" this peer •newly chosen peer may join top 4

HTTP/1.0:

-GET -POST -HEAD •asks server to leave requested object out of response

HTTP/1.1:

-GET, POST, HEAD -PUT •uploads file in entity body to path specified in URL field -DELETE •deletes file specified in the URL field

what if you need reliable transfer over udp?

-add reliability at application layer -application-specific error recovery!

major functions of Presentation layer in the ISO/OSI reference model

-allow applications to interpret meaning of data, e.g., encryption, compression, machine-specific conventions. -presents data to the application and helps it know how to interpret it.

how does requesting chunks work in bittorrenting?

-at any given time, different peers have different subsets of file chunks -periodically, Alice asks each peer for list of chunks that they have -Alice requests missing chunks from peers, rarest first

what do websites use cookies for (4 things)?

-authorization -shopping carts -recommendations -user session state (Web e-mail)

4 steps that HTTP uses TCP for

-client initiates TCP connection (creates socket) to server, port 80 -server accepts TCP connection from client -HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server) -TCP connection closed

draw a distributed hierarchical database and explain what would happen if a client wants an IP for www.amazon .com

-client queries root server to find com DNS server -client queries .com DNS server to get amazon.com DNS server -client queries amazon.com DNS server to get IP address for www.amazon.com (the first one is the root server the next one is the top level servers and the bottom are different servers for different ISPs) for each zone there is an authority server and that server gets to choose what IP address maps to what server in that zone.

what would hapen in an iterated query if host at cis.poly.edu wants IP address for gaia.cs.umass.edu

-contacted server replies with name of server to contact -"I don't know this name, but ask this server" the local server would start by contacting the root then the tdl and then the authoritative servers

for services DNS provides

-hostname to IP address translation -host aliasing (a host can have many names) •canonical(the proper name), alias names(other names) -mail server aliasing -load distribution •replicated Web servers many IP addresses correspond to one name so it has to choose which one

what do clients do?

-initiate communication with server -may be intermittently connected -may have dynamic IP addresses -do not communicate directly with each other

3 characteristics of pure peer to peer architecture

-no always-on server -arbitrary end systems directly communicate -peers are intermittently connected and change IP addresses

4 characteristics of a P2P architecture

-no always-on server -arbitrary end systems directly communicate(there is no server they communicate directly) -peers request service from other peers, provide service in return to other peers •self scalability - new peers bring new service capacity, as well as new service demands -peers are intermittently connected and change IP addresses •complex management

four reasons why you use UDP

-no connection establishment (which can add delay) -simple: no connection state at sender, receiver -small header size -no congestion control: UDP can blast away as fast as desired

how to calculate HTTP response time

-one RTT to initiate TCP connection -one RTT for HTTP request and first few bytes of HTTP response to return -file transmission time -non-persistent HTTP response time = 2RTT+ file transmission time

what does SSL provide?

-provides encrypted TCP connection -data integrity end-point authentication

define Go-back-N:

-receiver only sends cumulative ack which acks the previous N packets. this means you cant ack if there is a gap. the receiver will ack the last packet it recieved in order. -sender has timer for oldest unacked packet •when timer expires, retransmit all unacked packets

what does TPC services provide

-reliable transport between sending and receiving process. (the receiving process gets 100% of the bites that the sending process sends out) -flow control: sender won't overwhelm receiver (you have an identified pair of senders and receivers) -congestion control: throttle sender when network overloaded (reacts based on network conditions by slowing down the source that is generating traffic) -does not provide: timing, minimum throughput guarantee, security -connection-oriented: setup required between client and server processes

non-persistent HTTP issues:

-requires 2 RTTs per object -OS overhead for each TCP connection -browsers often open parallel TCP connections to fetch referenced objects(this could actually be a benefit) you get more TCP connections which gives you more bandwidth but that is bad for other users with persistent HTTP: -server leaves connection open after sending response -subsequent HTTP messages between same client/server sent over open connection -client sends requests as soon as it encounters a referenced object therefore as little as one RTT for all the referenced objects

excplain Selective Repeat:

-sender can have up to N unack'ed packets in pipeline -rcvr sends individual ack for each packet -sender maintains timer for each unacked packet •when timer expires, retransmit only that unacked packet

what does UDP services provide

-unreliable data transfer between sending and receiving process (does not fix problems with data loss) -does not provide: reliability, flow control, congestion control, timing, throughput guarantee, security, or connection setup

how does a proxy server work?

-user sets browser: Web accesses via cache -browser sends all HTTP requests to cache •object in cache: cache returns object •else cache requests object from origin server, then returns object to client

Type MX resource record

-value is name of mailserver associated with name

many Web sites use cookies four components:

1) cookie header line of HTTP response message 2) cookie header line in next HTTP request message 3) cookie file kept on user's host, managed by user's browser 4) back-end database at Web site

exaplin Cache Poisoning without Compromising DNS Servers

1.Force a DNS lookup (of amazon.com) by local proxy DNS server (dns.my.com) 2.dns.my.com sends a query to top-level .com server, with a transaction ID x. 3.At that time, attacker sends a large number of fake replies with different guessed transaction IDs. 4.If one of the replies' transaction IDs is x, it will be taken by dns.my.com; the IP address is cached. -The additional section of the reply is also cached. Transaction ID is 16 bits, and is supposed to be chosen randomly. Early versions of BIND didn't choose random IDs, but used sequential IDs; attack is easy. If the algorithm for generating pseudo random numbers is weak, the attacker may be able to guess the subsequent transaction IDs. Fix1: make the transaction ID random; use random source port for query •Choose a 32-bit random number; the first 16 is used as ID and the second 16 is used as source port Fix2: not to accept additional record if it contains a hostname not in the query

what does HFC stand for

hybrid fiber coax which are asysemetic and unlike DSL home share an access network to cable headend (see slide 18 to clarify )

can HTTP client wants to retience a web doccument at a given URL. The ip address of the Http server is initally unknown. what transport and aplication layer protocals are needed?

Application layer protocols: DNS to find the ip address and HTTP Transport layer protocols: UDP for DNS; TCP for HTTP;

400

Bad Request •request msg not understood by server

is a cache like a client or a server

Both! cache acts as both client and server •server for original requesting client •client to origin server

what does CDN stand for?

Content Distrubution nestwork which is used to store coppies of videos (or other data?) at differnt distributed sites

what are the client and server roles in DASH

DASH: Dynamic, Adaptive Streaming over HTTP server: •divides video file into multiple chunks •each chunk stored, encoded at different rates •manifest file: provides URLs for different chunks client: •periodically measures server-to-client bandwidth •consulting manifest, requests one chunk at a time •chooses maximum coding rate sustainable given current bandwidth •can choose different coding rates at different points in time (depending on available bandwidth at time)

what happens in a DDoS attack on the DNS

DoS stands for denial of service. It could bombards the root server with traffic. but still most of the internet will function because of the cache IP's of the TDL servers. If it bombards the TDL servers with requests this could be more dangerous

T or F with nonpersistant connections between browser adn origin server, it is possible for a single tc connection to carry two distinct HTTP requests

F every non persistan connnection between the clent and server will have abother TCP conection

t or F a user requests a web page that consists of some text and three images for this page the client will send one reqest message and recieve four replies

F the client must send one request for each object

505

HTTP Version Not Supported

301

Moved Permanently requested object moved, new location specified later in this msg (Location:)

404

Not Found requested document not found on this server

what happens in a redirect attack on the DNS

One is a possible man in the middle attack where the queri is intercepted and a fake reply is returned. Another is DNS poisoning where it sends bogus replies to the DMS server which is caches

two methods for uploading form input

POST method: -web page often includes form input -input is uploaded to server in entity body URL method: -uses GET method -input is uploaded in URL field of request line: `

TCP and UDP have no encryption and are cleartext passwords sent into socket traverse Internet in cleartext how do we overcome this?

SSL or secure socket layer which extends the transport or part of the session layer layer to allow you to do things like online banking securely. Some peopleview SSL as part of the application layer because the implementation is done in user space. SSL provides application programming interface (API) to applications

t or F two distinct web pages can be sent over the same persistant connection

T only if both web pages are form teh same domain and the requests are form the same client

What services do TCP and UDP each supply and what services are available in neither?

TCP reliable, in-order delivery (TCP) •congestion control •flow control •connection setup UDP unreliable, unordered delivery: UDP •no-frills extension of "best-effort" IP (simple with low overhead) not provided: •delay guarantees•bandwidth guarantees

two types of internet transfer protocol services

TCP services and UPD services

major functions of session layer in the ISO/OSI reference model

synchronization, checkpointing, recovery of data exchange like with audio and video

what transportation layer protocal do you need for DNS?

UDP

what have UDP?

UDP provides the MINIMUM functions (process to process communication) for the transport layer. this means there is less overhead for the applications to communicate. good for real time applications

How is each object in an HTML file addressable?

a URL

what kind of network would be good for an application that involves long sessions with predictable smooth bandwidth requirements.

a circut switching network

benefits of layering

a modular design allows for easily updating and changing layers without effecting other layers (aka modules) layers give you a way to talk about the network system with another person

define video

a sequence of images displayed at constant rate •e.g., 24 images/sec

web page consists of ... which includes ...

base HTML-file which includes several referenced objects. (object can be HTML file, JPEG image, Java applet, audio file,...)

major functions of physical layer on internet protocol stack

bits "on the wire"

what kind of RDT do you use if you assume that underlying channel can also lose packets (data, ACKs)

add a timer at the sender if if an ack isnt recieved in that time then the sender automaticly resends the package

how do you do an internet checksum example

add the two 16 bit values. if there is a number to carry over dont add it to the front, put it back on the end. once you get the sum, flip it and that is the check sum

list the seven layers of the ISO/OSI reference model

application presentation session transport network link physical

list the five layers of the internet protocol stack (in order from top to bottom)

application, transport, network, link, physical

how is SSL implemented?

cleartext passwords sent into socket traverse Internet encrypted

what are the client and server's roles in socket programming with TCP?

client contacts server by: -Creating TCP socket, specifying IP address, port number of server process -when client creates socket: client TCP establishes connection to server TCP when contacted by client, server TCP creates new socket for server process to communicate with that particular client •allows server to talk with multiple clients •source port numbers used to distinguish clients (more in Chap 3)

in the client server model with processes, what which process is the client and which is the server

client process: process that initiates communication server process: process that waits to be contacted

------ are the mechanism used b the ht protocol together with the database server to keep state

cookies

What transport service does an application layer need?

data reliability -some apps (e.g., file transfer, web transactions) require 100% reliable data transfer, other apps (e.g., audio) can tolerate some loss timing -some apps (e.g., Internet telephony, interactive games) require low delay to be "effective" throughput -some apps (e.g., multimedia) require minimum amount of throughput to be "effective" like video and audio. other apps ("elastic apps") make use of whatever throughput they get security -encryption, data integrity

major functions of link layer on internet protocol stack

data transfer between neighboring network elements ex: Ethernet, 802.111 (WiFi), PPP transmits packets to neighboring links can have multiple link layer

What do sockets do?

deal with process to process communication. process sends/receives messages to/from its socket. processes view sockets like doors.

what are packet switches

devices that forward packets (chunks of data) ex: routers and switches (routers are a type of packet switch that switch IP packets)

define frequency division multiplexing

different channels transmitted in different frequency bands

define digital image

digital image: array of pixels •each pixel represented by bits

how is the DNS implemented

distributed database implemented in hierarchy of many name servers

what does the DNS store?

distributed database storing resource records (RR) RR format: (name, value, type, ttl)

since different users have different video streaming capabilities (e.g., wired versus mobile; bandwidth rich versus bandwidth poor) how can you accommodate all of them?

distributed, application-level infrastructure

layers in network protocall

each layer implements a service via its own internal-layer actions relying on services provided by layer below

explain circuit switching and its advantage

end-to-end resources are allocated (think telephone circuits). Since there are dedicated resources and no sharing, performance is guaranteed. The drawback is that resources are reserved even when not in use.

what are communication links

fiber, copper, radio, satellite

what is used in RDT to specify the sender and receiver

finite state machine for the sender and the receiver

how does non-persistant HTTP work?

for every object in the html (www.example.com/object1/object2) the HTTP client initiates a separate TCP connection

FDM vs TDM

frequency division multiplexy vs time division multiplexy. FDM carves out channels while TDM carves out time slots

what are datagrams

groups of bytes

packet-switching

hosts break application-layer messages into packets •forward packets from one router to the next, across links on path from source to destination •each packet transmitted at full link capacity

format for DNS protocol query and reply messages

identification: 16 bit # for query, reply to query uses same # flags: -query or reply -recursion desired -recursion available -reply is authoritative

how can duplicate packets be handeled with ACK/NAK protocall?

identifying packets uniquely and the sender a sequence number to each packet or stop and wait: sender sends one packet, then waits for receiver response

how do you implement the extra layers of the ISO/OSI reference model in in the internet service stack if you need them?

if needed they must be implemented in an application.

give an example of when queuing delay and loss can happen with packet switching

if the arrival rate of packets exceeds the transmission rate of packets in a short period of time. Packets will initially queue in the buffer and wait to be transmitted but if the buffer fills up packets can be lost

which layer is the DNS in

in the application-layer protocol: hosts, name servers communicate to resolve names (address/name translation) •note: core Internet function, implemented as application-layer protocol

explain a NAK-free protocol

insead of Nacks receive includes sequence number of packets being ackedduplicate ACK at sender results in same action as NAK(alternates 0's and 1's)

within same host, two processes communicate using...

inter-process communication which is defined by the OS

What does a Local DNS name server do?

it doesnt belong to the root->top-level->authoritative hierarchy. Instead, each ISP has one. when host makes DNS query, query is sent to its local DNS server •has local cache of recent name-to-address translation pairs (but may be out of date!) •acts as proxy, forwards query into hierarchy

what does the date header in a http respnse message mean?

it has the time and date that the object in the response was sent by the server

what are some examples of hosts or end systems(they mean the same thing)?

laptops, mobile phones that run any kind of web application

processes in different hosts communicate by exchanging...

messages

what does multiplexing mean

multiple inputs and one common output

what does demultiplexing refer to

multiple packets coming in and they need to be delivered to their different processes

are videos sent as one big blast from the server to the client?

no they are sent in a stream the rate of which is usually determined by the client

in the client server architecture can the clients directly communicate?

no they do not even know the other's IP address.

does IP address of host on which process runs suffice for identifying the process?

no, many processes can be running on same host. You use an identifier which includes both IP address and port numbers associated with process on host. the header of the transport layer contains fields to put socket numbers in.

are network applications written on router?

no, they are written on end systems with full operating systems but in principle you could do it if you wanted to (ex telephone networks)

non-persistent vs persistent HTTP

non-persistent HTTP -at most one object sent over TCP connection •connection then closed -downloading multiple objects required multiple connections persistent HTTP -multiple objects can be sent over single TCP connection between client, server

200

ok

how does caching work with servers

once (any) name server learns mapping, it caches mapping •cache entries timeout (disappear) after some time (TTL) •TLD servers typically cached in local name servers •thus root name servers not often visited

how to stream content (selected from millions of videos) to hundreds of thousands of simultaneous users?(two ways one better than the other)

option 1: single, large "mega-server" •single point of failure •point of network congestion •long path to distant clients •multiple copies of video sent over outgoing link option 2: store/serve multiple copies of videos at multiple geographically distributed sites (CDN)

what are two possible structures (architectures) of applications?

peer-to-peer and client-server

how do you choose to use Selective Repeat or Go-back-N

the avalibility of timers. if your system can support a lot of timers you can use Selective Repeat

major functions of transportation layer on internet protocol stack

process-process data transfer ex: TCP, UDP the network layer delivers from source host to destination host, the transport layer delivers it to a specific application (process) at the host if there is a mismatch in what the application wants and what the network can support then you have transportation protocols. there can be many transport layer functions

process

program running within a host

bit

propagates between transmitter/receiver pairs

what are protocols

protocols define format, order of messages sent and received among network entities, and actions taken on message transmission, receipt a way of coordinating distributed systems so that they can accomplish something. kind of like a language for them so they an exchange messages and run a task. some kind of action is then taken based on these messages for example: html, IP, TCP, Skype, 802.11

define encapsulation

putting something as a content or payload of the next lower level protocol packet. (see slide 1-62) (pay attention to order of protocol headers)

define throughput

rate (bits/time unit) at which bits are transferred between sender and receiver

what do rdt and udp stand for?

reliable data transfer and unreliable data transfer

quickly define TCP

reliable, byte stream-oriented (TCP service is provided for a stream oriented type of socket)

major functions of network layer on internet protocol stack

routing of datagrams from source hosts to destination hosts ex: IP, routing protocols the job of the network layer in a packet system is to forward packets from correct source to the correct destination once you choose an IP protocol it's hard to change it because you have to replace routers

explain routing vs forwarding

routing: determines source-destination route taken by packets usually determined by routing number forwarding: move packets from router's input to appropriate router output

what is the goal o web caches aka proxy servers

satisfy client request without involving origin server

define pipelineing

sender allows multiple, "in-flight", yet-to-be-acknowledged pkts •range of sequence numbers must be increased •buffering at sender and/or receiver -two generic forms of pipelined protocols: go-Back-N, selective repeat

why do we say HTTP is stateless?

server maintains no information (state information) about past client requests

guided media

signals propagate in solid media: copper, fiber, coax

quickly define socket

socket: door between application process and end-end-transport protocol

how can you use coding to reduce redundancy images to decrease # bits used to encode image

spatial coding example: instead of sending N values of same color (all purple), send only two values: color value (purple) and number of repeated values (N) temporal coding example: instead of sending complete frame at i+1, send only differences from frame i

what types of applications is udp used for?

streaming multimedia apps (loss tolerant, rate sensitive) or short transnational protocols -DNS -SNMP

major functions of application layer on internet protocol stack

supporting network applications ex: FTP, SMTP, HTTP the communication part. There could be (usually is) a large number of application protocols. for a major web application HTTP is the protocol. FTP is for file transfer. SMTP is for emails.

what would happen in an recursive query if host at cis.poly.edu wants IP address for gaia.cs.umass.edu

the contacted server takes the full burden of answering the query before it replies. this results in heavy load at upper levels of hierarchy. `

How does demultiplexing work?

the host receives IP datagrams which include a source IP and destination IP addresses. Each has one transport layer segment that has source and destination port numbers

in RDT how do you recover from errors?

the sender either sends •acknowledgements (ACKs): receiver explicitly tells sender that pkt received OK or •negative acknowledgements (NAKs): receiver explicitly tells sender that pkt had errors •sender retransmits pkt on receipt of NAK

what happens if ACK/NAK corrupted?

the sender wont know what happened at the recieveer and then you could just resend the packet but then you could get duplicates so that has to be delt with but identifying packets uniquely and the sender a sequence number to each packet

what is TTL

the time it takes cahe entries to disipear

what is bandwidth

the transmission rate which is the rate used to measure communications links. can also be called link capacity or link rate and is measured in bits for second

what does it mean when DSL is aysemetric?

the upload and download bandwidths are different

what would it require for two host to send a packet to the same destination socket?

they would have to have the same destination port number.

draw the 6 steps if Bob (client) requests video http://netcinema.com/6Y7B23V (video stored in CDN at http://KingCDN.com/NetC6y&B23V)

this is more or less right but not really because step 3 is impossible since translating one URL to another URL is not part of the DNS protocol it would really have to be two trips

define Round trip time (RTT)

time for a small packet to travel from client to server and back

define torrent and tracker and churn

torrent: group of peers exchanging chunks of a file tracker: tracks peers participating in torrent churn: peers may come and go (once peer has entire file, it may (selfishly) leave or (altruistically) remain in torrent)

what does the application layer portocol define?

types of messages exchanged, •e.g., request, response message syntax: •what fields in messages & how fields are delineated message semantics •meaning of information in fields rules for when and how processes send & respond to messages

define UDP

unreliable datagram (UDP service is provided for a datagram type of socket) there is no "connection" between client & server -no handshaking before sending data -therefore sender explicitly attaches IP destination address and port # to each packet -receiver extracts sender IP address and port# from received packet this means that transmitted data may be lost or received out-of-order

Type CNAME resource record

used when there is multiple names -name is alias name for some "canonical" (the real) name -www.ibm.com is really servereast.backup2.ibm.com -value is canonical name

how to map between IP address and name, and vice versa ?

using the domain name system or DNS

how does the serever provide URLs for each chunk of a video stream?

using the manifest file it provides URL's for differnt chunks

does the DNS server run over UDP or TCP?

usually UDP but TCP if the reply is long

physical link

what lies between transmitter & receiver

what is the difference in TCP and UDP checksum?

when the recieve checks the segment if there are errors detected the packet is thrown out. in UDP it is not re-transmitted in TCP it is

benefit of client sever

when you publish on peer to peer you loose control of your application. Big companies like face book cant have that so they have their own server.

give an example of a domain name

yahoo

can an http be sent with an empty body?

yes it can be sent with an error code

goal and benefits of a conditional get

you don't send object if cache has up-to-date cached version which leads to •no object transmission delay •lower link utilization

how can you explit DNS for DDoS

you generate a lot of queries to a host with the source IP as the victim's IP so all the replies go to bombarding the victim.

is layering harmful?

you lose some flexibility because there is a modular design but there could be a more efficient design

three characteristics of a sever

§always-on host §permanent IP address §data centers for scaling

give examples of network applications

§e-mail §web §text messaging §remote login §P2P file sharing §multi-user network games §streaming stored video (YouTube, Hulu, Netflix)

Type A resource record

§name is hostname §value is IP address

benefit of proxy server aka web caching

§reduce response time for client request §reduce traffic on an institution's access link §Internet dense with caches: enables "poor" content providers to effectively deliver content (so too does P2P file sharing)

why woudnt you want a centralized DNS server?

§single point of failure §traffic volume §distant centralized database §maintenance

what is an IP adress

•IP address (32 bit) - used for addressing datagrams your computer takes the domain name and translates it into an IP adress to find what it needs

in http protocol what does the client do and what does the serer do?

•client: browser that requests, receives, (using HTTP protocol) and "displays" Web objects •server: Web server sends (using HTTP protocol) objects in response to requests

what does the root name server do?

•contacts authoritative name server if name mapping not known •gets mapping •returns mapping to local name server

Type NS resource record

•name is domain (e.g., foo.com) •value is hostname of authoritative name server for this domain

what do authoritative DNS servers do?

•organization's own DNS server(s), providing authoritative hostname to IP mappings for organization's named hosts •can be maintained by organization or service provider ex(sometime cise.ufl.edu)

what do top-level domain servers do?

•responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp •Network Solutions maintains servers for .com TLD •Educause for .edu TLD

benefits of P2P architecture

•self scalability - new peers bring new service capacity, as well as new service demands, the more peers you have the more services you can provide. It is like a pooling of resources. this leads to rapid deployment you don't have to buy a lot of large servers

unguided media

•signals propagate freely, e.g., radio

how is a tcp socket uniquely identifies?

•source IP address •source port number •dest IP address •dest port number these are used by the demulteplexer in the destination host to direct segment to appropriate socket


Related study sets

Security+ SY0-501 Practice - Set A

View Set

Financial Analysis - Ratios - liquidity Ratio - current ratio

View Set

ECN 375 Exam #4 Practice Problems

View Set