Professional Documents
Culture Documents
TCP - Ip, Multicast, Firewall, Proxy PDF
TCP - Ip, Multicast, Firewall, Proxy PDF
▪ TCP/IP - CHARACTERISTICS
▪ Good failure recovery
▪ The ability to add networks without interrupting existing services
▪ High error-rate handling
▪ Platform independence
▪ Low data overhead
▪ (TCP) is a protocol that provides a reliable stream delivery and connection service to
applications.
▪ TCP is responsible for the following:
▪ Opening and closing a session
▪ Packet management
▪ Flow control
▪ Error detection and handling
TCP HEADER
TCP HEADER
▪ Source port is the numerical value indicating the source port.
▪ Destination port is the numerical value indicating the destination port.
▪ Sequence number is the number of the first data octet in any given segment.
▪ When the ACK bit is set, this field contains the next sequence number that the sender of the
segment is expecting to receive. This value is always sent.
▪ Data offset is the numerical value that indicates where the data begins, implying the end of
the header by offset.
▪ Reserved is not used, but it must be off (0).
▪ Control bits are: Eg. A(ACK), P(PSH)-Push function, etc
▪ Window indicates the number of octets the sender is willing to take.
▪ Checksum field is the 16-bit complement of the sum of all 16-bit words, restricted to the 1s
column, in the header and text.
▪ URG pointer field shows the value of the URG pointer in the form of a positive offset of the
sequence number
IP
▪ IP manages how packets are delivered to and from servers and clients.
IP HEADER
▪ Version number indicates the version of IP Eg. IPV4
▪ header length indicates the overall length of the header.
▪ Type of Service field indicates the importance of the packet in a numerical value. Higher
numbers result in prioritized handling.
▪ Total length shows the total length of the packet in bytes.
▪ Identification: If there is more than one packet, the identification field has an id that
identifies its place in line
▪ Flags: first flag, if set, is ignored. DF-Do not Fragment, MF – More Fragments
▪ Offset field contains the location of the missing piece(s) indicated by a numerical offset
based on the total length of the packet.
▪ Time To Live (TTL): Typically 15 to 30 seconds
▪ Protocol field holds a numerical value indicating the handling protocol in use for this packet.
▪ checksum value acts as a validation checksum for the header.
▪ Source address field indicates the address of the sending machine.
▪ Destination address field indicates the address of the destination machine.
Error Detection Techniques in OSI model (Data link or Transport Layer)
▪ Simple Parity Check
▪ Checksum
▪ Two Dimensional Parity Check
Even Parity Check
▪ Aim: To make total number of 1’s as Even
▪ Rules
▪ 1 is added to the block -> odd number of 1’s
▪ 0 is added to the block -> even number of 1’s
▪ Transport Protocol
▪ TCP SYN Attack, TCP Land Attack, TCP & UDP Port Scanning, TCP Sequence Number
Prediction, IP Half Scan Attack, TCP Sequence number generation
▪ Internet Protocol
▪ IP: IP Spoofing Attack, HTTP Flooding, Password Brute Force Attacks, Click Jacking
▪ APR: Connection Reseating, Packet Sniffing, DoS
▪ IGMP: DDoS Attack, Multicast Routing
▪ ICMP: ICMP Tunneling, Smurf Attack, Fragile Attack
UNICAST, BROADCAST,
MULTICAST
DR. N. ARUL KUMAR
DEFINITION
▪ Broadcast: the communication between a single host and all hosts in the network;
▪ Multicast: The communication between a single host and a selected set of hosts;
Disadvantages
• Server for each client to send data flow, server traffic = client number × client traffic
• Large number of customers, each client flow of large streaming media applications
server overwhelmed;
• 1. Directed broadcast:
• Sends packets to all hosts on a specific network outside the network
• 2. Local broadcast:
• Datagram packet is sent to all hosts on the local network.
• IPv4 is “255.255.255.255” and the router will not forward this broadcast.
Advantages
• Information can be delivered to all hosts on a network at once.
Disadvantages
• Bandwidth of the network very much
• Lack of targeted
MULTICAST
Advantages
• Provides the efficiency of sending the data packet
• Less traffic
Disadvantages
• No error correction mechanism
MULTICAST ADDRESS
routing protocols used for multicast
▪ Internet Group Management Protocol (IGMP)
▪ Protocol Independent Multicast (PIM)
▪ Distance Vector Multicast Routing Protocol (DVMRP)
▪ Multicast Open Shortest Path First (MOSPF)
▪ Multicast BGP (MBGP)
▪ Multicast Source Discovery Protocol (MSDP)
▪ Multicast Listener Discovery (MLD)
▪ GARP Multicast Registration Protocol (GMRP)
▪ Shortest Path Bridging (SPB)
RESEARCH AREAS IN MULTICASTING
▪ Multicasting in Mobile Ad-Hoc Wireless Networks: issues and challenges
▪ Multicasting using Device to Device Communication and network coding for 5G network
▪ Multicasting in Software Defined Networks
▪ Multicasting in Cognitive Radio Networks
▪ Secure wireless Multicasting with Linear Equalization
▪ QoS aware Service Selection and Multicast Framework for Wireless Mesh Networks
▪ Energy Efficient Multicasting in IEEE 802.11 WLANs for Scalable Video Streaming
▪ Client Assisted Multicasting for Audio and Video Streams
▪ Performance Analysis of Scalable Secure Multicasting in Social Networking
▪ Congestion Aware MAC protocol for Multicasting in Wireless Body Sensor Networks
▪ QoS aware Multicasting in heterogeneous Vehicular Networks
▪ Massive Video Multicasting in Cellular Networks using network coded Cooperative
Communication
FIREWALL
AND
PROXY
▪ NOTE: Access Control Lists (ACLs) residing on routers (alternate for Firewall)
FIREWALL
▪ SOFTWARE FIREWAL
▪ Protect a single computer
▪ Less cost, easy to configure
▪ Mcafee Internet security
▪ HARDWARE FIREWALL
▪ Protect entire network
▪ More cost, hard to configure
▪ CISCO PIX
First Generation- Packet Filtering Firewall
▪ Maintains a filtering table which decides whether the packet will be forwarded or discarded.
▪ Filtering decisions would not only be based on defined rules, but also on packet’s history in
the state table
Third Generation- Application Layer Firewall
▪ Application layer firewall can inspect and filter the packets on any OSI layer, up to application
layer.
▪ It has ability to block specific content, also recognize when certain application and protocols
▪ A proxy firewall prevents direct connection between either side of firewall, each packet has to
pass through the proxy.
▪ ROLE
▪ Receives a request from a client inside the firewall
▪ Sends this request to the remote server
▪ Reads the response
▪ Sends it back to the client
FORWARD PROXY
▪ In this the client requests its internal network server to forward to the internet.
OPEN PROXIES
▪ Open Proxies helps the clients to conceal their IP address while browsing the web.
REVERSE PROXIES
▪ In this the requests are forwarded to one or more proxy servers and the response from the
proxy server is retrieved as if it came directly from the original Server.
PROXY SERVER - ARCHITECTURE