Computer Networks BSCIT 6th Sem

8/11/2019 Computer Networks BSCIT 6th Sem

1/25

DNSDNS is an Internet service that translates domain names to IP addresses. Every time you query or use adomain name, a DNS server translates the domain name into its corresponding IP address. The DNSserver uses cache to resolve queries. The server cache is a part of the memory that stores the recently

accessed information. Caching ena les fast responses to the DNS queries. It also reduces net!or" traffic ecause the DNS server can gather responses for queries from its cache, rather than sending the queries tothe other DNS servers.

The DNS server collects and stores all the information that it receives !hen a query is processed. Theserver retains this information in the server cache till the specified time#period in the resource record.This time#period is called the time#to#live $TT%& value of the returned record information.

'fter caching, the TT% value starts decreasing so that the server "no!s !hen to delete the resourcerecord. The record is mar"ed for deletion, !hen the TT% value reaches (ero.

Consider an e)ample. 'n organi(ation has a *,+++ machine setup !ith a domain controller, threeadditional domain controllers, and fe! application servers, such as !e servers, data ase servers, and fe!file servers. Domain controller is also a DNS server for the organi(ation. Soft!are developers access

these servers and other machines for their day#to#day !or". They notice that it ta"es a longer time toaccess servers and machines !ith the machine name as compared to the time ta"en !hen they accessmachines !ith the IP addresses. The reason for this is that the DNS server is loaded and therefore, itslo!s do!n !hile resolving queries. 'fter a query is resolved, the DNS server cache gets deleted. Thiscan e resolved y creating a cache on another DNS server. This !ill help the DNS server to resolvequeries faster.

The TT% value indicates the time for !hich a DNS client can use a DNS record efore deletion of therecord or efore the record e)pires. sers can specify the TT% value for a DNS record in seconds.

The minimum default value of the TT% for records created y the DNS server is - ++ seconds. ' shortTT% value results in heavy DNS traffic. ' large TT% value causes the server to reply to queries y usingoutdated resource records.

Troubleshooting DNS Servernslookup is a command line utility that ena les you to perform tests to verify !hether the resourcerecords are added or updated correctly or not. The nslookup command helps resolve addresses forresources on the DNS server, performs DNS queries, and e)amines the content of (one files on the DNSserver. The command also helps diagnose and solve name resolution pro lems !hen the machine namedoes not get resolved !hile accessing the net!or".

Synta) ## nslookup [-Subcommand ...] [{ComputerToFind| [-Server]}]

The a ove parameters are e)plained elo!/

Subcommand / Specifies one or more nsloo"up su commands as a command#line option such asnslookup: exit , nslookup: in!er , nslookup: ls , nslookup: lserver

ComputerToFind / %oo"s up for complete information such as DNS name and IP address of acomputer system y using the current default DNS name server.

Server / Specifies to use this server as the DNS name server. If you omit Server parameter, thedefault DNS name server is used.

SMTP

S0TP is a protocol that is used for sending e#mail messages. 1henever a user sends an e#mail y usinge#mail clients such as 2utloo" E)press, the client uses S0TP to transfer the e#mail to the mail server.

E#mail is routed to an intermediate mail server, !hich then delivers it to the recipient3s mail server. 4ore)ample, a company !ith several servers has designated one server as a mail gate!ay to the Internet.'ny e#mail sent to the company !ould arrive at the gate!ay server, and then e relayed to the

appropriate server for delivery to the recipient.


2/25

5o!ever, malicious users sometimes try to perform unauthori(ed mail relaying. 4or e)ample, a spammer!ho has a lo!#end server and a slo! net!or" connection might use mail relaying in order to get othercompany6s higher#po!ered mail server and a fast net!or" connection to send spam mail on their ehalf.

Even !orms can use some other server and net!or" to send mass mails. 0any !orm programs are usedtoday to send mass 7un" e#mails to distur net!or"s. Sending mass spam mails is an unla!ful activity.The follo!ing ta le lists ports a out a fe! more protocols.

PROTOCOLS PORTS

POP3 110

ftp-data 20 file transfer[default data]

File Transfer Protocol (FTP) 21 file transfer [control]

HTTP 80

TE !ET 23

!a"eser#er $2

Tri#ial File Transfer (TFTP) %&

'nternet essa e *ccess Protocol (' *P) 1$3

i +t,ei +t irector. *ccess Protocol ( *P) 38&

Protocols and T+eir /orrespondin Ports

Solutions to Chapter One Questions

1. %ist the functions of the application layer.Ans.

The functions of the application layer are/

It is responsi le for facilitating interaction et!een many applications li"e 111, E0'I%, 4TP,and DNS, and servers li"e mail server and 4TP server.

It interfaces directly to and performs common application services for the application processes8 italso issues requests to the presentation layer.

2. 1hat is DNS9

Ans.

DNS is a name resolution service that resolves host names to the IP addresses. DNS has a hierarchicaland distri uted data ase that contains mappings of host names !ith the corresponding IP addresses.

3. E)plain the !or"ing of DNS !ith an e)ample.

Ans.

DNS is a name resolution service that resolves host names to IP addresses. ' DNS server resolves hostnames to IP addresses for DNS queries sent y the DNS clients. These queries can e in the form of aname resolution query or a resource record. The resolver sends a ser Datagram Protocol $ DP& pac"etto the local DNS server. The DNS server searches its ta le and returns the IP address, !hich matches thedomain name. DNS has a hierarchical and distri uted data ase that contains mappings of host names !iththe corresponding IP addresses.


3/25

:esource records are stored in a specific portion of the DNS data ase called the DNS (one. ' DNS (onecontains resource records along !ith the o!ner names.

4or e)ample, an application program calls a procedure !ith its domain name as parameter. The proceduresends an DP pac"et to the local DNS server. The DNS server searches its ta le and returns the IPaddress !hich matches the Domain name. The program can no! esta lish a TCP connection or send

DP pac"ets.

4. 1hat is an iterative resolution9

Ans.

Iterative resolution refers to the name resolution technique in !hich a server sends ac" the informationto a client or sends the name of the server that has the information. The client then iterates y sending arequest to this referred server. This server may return the information itself or send the name of anotherserver. This process continues till the time the client receives the required information.

5. 1hat are the functions of the user agent in the e#mail architecture9

Ans.

In the e#mail architecture, the user agent helps users to interact !ith the e#mail systems. The functions ofthe user agent in e#mail architecture are/

Composition / It refers to !riting the mail. 5ere users type the message that they !ant to convey.The users have to mention the recipient6s e#mail address.

Receiving / It refers to retrieving the e#mails from the P2P- server.

Replying to messages / It refers to replying to a received e#mail. To reply to the e#mail, the user hasto clic" reply, type the message, and send it ac".

Support manipulation o mail bo! / It refers to customi(ation of the mail o). 5ere users can createfolders and manage the mail according to the sender.

". Discuss the sending and receiving process of e#mail.

Ans.

The prerequisites for sending and receiving an e#mail are/

;oth the sender and recipient should have an e#mail account.

The sender must provide the destination address and !rite a message.

The follo!ing is the sequence of the e#mail sending process/

*. 1hen the sender clic"s send , the machine esta lishes a connection !ith the S0TP server y using port


4/25

#. 1rite a rief note on S0TP.

Ans.

S0TP is a protocol that transfers mail relia ly and efficiently. S0TP is independent of a particulartransmission su system and needs only a relia le ordered data stream channel. 'n important feature ofS0TP is its capa ility to relay mail across transport service environments.

$. Discuss the !or"ing of P2P- in an e#mail system. 1hat are its limitations9

Ans.

1hen users chec" their e#mail, the e#mail client connects to the P2P- server y using port **+. TheP2P- server requires an account name and a pass!ord.

The P2P- server issues a series of commands to ring copies of user e#mail messages to user6s localmachine. ?enerally, it !ill then delete the messages from the server $unless the user chooses the not tooption in the e#mail client&.

2nce the connection has een esta lished, the P2P- protocol goes through three stages in sequence/*. 'uthori(ation


5/25

T,o-Tier *rc+itecture of

If the !e pages are interacting !ith the data ase, then the architecture ecomes three#tiered, as sho!n inthe follo!ing figure.

T+ree-Tier *rc+itecture of

11. E)plain the client side and server side events !hen a user clic"s on a :%.

Ans.

The client side events !hen a user clic"s on a :% are as follo!s/

*. The ro!ser locates the :%.


6/25


7/25

Static Routing Dynamic Routing

'n static routin 6 routin is done "anuall. inrouters4 7outers do not update routin ta let+e"sel#es in case of do,nti"e or c+an e in

route4 'f a router on t+e route oes do,n6 t+edestination "a. eco"e unreac+a le4

.na"ic routin allo,s routin ta les inrouters to c+an e as t+e possi le routes c+an e4T+ere are se#eral protocols used to support

d.na"ic routin includin 7'P and O PF4

* net,or ad"inistrator "anuall. uilds andupdates t+e routin ta le and +andles t+e

pro ra""in of all t+e routes in t+e routinta le4 tatic routers can ,or ,ell for s"allinternet,or s ut t+e. do not scale ,ell forlar e or d.na"icall. c+an in inter-net,or s

ecause of t+e "anual ad"inistration re uired4

.na"ic routin consists of routin ta les t+atare uilt and "aintained auto"aticall. t+rou +an on oin co""unication et,een routers4T+is co""unication is facilitated . a routin

protocol6 a series of periodic or on-de"and"essa es containin routin infor"ation t+at ise5c+an ed et,een routers4 E5cept for router9sinitial confi uration6 d.na"ic routers re uirelittle on oin "aintenance and6 t+erefore6 can

scale to lar er internet,or s4

7outers are not fault tolerant in case of staticroutin 4 T+e lifeti"e of a "anuall. confi ured

static route is infinite and6 t+erefore6 staticrouters do not sense and reco#er fro" do,nedrouters or do,ned lin s4

7outers are fault tolerant in case of d.na"icroutin 4 .na"ic routes +a#e a finite lifeti"e4 'fa router or lin oes do,n6 t+e routers sense t+ec+an e in t+e inter-net,or topolo . t+rou +t+e e5piration of t+e lifeti"e of t+e route in t+eroutin ta le4 T+is c+an e can t+en e

propa ated to ot+er routers so t+at all t+erouters on t+e inter-net,or eco"e a,are oft+e ne, inter-net,or topolo .4

tatic 7outin :ersus .na"ic 7outin

Routing Protocols:outing protocol refers to a protocol that ena les routing through implementation of a routing algorithm.' routing algorithm is an algorithm that determines the possi le route through !hich data pac"ets !ouldreach the destination.

Some of the routing protocols are/

Interior ?ate!ay :outing Protocol $I?:P&

Cisco Discovery Protocol $CDP&

5ot Stand y :outer Protocol $5S:P&

"#RP

I?:P is a distance vector Interior ?ate!ay Protocol $I?P&. I?:P mathematically compare routes yusing some measurements of distance. This measurement is "no!n as the distance vector. :outers sendall or a portion of their routing ta le in a routing#update message at regular intervals to each of theirneigh oring routers if the router is using a distance vector protocol. 's routing information propagatesthrough the net!or", routers can identify ne! destinations as they are added to the net!or", learn a outthe failures in the net!or", and calculate distances to all "no!n destinations.

:eference $http/>>!!!.cisco.com>univercd>cc>td>doc>cisint!">ito doc>igrp.htm&

CDP

CDP is a media and protocol#independent device#discovery protocol that runs on all Cisco#manufacturedequipment including routers, access servers, ridges, and s!itches. ;y using CDP, a device can advertise

its e)istence to other devices and receive information a out other devices on the same %ocal 'rea Net!or" $%'N& or on the remote side of a 1ide 'rea Net!or" $1'N&.


8/25

$SRP

5S:P is a routing protocol that provides ac"up to a router in the event of the failure of the router.

5S:P provides net!or" redundancy for IP net!or"s. It ensures that user traffic recovers immediatelyand transparently from first hop failures in net!or" edge devices or access circuits.

T"M%RS "N R"P:IP uses three timers to support its operation/

(eriodic Timer / The Periodic timer controls the advertising of regular update messages. 'lthoughthe protocol specifies that the timer must e set to -+ seconds, the !or"ing model uses a randomnum er et!een


9/25


10/25


11/25

2. 1hat is the difference et!een :IP and 2SP49

Ans'

The main difference et!een :IP and 2SP4 is that :IP only "eeps trac" of the closest router for eachdestination address !hereas 2SP4 "eeps trac" of a complete topological data ase of all connections inthe local net!or".

3. 1hat is a metric9 1hat are some of the metrics used y the routing protocols9

Ans'

' metric is a standard of measurement, such as path and!idth, !hich is used y routing algorithms todetermine the optimal path to a destination.

Some of the metrics used y the routing protocols are path length, relia ility, delay, and!idth, load, andcommunication cost.

RTSP

The :TSP is a client#server application#level protocol that controls the delivery of data !ith real#time properties. :TSP esta lishes and controls either a single or several time#synchroni(ed streams ofcontinuous media, such as audio and video. :TSP uses the transport protocols such as ser DatagramProtocol $ DP&, multicast DP, Transmission Control Protocol $TCP&, and :eal#Time TransportProtocol $:TP& to deliver the continuous streams. It acts as a net!or" remote control for multimediaservers. Sources of data can include oth live data feeds and stored clips.

Port Nu!bers use' b RTSPThe follo!ing ports have een registered !ith the Internet 'ssigned Num ers 'uthority $I'N'&.

;;$


12/25

transmit control pac"ets to participants in a streaming multimedia session. The primary function of :TCPis to provide feed ac" on the quality of service eing provided y :TP.

Open Source Strea!ing Server ) Pro'uct "n,or!ation+ote / ;ecause this chapter deals !ith multimedia data transmission and streaming servers, the products

availa le in the mar"et have also een discussed.'pple Computers, Inc. has developed a streaming server !hich is called Dar!in Streaming Server. Thisis an open source version of streaming server technology that allo!s a user to ma"e changes according tothe requirement and to send multimedia data to clients across the Internet. Industry standard protocolssuch as :TP and :TSP are used for this purpose. Dar!in Streaming Server supports a high level ofcustomi(a ility and runs on a variety of platforms that allo!s a user to manipulate the code.

Dar!in Streaming Server can e e)tended or modified. Dar!in Streaming Server can e modified to alter0PE?#A media and Juic"Time Streaming Server $JTSS&, !hich is 'pple3s commercial streamingserver. JTSS is delivered as a part of 0ac 2S K Server on alternative platforms such as 1indo!s,%inu), and Solaris.

Dar!in Streaming Server =.= is the latest version availa le and includes the follo!ing enhancements/

%atest security update changes%atest -?PP release = client support

5igh#definition 5.< A streaming

Support for automatic and!idth detection !ith Juic"Time Player

' security update for 1indo!s

The source code of Dar!in Streaming Server =.= currently supports 0ac 2S K Server, %inu) $:ed 5at Bor higher recommended&, Solaris , and 1indo!s video application from a server !here they are placed.' client egins to play either an audio or a video once the media player of the client6s PC eginsreceiving the audio or video file from the server. During the process, the client !ill e playingaudio>video from one location in the file !hile it is receiving the remaining parts of the file from theserver. In other !ords, streaming avoids long do!nload times and the need to store the entire file on theuser3s computer.

4. 1hat are the dra! ac"s of the present Internet to drive the multimedia data9


13/25

Ans.

The Internet has some dra! ac"s !ith regard to multimedia data. 4or e)ample, the media player does notcommunicate !ith the streaming server directly. This delay, efore play#out egins, is typicallyunaccepta le for audio>video clips of moderate length. 4or this reason, audio>video streamingimplementations typically have the server send the audio>video file directly to the media player process.In other !ords, a direct soc"et connection is made et!een the server process and the media player

process.

5. 5o! can the present Internet e made to port multimedia data9

Ans.

4or ma"ing the e)isting Internet porta le to multimedia data, the follo!ing modifications need to edone/

' protocol is required that reserves and!idth on ehalf of the streaming server applications.

The scheduling policies in the router queues should e modified so that the and!idth reservationscan e done. 1ith the ne! scheduling policies, not all pac"ets get equal treatment, instead the

pac"ets from the multimedia provider sites that reserve and pay more, get more and!idth.The applications must give the net!or" a description of the traffic that they intend to send to thenet!or".

The and!idth and s!itching capacity should e enhanced to provide satisfactory delay and pac"etloss performance !ithin the net!or".

Caches must e installed in the net!or"s. Caches ring stored content $!e pages as !ell as storedaudio and video& closer to users, there y reducing the traffic in the higher#tier ISPs.

Content providers that pay for a Content Distri ution Net!or"s $CDN& service should delivercontent faster and more effectively.

0ulticast overlay net!or"s can e deployed. ' multicast overlay net!or" consists of serversscattered throughout the ISP net!or" and potentially throughout the entire Internet. Servers and thelogical lin"s et!een servers collectively form an overlay net!or", !hich multicasts traffic from asource to millions of users.

". 1hy do audio and video file need to e compressed9

Ans.

Compression is required to reduce the si(e of audio and video so that they can e easily transmitted overthe Internet.

4or e)ample, a single image consisting of *+decode delay,transfer delay, uffer delay, modem delay, sound card delay, and other delays. 's long as the delays are"ept constant, then the audio !ill e delivered uninterrupted.


14/25

$. 1hat is a streaming server9

Ans.

Streaming servers are meant for the audio>video streaming applications. pon client request, a serverdirects an audio or a video file to the client y sending the file into a soc"et. ;oth the TCP and DPsoc"et connections are used. ;efore sending the audio>video file to a net!or", the file is segmented, and

the segments are typically encapsulated !ith special headers appropriate for audio and video traffic.Streaming servers send digital video for ne!s, entertainment, or educational content over the Internet yusing :TP>:TSP. ' multimedia file gets uploaded on the server and streaming servers encodes content inthe latest media formats including 0PE?# A $0oving Picture E)pert ?roup& and the ''C $'dvanced'udio Coder& audio.

%.1hat are the limitations of the est effort service9 E)plain.

Ans.

%imitations of the est effort service are/

(ac et loss / 's a IP datagram crosses through a net!or" over DP, it passes through uffers in therouters in order to access out ound lin"s. It is possi le that one or more of the uffers in the routefrom sender to receiver is full and cannot admit the datagram. In this case, the IP datagram isdiscarded, never to arrive at the receiving application. %oss could e eliminated y sending the

pac"ets over TCP rather than over DP.

)!cessive end0to0end delay / End#to#end delay is the accumulation of transmission, processing, andqueuing delays in routers, propagation delays in the lin"s, and end#system processing delays.

(ac et itter / ' crucial component of end#to#end delay is the random queuing delays in the routers.;ecause of these varying delays !ithin the net!or", the time from !hen a pac"et is generated at thesource until it is received at the receiver can fluctuate from pac"et to pac"et. This phenomenon iscalled 7itter.

1&. Discuss the features of :eal Time Protocol $:TP&.

Ans.

The features of :eal Time Protocol $:TP& are/

:TP provides end#to#end delivery services for data !ith real#time characteristics such as interactiveaudio and video. 5o!ever, :TP itself does not provide any mechanism to ensure timely delivery. Itneeds support from the lo!er layers of 2SI model that actually have control over resources ins!itches and routers. :TP depends on :esource :eservation Protocol $:S@P& to reserve resourcesand to provide the requested quality of service.

:TP provides timestamps, sequence num ers as hoo"s for adding relia ility, flo!, and congestioncontrol for pac"et delivery, ut implementation is totally left to the application.

:TP is a protocol frame!or" that is deli erately not complete. It is open to ne! payload formats andne! multimedia soft!are. ;y adding ne! profile and payload format specifications, one can tailor:TP to ne! data formats and ne! applications.The flo! and congestion control information of :TP is provided y :eal#Time Control Protocol$:TCP& sender and receiver reports.

:TP>:TCP provides functionality and control mechanisms necessary for carrying real#time content.;ut :TP>:TCP itself is not responsi le for the higher#level tas"s li"e assem ly and synchroni(ation.These have to e done at the application level.

11. E)plain ho! does the helper application get data from a streaming server.

Ans.

?etting data from streaming server to helper application li"e the media player requires at least t!o

servers !here data is placed. 2ne server is the 5TTP server, and the second server is the streamingserver.


15/25

4or e)ample, !hen a user visits any songs>ne!s !e site, the !e ro!ser communicates !ith the !eserver !here the user chooses the file that has music or ne!s. The moment the user clic"s any media file8media player requests for the media file to the streaming server and user receives the media file on themedia player.

12. E)plain :TSP.Ans.

:TSP is a protocol that ena les a media player to control the transmission of a media stream. :TSPmessages use the port num er =AA from the media stream. The :TSP specification, :4C


16/25

))) $&2.11g 67i0Fi: / It has a frequency up to =A0 ps in the


17/25

In '0, the strength $amplitude& of the carrier from a transmitter is varied according to ho! a modulatingsignal varies.

1hen a person spea"s into the microphone of an '0 transmitter, the microphone converts the voiceinto a varying voltage. This voltage is then amplified and used to vary the strength of the transmitter3soutput. '0 adds po!er to the carrier depending on the strength of the modulating voltage.

'0 can e easily produced in a transmitter. In addition, '0 receivers are simple in design. 5o!ever,'0 has the follo!ing disadvantages/

' out t!o#thirds of an '0 signal3s po!er is concentrated in the carrier, !hich contains signals oflo! importance. 2ne#third of the po!er is in the side ands, !hich contain the signal3s intelligence.2f the total po!er output of an '0 transmitter, only a out one#si)th is actually productive, usefuloutput.

The !ide amount of frequency space occupied y an '0 signal is vulnera le to static and otherforms of electrical noise. Despite this, '0 is simple to tune on ordinary receivers and is used foralmost all short!ave roadcasting.

Solutions to Chapter Four Questions1. 1hat are 1%'Ns9

Ans.

1%'N is a net!or" that uses high#frequency radio !aves rather than !ires to communicate et!eennodes. 1%'N technologies ena le users to esta lish !ireless connections !ithin a local area such as!ithin a corporate or campus uilding, or in a pu lic space li"e airport. IEEE approved the B+


18/25

;1 stands for and!idth, !hich is the range !ithin a and of frequencies or !avelengths. ;1 can also e defined as the amount of data that can e transmitted in a fi)ed amount of time. 4or digital devices, and!idth is usually e)pressed in its per second or ytes per second $ ps&. 4or analog devices, and!idth is e)pressed in cycles per second or 5ert( $5(&.

". Compare B+


19/25

$. Compare radio and infrared transmission.

Ans.

The differences et!een radio and infrared transmissions are as follo!s.

Radio Tran$mi$$ion IR Tran$mi$$ion

7adio trans"ission can co#er lar er areas and can penetrate ,alls6 furniture6 plants6 and so on4

'7 trans"ission cannot penetrate ,alls orot+er o stacles4

7adio trans"ission does not t.picall. need a directline of si +t ( O ) to e5ist et,een t+e recei#er andt+e sender if t+e fre uencies are not too +i +4

For ood trans"ission ualit. and +i + datarates6 t.picall. a O is needed et,een t+e

sender and t+e recei#er4

7adio trans"ission offers #er. +i + data transferrates t+an 'nfrared4 /urrent radio- ased productsoffer trans"ission rates up to 10 ps4

'7 trans"ission offers lo,er trans"issionrates4 T+e products usin t+e latest #ersion of

'7 ata *ssociation interface support datatransfer rates up to $ ps4

'n t+is case6 s+ieldin is not so si"ple4 T+erefore6radio trans"ission can interfere ,it+ ot+er sendersand electrical de#ices can destro. data trans"ission#ia radio4

'n t+is case6 s+ieldin is #er. si"ple4T+erefore6 electrical de#ices do not interfere,it+ infrared trans"ission4

7adio trans"ission is onl. per"itted in certain fre uenc. ands4 :er. li"ited ran es of license-free

ands are a#aila le ,orld,ide6 and t+ose a#aila leare t.picall. not t+e sa"e in all countries4

!o licenses are re uired for infraredtec+nolo .4

7adio trans"ission is used for ,ide area net,or s( *!) suc+ as "icro,a#e lin s and "o ile cellular

p+ones4

'7 tec+nolo . is nor"all. used for de#ices li e P *s6 laptops6 note oo s6 "o ile p+ones6 and so on4

*! tec+nolo ies suc+ as 'EEE 8024116 H'PE7 *!6 and =luetoot+ "a e use of t+is t.pe oftrans"ission4

Onl. 'EEE 802411 "a es use of t+is t.pe oftrans"ission4

7adio Trans"ission :ersus 'nfrared Trans"ission

%.Discuss the architecture of 1%'N.

Ans.

1%'N architecture consists of three components/

1ireless end stations'ccess points

;asic service sets $;SS&

The !ireless end station can e any device that can communicate using the B+


20/25

1&. ;riefly e)plain the 1%'N protocol architecture.

Ans.

In a typical 1%'N setup, the IEEE B+


21/25

Mer eros is a protocol that allo!s individuals communicating over an insecure net!or" to prove theiridentity to one another in a secure manner. Mer eros prevents replay attac"s and ensures the integrity ofthe data. Mer eros !or"s on client#server model and it provides mutual authentication, oth the user andthe service verify each other3s identity. Mer eros is uilt on symmetric "ey cryptography and requires atrusted third party.

Data %ncr ption Stan'ar' *D%S+

DES encrypts and decrypts data in A# it loc"s, y using a A# it "ey although the effective "ey strengthis only = its. DES ta"es a A# it loc" of plainte)t as input and outputs a A# it loc" of cipher te)t.DES al!ays operates on loc"s of equal si(e and uses permutations and su stitutions in the algorithm.DES is oth a loc" cipher and a product cipher.

DES has * rounds, !hich means that the main algorithm is repeated * times to produce the cipher te)t.It has een found that the num er of rounds is e)ponentially proportional to the amount of time requiredto find a "ey using a rute#force attac".

Public 0e "n,rastructure *P0"+

It is a system of digital certificates, Certificate 'uthorities $C'&, and other registration authorities thatverify and authenticate the validity of each party involved in the Internet transaction. PMI is currentlyevolving and there is no single PMI or even a single agreed#upon standard for setting up a PMI. 5o!ever,users agree that a relia le PMI is necessary efore electronic commerce is !idespread.

Digital Certi,icates

' digital certificate is a digitally signed statement that inds the identifying information of a user, acomputer, or a service to a pu lic or private "ey pair. ' digital certificate is commonly used in the

process of authentication and security of net!or"s. ' digital certificate is an attachment to an electronicmessage used for security purposes. The most common use of a digital certificate is to verify theidentification of the user !ho is sending a message. Digital certificates also provide the receiver !ith themeans to encode a reply.

'n individual !ishing to send an encrypted message applies for a digital certificate from C'. 'nencrypted digital certificate is issued !ith the applicant3s pu lic "ey and a variety of other identificationinformation.

CA

C' is a trusted third#party organi(ation or company that issues digital certificates. The role of the C' inthis process is to guarantee that the individual granted the unique certificate is, in fact, !ho he or sheclaims to e. sually, this means that the C' has an arrangement !ith a financial institution, such as acredit card company, !hich provides it !ith information to confirm an individual3s claimed identity. C'sare a critical component in data security and electronic commerce ecause they guarantee that the t!o

parties e)changing information are really !ho they claim to e.

Public)0e %ncr ption' pu lic "ey is "no!n to everyone !hile a private or secret "ey is "no!n only to the recipient of themessage. Consider an e)ample in !hich user * !ants to send a secure message to user


22/25

decrypt a message encrypted y the other. The dra! ac" of this method is in the difficulty of distri utingthe private "eys.

Top Vulnerabilities in -in'o&s S ste!sThe 1indo!s 2perating system family supports a !ide variety of services, net!or"ing methods, and

technologies. 0any of these components are implemented as Service Control Programs $SCP& under thecontrol of Service Control 0anager $SC0&, !hich runs as Services.e)e. @ulnera ilities in these servicesare one of the most common targets for e)ploitation y an attac"er.

The critical vulnera ilities !ere reported in the follo!ing 1indo!s Services/

0SDTC and C20O Service

Print Spooler Service

Plug and Play Service $0S+=#+A , 0S+=#+- &

Server 0essage ;loc" Service

E)change S0TP Service

0essage Jueuing Service

%icense %ogging Service1INS Service

NNTP Service

NetDDE Service

Tas" Scheduler

Vulnerabilities in Microso,t O,,ice an' Outloo/ %1press

0icrosoft 2ffice is the most !idely used e#mail and productivity suite across the glo e. Thisincludes applications such as 2utloo", 1ord, Po!erPoint, E)cel, @isio, 4rontPage, and 'ccess.2utloo" E)press, a asic e#mail client, is installed !ith Internet E)plorer and on all versions of0icrosoft 1indo!s starting !ith 1indo!s =. @ulnera ilities in these products can e e)ploitedthrough the follo!ing attac" vectors/

The attac"er can send a malicious 2ffice document in an e#mail message.

' malicious document can e hosted on a 1e server or a shared folder y the attac"er. The attac"ercan tempt a user to ro!se the 1e page or the shared folder.

The attac"er can run a server, such as a ne!s server, to send malicious responses to trigger a ufferoverflo! in e#mail clients.

:eference/ $ http/>>!!!.sans.org>top &

"'enti, ing Securit ControlsSecurity controls are used to safeguard the net!or" infrastructure from the various ris"s that it faces, suchas unauthori(ed access and virus attac"s. Therefore, it is essential for security designers to understand theimportance of implementing these security controls. These security controls can reduce the possi ility orthe impact of a ris".

T pes o, Controls

There are different types of security controls that can help reduce ris". These are/

(,ysical controls / These controls are not directly associated !ith the information, data, system, ornet!or" security of an organi(ation. 5o!ever, they indirectly help provide security at every level ofthe organi(ation.4or e)ample, loc"ing of rooms or restricting access to various locations !ithin an organi(ation is

part of physical controls.

Tec,nical controls / These controls include the hard!are and soft!are !ithin the organi(ation that isused to secure the systems and the data.
http://www.sans.org/top20/http://www.sans.org/top20/


23/25

4or e)ample, an antivirus soft!are is used to detect and prevent any virus from infecting the net!or"of the organi(ation. It is essential to update the technical controls at regular intervals to ensure thatthey provide security from ne! ris"s.

Administrative controls / These controls help in creating standards and guidelines to provide asecure net!or" environment !ithin the organi(ation. These controls include elements such as

policies and procedures.4or e)ample, for implementing authentication of resources and information, an organi(ation may usethe pass!ord policy. 's per this policy, !ea" pass!ords, such as name of the user, irth dates, andvehicle num ers, should not e used. This policy can e implemented y using ?roup Policy 2 7ectsin 1indo!s


24/25


25/25

FAQs1. 1hat are the advantages of cryptography9

Ans'

Cryptography is all a out increasing the level of privacy of individuals and groups. It not only protectsthe confidentiality of any company6s information ut also allo!s anyone to order a product over theInternet !ithout the fear of the credit card num er eing intercepted y any malicious attempt. 4ore)ample, cryptography is often used to prevent forgers from counterfeiting !inning lottery tic"ets. Eachlottery tic"et can have t!o num ers printed onto it, one plainte)t and the other its corresponding cipher.

2. 1hat is the disadvantage of a transposition cipher9

Ans'

The disadvantage of a transposition cipher is that such ciphers are considera ly more la orious and error prone than simpler ciphers.

3. 1hat is cryptology9

Ans'

The study of oth cryptography $enciphering and deciphering& and cryptanalysis $ rea"ing a codesystem& together is called cryptology.

Documents

Computer Networks BSCIT 6th Sem