IT Assignment Essay Example
Advantages of TCP for proposed application layer protocol
The TCP model separates the networking functions into different layers and each layer performs a particular function (Preetham p. 54). There are different advantages that are associated with the TCP model for the proposed application layer protocol. These include;
It can be used in order to set up as well as establish connection between different types of computers
It operates or works independently of the operating system and supports a number of routing (protocols)
Disadvantages of TCP for proposed application layer protocol
The disadvantages the TCP model for the proposed application layer protocol includes the following;
The shallow or overhead of the TCP is higher than the ipx, in which the ipx is always faster that the TCP model, and
The TCP is very complex to set up as well as manage
Advantages of UDP for proposed application layer protocol
The UDP protocol is a transport layer model for the use with the IP network later protocol. It is usually defined by the RFC. Advantages of this protocol include;
Provides a minimal, best-effort, message passing transport to applications as well as upper-layer protocols (Preetham 67). The protocol offers the best-effort datagram service an IP host.
It also does not incur connection establishment and teardown overheads and there are reduced/minimal related end system state.
Disadvantages of UDP for proposed application layer protocol
Disadvantages of the UDP protocol include the following;
It is an unreliable service, which provides no guarantees for delivery as well as no protection from duplication.
It also does not establish end-to-end connections between communicating end systems.
Introduction to basic concepts of go-back-n
The concept introduces a window of size n. It can also inject n packets into the net before hearing an ACK.
The sliding window labels each packet with a sequence number. A window is basically a collection of adjacent sequence numbers. In addition, the size of the collection is often the sender’s window size.
The receiver keeps a similar window and has a finite buffer. The let window edge is first packet receiver wants to see. In addition, the right window edge is the last packet it can hold. Other packets are queued; therefore, allowing for fixing up out-of-order packets.
The send has to buffer all the unacknowledged packets, since they might require retransmission.
The receiver may also be able to accept out-of-order packets; however, only up to its buffer limits.
The sender needs to set timers in efforts to know when to transmit a packet, which might have been lost in the process.
Illustration of receiver discarding out-of-order packets
With the receiver discarding out-of-order packets, the sender fails to know what happened at the receiver. In addition, the sender does not know whether received package is a retransmit or a new packet.
When handling the duplicates, the sender adds sequence number to every packet. However, the receiver discards (fails to deliver up) the duplicate packet (Preetham p. 84). This means that the sender would send one packet and then wait for the receiver to respond.
Illustration of receiver keeping out-of-order packets
Descriptions of socket API calls
The TCP socket API is the sequence of functions calls for the client as well as the server participating in a TCP connection. The call functions include the socket function, bind function, listen function, accept function, close function, receive function, send function, as well as connect function.
The socket Call Function
The first call is always calling the socket function, particularly the TCP protocol. The function also returns a non-negative integer number, which is similar to a file describer, which is also known as socket descriptor.
The Connect Function
A TCP client in establishing a connection with a TCP server uses this function. It returns zero if it successfully establishes a connection, otherwise it returns 1. Moreover, the client is not supposed to call bind function.
After connection has been established, the fate is shared between the server as well as the client through the use of the calls send (), recv (), sendto (), as well as recvfrom ().
The Bind Function
This function works to assign a local protocol address into a socket. Moreover, with the internet protocols, the address works through combining IPv6 address along with a 16-bit TCP port. The use of a generic socket address demands that any of the calls to the socket functions have to cast the pointer into the protocol.
. Ben-Natan p. 76)Furthermore, a process may also bind a particular IP address into its socket. What this means is that, for a TCP client, this assigns the source of the IP address to be used for IP datagrams that are transmitted to the sockets. Besides, for the TCP server, it limits the socket into receiving the incoming client connections, which are only destined into that specific IP address. More often, the TCP client is not necessarily required to bind into an IP address to its socket (
The Listen Function
This specific function helps in converting an unconnected socket to a passive socket. This implies that the kernel has to accept any incoming connection requests that are directed into the socket.
The Accept Function
This function is also used in order to recover a connection request. It can also convert it into a request.
The Send Function
This function is also used to communicate with the socket as long as it remains connected. When the send function succeeds, it usually returns the number of bytes (_1).
The Receive Function
This function performs almost similar functions as the read function, only that the receive function allows to identify particular options in efforts to control just how data is received. This option is often assumed to equal to zero. Additionally, the receive function similarly returns the length of the information in terms of bytes, 0 when there are no messages available.
Explanation of likely causes and proposed actions
The cause for the increase in the packets from 0.01 percent 3 percent was due to the Wiki software that was installed on the web server at the same that when router A was connected. In order to offset it, it would be advisable to uninstall the Wiki software then try to connect to router A.
The cause for the higher antivirus detection can be attributed to the increase in the number of the active TCP connections as well as TCP volume segments, which are being send to and from the server. Corrective measures include deactivating the large number of TCP that are active as well as reducing the volume of TCP volumes being sent to the network ( Ben-Natan 89).
The cause for the increase of the increase in lengths of packets on the router is due to the VPN installed, because the VPN blocks proper connections to the ISP in addition to blocking sender/receiver communication. To correct this problem, it would be good idea to uninstall the VPN connection.
Basic concepts of checksum/CRC integrity checks
Secure-computing needs demands that information is not corrupted in the process of transmission and encryption. There are a number of ensuring data security, including checksum and CRC.
Checksum is perhaps one of the oldest ways of making sure that data has been kept accurate. Similarly, checksums offer a form of authentication, since an invalid checksum would mean that the information has been compromised.
A CRC check is an error-detecting code that is commonly used in the digital networking world as well as storage devices in order to detect accidental changes to raw data. Furthermore, blocks of data that enter these systems often receive short check value, which are attached to them, based on the remainder of polynomial division of their contents. During the retrieval process, the calculations are repeated and in the event, checks that fail to match are taken against data corruption.
The CRC codes are also called since data verification values are often redundant (expands the messages without adding information) and that algorithms are based on the cyclic codes. In addition, the CRC codes are also popular given that they are simple to implement in the binary hardware as well as easy to analyse mathematically. They are additionally excellent in detecting common errors that are due to noise in the transmission channels. Since these checks have a fixed length, the function generating it usually helps in hash function.
of all the longer error bursts. -n. In particular, n-bit CRCs are often applied to data block of arbitrary length, which help in detecting any single error burst that is not longer than n-bits. It can also detect fractions 1-2Forouzan and Fegan p. 114)Besides, the CRC system is based on the theory of cyclic error-correcting codes. The application of systematic cyclic codes here is to encode messages through adding fixed-length check values for the purposes of detecting error during communication in networks. These codes are not only simple to implement, but are also of great benefit particularly when it comes to the detection of burst errors. This is vital since burst errors are usually transmission errors in a number of communication channels, including optical storage devices (
The specification of the CRC codes demand definition of the generator polynomial. It is this polynomial that becomes the divisor in a polynomial long division and takes the message as the dividend, where the quotient is discarded and reminder becomes the result.
Why checksum/CRC checks are inadequate for security
They are inadequate for security particularly when the undetected error probability are high enough, which can be cannot be sufficient in order to pick an error code. There are a number of other considerations, which make them inadequate for security including the following;
The need to scrub errors detection mechanisms as well as data values in order to mitigate the risk of fault accumulation over time can fail to happen
Vulnerabilities due to message framing, including corrupted fields may undermine the CRC effectiveness
Vulnerabilities resulting from bit encoding such as stuff bits may also undermine the CRC HD
Potential bit error corrections because of memory geometry might occur
Basic concepts of digests
Message digest denotes to the cryptographic hash function that contains a string of digits that are created by a one-way hashing formula. The idea behind message digest is to protect the integrity of a piece of data in efforts to detect the changes as well as alterations to any particular data/message. In addition, these are the type of cryptography that use hash values, which can warn the copyright owner about any modifications that are applied to their work.
In addition, message digest hash numbers often represent the specific files that contain the protested works. It works through assigning one message to particular data content. It may also reference a modification made deliberately as well as accidentally; however, it also notifies the owner recognize the changes and the persons behind such modifications. This term is also referred to as hash value or checksum.
Why digests are more suitable for security
Specific message digest will change if the file changes. In addition, not only will the message digest help in determining changes to files, it can also enable one in locating duplicate files. These messages can be produced in UNIX systems with MD5 command.
. Digests are encrypted with private keys that created a digital signature, which results in a type of validation that ensures that right users are accessing the protected information. This is why they are much more suitable for information/data security. Forouzan and Fegan p. 123)File sharing programs, including peer-to-peer, make use of message digests in order to warn the users, especially when downloading identical files. This can also help in pinpointing the source/origin of such duplicate downloads. Besides, CRC32 as well as SHA are among many of the message digest algorithms (
Basic concepts of how SSL verifies server certificate
Typically, the SSL certificate contains one’s name, company name, address, city, as well as country. It also contains the expiry date of the certificate and the details of the certificate authority, which is responsible for the issuance of the certificate. Whenever a browser connects to a secure site, it will retrieve the site’s SSL certificate as well as check for security. If it fails on these checks, then the browser displays a warning to end users. Forouzan and Fegan p. 128).The acronym SSL stands for Secure Sockets Layer, which helps in creating encrypted connections between the web server as well as visitors’ webs browsers. This allows users’ private information to be transmitted without the problems of data tampering or message forging. In enabling the SSL on a website, one needs to get an SSL certificate, which identifies one and installs it on the server (
Explanation of how students could identify insecure connection
The students could identify the insecure connection because the SSL certificate could not successfully validate if the information on the browser were secure. When the students connected to the site, the SSL certificate retrieved the site’s SSL certificate as well as checked for security. When the checks failed on site, the browser displayed a warning to the students.
Preetham, V. V. (2002). Internet security and firewalls. Cincinnati, Ohio: Premier Press.
Ben-Natan, R. (2005). Implementing database security and auditing: A guide for DBAs, information security administrators and auditors. Burlington, MA: Elsevier Digital Press.
Forouzan, B. A., & Fegan, S. C. (2004). Data communications and networking. Dubuque, Iowa: McGraw-Hill Higher Education.
Holt, A., & Huang, C.-Y. (2010). 802.11 wireless networks: Security and analysis. London: Springer.
More Important Things