CS 457 - Fall 2012

Homework 4

Date assigned: Oct 9, 2012
Date due: Oct 19, 2012
Submission tag: HW4

  1. (15pts): Exercise 5.8 (p.444)
    The sequence number field in the TCP header is 32 bits long, which is big enough to cover over 4 billion bytes of data. Even if this many bytes were never transferred over a single connection, why might the sequence number still wrap around from 232 -1 to 0?

  2. (15pts): Exercise 5.14 (p. 445)
    If host A receives two SYN packets from the same port from remote host B, the second may be either a retransmission of the original or else, if B has crashed and rebooted, an entirely new connection request.
    1. Describe the difference as seen by host A between these two cases.
    2. Give an algorithmic description of what the TCP layer needs to do upon receiving a SYN packet. Consider the duplicate/new cases above, and the possibility that nothing is listening to the destination port.

  3. (15pts): Exercise 5.16 (p.446)
    Suppose an idle TCP connection exists between sockets A and B. A third party has eavesdropped and knows the current sequence number at both ends.
    1. Suppose the third party sends A a forged packet ostensibly from B and with 100 bytes of new data. What happens?
      [Hint: Lookup in Request for Comments 793 what TCP does when it receives an ACK that is not an "acceptable ACK"]
    2. Suppose the third party sends each end such a forged 100-byte data packet ostensibly from the other end. What happens now? What would happen if A later sent 200 bytes of data to B?

  4. (15pts): Exercise 6.31 (p.536)
    Suppose a TCP connection has a window size of eight segments, an RTT of 800 ms, the sender sends segments at a regular rate of one every 100 ms, and the receiver sends ACKs back at the same rate without delay. A segment is lost, and the loss is detected by the fast retransmit algorithm on the receipt of the third duplicate ACK, At the point when the ACK of the retransmitted segment finally arrives, how much total time has the sender lost (compared to lossless transmission) if
    1. The sender waits for the ACK from the retransmitted lost packet before sliding the window forward again?
    2. The sender uses the continued arrival of each duplicate ACK as an indication it may slide the window forward one segment?

  5. (15pts): Domain Name System
    What is the purpose of DNS ? Describe DNS records. What are some of the known threats to the DNS and how DNSSEC responds to those threats ?
    [Hint: Read RFC 3833]

  6. (15pts): Multiple choice questions:
    1. Given below are some descriptions of Transport layer, which of them are NOT true ? (Multiple answers possible)
      a. TCP and UDP run here
      b. Data is sent in segments, not packets
      c. Data is sent in packets, not segments
      d. Offers connection-oriented and connectionless data transport services
      e. Routing takes place at this layer
      f. The Sequenced Packet Exchange protocol runs here

    2. The connection points that computers use to network with the hub are called: a. Buses
      b. Jacks
      c. Ports
      d. Sockets

    3. The use of hierarchy in routing tables can ________ the size of the routing tables.
      a. Reduce
      b. Increase
      c. Both a and b
      d. None of the above



  7. (10pts): NMAP. Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap is installed on department machines, and is added on default execution path. Run "man nmap" and read the nmap tool manual page to understand it. The Network Security Lab (Netsec) has the prefix 129.82.138/24. Use nmap to answer the following questions:
    a. How many hosts are discoverable in the Netsec lab?
    b. List all the Netsec hosts running the following popular services: web, mail, DNS, SSH, database server (mysql). Note that is is your job to figure out how to use nmap to do this.
    c. If you were the Netsec system administrator what would you do to prevent scans like the one you are doing ?

    IMPORTANT: nmap can trigger alerts that can lead to complaints if not used responsibly. Use nmap carefully, for example do not scan any other networks without permission.

All exercise numbers and page numbers are according to 4th Edition of the Textbook.

Submission Guidelines:
Submit your homework via email to the TA. The homework solutions must be typed, no hand written homework. Format of the file must be .txt or .pdf. Name your submission file as follows:

FIRSTNAME_LASTNAME_HW4.txt/.pdf

For example, John_Smith_HW4.pdf. The subject line of your email must be CS457 Submission: John_Smith_HW4.pdf
For questions regarding this homework email the TA with subject line CS457 Query: Regarding HW4

Note: All homework assignments are individual assignments. Please do your own work.