![EBK COMPUTER NETWORKING](https://www.bartleby.com/isbn_cover_images/8220102955479/8220102955479_largeCoverImage.jpg)
TCP:
TCP stands for Transmission Control Protocol which is a standard that establishes and maintain a network conversion with the use of application programs. If one uses TCP, one need to use a minimum of two Round trip time, one round trip to set up the connection for TCP and another round trip for the client to send the request and for the server to send the reply back.
SSL:
SSL stands for Secure Socket Layer and is a security protocol that establishes link between the web browser and the web server in an online communication.
Given Information:
Alice and Bob are communicating over an SSL session. An attacker, who does not have any of the shared keys, inserts a bogus TCP segment into a packet stream with correct TCP checksum and sequence numbers and correct IP addresses and port numbers.
![Check Mark](/static/check-mark.png)
Want to see the full answer?
Check out a sample textbook solution![Blurred answer](/static/blurred-answer.jpg)
Chapter 8 Solutions
EBK COMPUTER NETWORKING
- A vulnerability of TCP is that many TCP SYN segments can be sent from many different remote addresses. These addresses can be spoofed---that is, IP datagrams containing TCP SYN segments can be sent with a fake IP address in the header. What problem does this cause in the server? а. Every TCP SYN segment requires the operating system to reserve resources like buffer space in memory related to a connection that is never going to be completed. Eventually the resources will become oversubscribed, and depleted, so no other clients can establish a connection with the server, effectively creating a denial-of-service (DoS) attack. O b. The SYN segments will have the wrong port number in the header, so the TCP segment will get delivered to the wrong process. с. The server doesn't know what IP address to send a SYN/ACK packet to so the connection can be established.arrow_forwardConsider a TCP session between Hosts A and B. Assuming that Host A sends a 10byte segment with sequence number 5, what will be the sequence number of the acknowledgment sent from B to Aarrow_forwardIn this problem we investigate whether either UDP or TCP provides a degree of end-point authentication. a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response? b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no "man-in-the-middle," can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?arrow_forward
- The figure below is a Wireshark capture of a TCP three-way handshake starting an http session. Calculate the initial SampleRTT from this capture, knowing that the Time column (2nd on the left) is in seconds. 1 0.000000 2 0.040617 3 0.040650 TCP 66 53587 > httpp [SYN] Seq=0 win=8192 L 66 http > 53587 [SYN, ACK] Seq=0 Ack=1 54 53587 > http [ACK] Seq=1 Ack=1 win= TCP TCP Subsequent SampleRTTs are 30 ms, 40 ms, 100 ms, and 50 ms . Consider a = 0.125 and B = 0.25. The initial EstimatedRTT = initial Sample RTT. The initial DevRTT= (Initial Sample RTT)/2. What are the EstimatedRTT, DevRTT, and Timeout (RTO) calculated after the last SampleRTT? O Estimated RTT = 48.6 ms, DevRTT = 11.7 ms, Timeout (RTO ) = 95.5 ms Estimated RTT = 47.0 ms, DevRTT = 18.2 ms, Timeout (RTO) = 119.7 ms O Estimated RTT = 60.0 ms, DevRTT = 20.1 ms , Timeout (RTO) = 80.4 ms Estimated RTT = 28.1 ms, DevRTT = 29.6 ms, Timeout (RTO) = 146.7 msarrow_forwardTCP is a connection-oriented protocol. This means that... O a. both of the endpoints communicating over TCP keep information about the state of the connection. O b. a TCP sender can start sending data to the receiver before the three-way handshake takes place. O c. there is a direct physical connection between the two endpoints of a TCP session. O d. both endpoints of a TCP session have to connect to a third party before data can be sent or received.arrow_forwardSuppose an idle TCP connection exists between sockets A and B. A third party has eavesdropped and knows the current sequence number at both ends. (a) Suppose the third party sends A a forged packet ostensibly from B and with 100 bytes of new data. What happens? (Hint: Look up in Request for Comments 793 what TCP does when it receives an ACK that is not an "acceptable ACK.") (b) Suppose the third party sends each end such a forged 100-byte data packet ostensibly from the other end. What happens now? What would happen if A later sent 200 bytes of data to B?arrow_forward
- TCP sessions are full-duplex, which means that data can be sent in either direction during the lifetime of the session. Consider a session in which the connection is established, the client sends 100 data segments, all of them are ACKed, and all of the ACKS are received by the sender, then the session is ended by both sides closing the connect. How many segments in total have the SYN bit of the header set to 1? а. 4 O b. 2 с. O d. 1 е. 209arrow_forwardA vulnerability of TCP is that many TCP SYN segments can be sent from many different remote addresses. These addresses can be spoofed---that is, IP datagrams containing TCP SYN segments can be sent with a fake IP address in the header. What problem does this cause in the server? a. The SYN segments will have the wrong port number in the header, so the TCP segment will get delivered to the wrong process. O b. Every TCP SYN segment requires the operating system to reserve resources like buffer space in memory related to a connection that is never going to be completed. Eventually the resources will become oversubscribed, and depleted, so no other clients can establish a connection with the server, effectively creating a denial-of-service (DoS) attack. с. The server doesn't know what IP address to send a SYN/ACK packet to so the connection can be established.arrow_forwardToday's TCP implementations employ PRNGs to generate session start sequence numbers. So, with just the I - 1)st number created, it's impossible to calculate the (ith). How can an attacker readily calculate the ith number produced by a PRNG using just the I - 1)st number?arrow_forward
- TCP sessions are full-duplex, which means that data can be sent in either direction during the lifetime of the session. Consider a session in which the connection is established, the client sends 100 data segments, all of them are ACKed, and all of the ACKS are received by the sender, then the session is ended by both sides closing the connect. How many segments in total have the SYN bit of the header set to 1? а. 209 O b. 2 6 с. d. 4 О е. 1arrow_forwardIf we have a UDP packet that sent from port 42,768 to port 42,773 containing a message of exactly bytes "HELO" (coded in 8-bit ASCII). What will be the value in the checksum field.arrow_forwardThree-way handshake is used by a TCP client and a TCP server to establish a connection, as illustrated below: 1st: client:port1 -> server:port2, SYN 2nd: server:port2 -> client:port1, SYNACK 3rd: client:port1 -> server:port2, ACK When this client is performing scanning attacks, it will generated a large number of failed connections. In each failed connection, the three-way handshake fails to complete. People commonly use SYN together with the absence of its corresponding SYNACK in this same TCP session to identify whether this connection is failed. By investigating the failed connections, an engineer finds that in legitimate/benign cases, if the server does not return SYNACK to the client, the client will not send the ACK packet after SYNACK (e.g., the 3rd packet above). Therefore, this engineer suggests that we can count the failed connections based on the following rules without considering SYNACK: If a client:port1 sends…arrow_forward
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill EducationStarting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSONDigital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON
- C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSONDatabase Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage LearningProgrammable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
![Text book image](https://www.bartleby.com/isbn_cover_images/9780078022159/9780078022159_smallCoverImage.jpg)
![Text book image](https://www.bartleby.com/isbn_cover_images/9780134444321/9780134444321_smallCoverImage.gif)
![Text book image](https://www.bartleby.com/isbn_cover_images/9780132737968/9780132737968_smallCoverImage.gif)
![Text book image](https://www.bartleby.com/isbn_cover_images/9780133976892/9780133976892_smallCoverImage.gif)
![Text book image](https://www.bartleby.com/isbn_cover_images/9781337627900/9781337627900_smallCoverImage.gif)
![Text book image](https://www.bartleby.com/isbn_cover_images/9780073373843/9780073373843_smallCoverImage.gif)