In this problem we investigate whether either UDP or TCP provides a degree of end-point authentication. a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response? b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no "man-in-the-middle," can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?

In this problem we investigate whether either UDP or TCP provides a degree of end-point authentication. a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response? b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no "man-in-the-middle," can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Given the following topology of a network where the router connecting the two subnets together, Nodes 1 and 2 are ’inside’ of the subnet neta, Nodes 4 and 5 are ’outside’ of neta and Node 3 with a firewall is the gateway of neta. Try to write rules as general as possible. For example, although there are only two nodes outside, try to write rules such that the policy is achieved even if there were more than two nodes outside. Suppose the default policy is ACCEPT in the firewall on Node 3. Write packet filtering rules for the following goals (each of which is treated separately): Rule 1. Block ping (icmp) packets being forwarded between the two subnets; Rule 2. Block ping packets coming into the firewall;Rule 3. Prevent Node1 from SSHing to any outside nodes; Change the default policy as DROP and write packet filtering rules for the following golas: Rule 4. Allow inside hosts can access outside websites;Rule 5. Allow outside hosts can SSH into Node1. No other access should be allowed.…
Consider sending a file of F bits over a path of Q links. Each link transmits at R bits per second (bps). The network is lightly loaded so that there are no queueing delays. When a form of packet switching is used, the F bits are broken up into packets, each packet with L bits, of which h bits of it are header. Propagation delay is negligible. Let F = 5x104, Q = 20, R = 1 Mbps, L = 1000, and h = 10. c. Suppose the network is a packet-switched virtual circuit network. Denote the VC set-up time by ts = 250 milliseconds. How long does it take to send the file from source to destination?
Suppose a computer sends a frame to another computer on a bus topology LAN. The physical destination address of the frame is corrupted during the transmission. What happens to the frame? How can the sender be informed about the situation? Suppose a computer sends a packet at the network layer to another computer somewhere in the Internet. The logical destination address of the packet is cor- rupted. What happens to the packet? How can the source computer be informed of the situation?
Suppose a firewall is configured to allow outbound TCP connections but inbound connections only to specified ports. The FTP protocol now presents a problem: When an inside client contacts an outside server, the outbound TCP control connection can be opened normally but the TCP data connection traditionally is inbound. (a) Look up the FTP protocol in, for example, Request for Comments 959. Find out how the PORT command works. Discuss how the client might be written so as to limit the number of ports to which the firewall must grant inbound access. Can the number of such ports be limited to one? (b) Find out how the FTP PASV command can be used to solve this firewall problem.
Suppose a computer sends a packet at the network layer to another computer somewhere in the Internet. The logical destination address of the packet is cor- rupted. What happens to the packet? How can the source computer be informed of the situation?
In IEEE 802.11, two-way communication is used to authenticate an open system. In order to authenticate the client, the server must give the station ID (typically the MAC address). Response to the client's previous request is either a successful or failed authentication response from the access point/router. An error may arise if, for example, an AP/router configuration does not include the client's MAC address.In what ways is it advantageous to use this kind of authentication scheme?In what ways does this authentication technique have security vulnerabilities that might be mitigated?
Suppose Host A sends Host B a TCP segment encapsulated in an IP data-gram. When Host B receives the datagram, how does the network layer in Host. B know it should pass the segment (that is, the payload of the datagram) to TCP rather than to UDP or to some other upper-layer protocol?
Consider an HTTP client that wants to retrieve a Web document at a given URL. The IP address of the HTTP server is initially unknown. What transport and application-layer protocols besides HTTP are needed in this scenario?
DNS employs UDP over TCP. No automatic recovery if a DNS packet is missed. Is this a problem, and if so, how?
In this problem we investigate whether either UDP or TCP provides a degree of end-point authentication. a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response? b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no "man-in-the-middle," can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?
Three-way handshake is used by a TCP client and a TCP server to establish a connection, as illustrated below: 1st: client:port1 -> server:port2, SYN 2nd: server:port2 -> client:port1, SYNACK 3rd: client:port1 -> server:port2, ACK When this client is performing scanning attacks, it will generated a large number of failed connections. In each failed connection, the three-way handshake fails to complete. People commonly use SYN together with the absence of its corresponding SYNACK in this same TCP session to identify whether this connection is failed. By investigating the failed connections, an engineer finds that in legitimate/benign cases, if the server does not return SYNACK to the client, the client will not send the ACK packet after SYNACK (e.g., the 3rd packet above). Therefore, this engineer suggests that we can count the failed connections based on the following rules without considering SYNACK:
Draw a sequence diagram for the following scenario. In a network, two nodes communicate with each other. These are the sequence. 1) Node J sends ping message to Node L 2) Node L sends ICMP echo reply to node L. Now Node A is having the MAC address of Node L. 3) Node J starts TCP handshake with Node L by sending SYN message. 4) Node L sends (SYN+ACK) back to node J. 5) Node J sends the ACK to Node L.