Thursday, 3 September 2015

BCS-052 Network Programming and Administration 2015-2016

1. (a) Why would an application use UDP instead of TCP? Discuss. (6 Marks) 
Ans: UDP provides an unreliable service and datagram may arrive out of order, appear duplicated, or go missing without notice. UDP assumes that error checking and correction is either not necessary or performed in the application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often use UDP because dropping packets is preferable to wait for delayed packets, which may not be an option in a real-time system. The User Datagram Protocol (UDP) is a transport layer protocol for use with the IP network layer protocol. It provides a best-effort datagram service to an end system (IP host). UDP provides no guarantee for delivery and no protection from duplication, but the simplicity of UDP reduces overhead from the protocol and can be adequate for some applications. A computer may send UDP packets without first establishing a connection to a recipient. The computer completes the appropriate fields in the UDP header (PCI) and forwards the data together with the header for transmission by the IP network layer. Typically, use UDP in applications where speed is more critical than reliability. For example, it may be better to use UDP in an application sending data from a fast acquisition where it is acceptable to lose some data points. You can also use UDP to broadcast to any machine(s) listening to the server.

(b) What is the purpose of VPNs and what are the main features they provide? (4 Marks)
Ans: 
Virtual private network is a network that is constructed by using public wires usually the Internet to connect to a private network, such as a company's internal network. There are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.
A key feature of a VPN is its ability to work over both private networks as well as public networks like the Internet. Using a method called tunneling, a VPN runs over the same hardware infrastructure as existing Internet or intranet links. VPN technologies include various security mechanisms to protect the virtual, private connections.

2. (a) Draw the IP datagram header format. ―IP datagram has a checksum field still and it’s called an unreliable protocol. Justify. (6 Marks)
Ans:- 

A checksum of the IP header (excluding data). The IP checksum is computed as follows: 1. Treat the data as a stream of 16-bit words (appending a 0 byte if needed). 2. Compute the 1's complement sum of the 16-bit words. 3. Take the 1's complement of the computed sum. The IP service is connectionless because each packet is treated independently from all others. The service is unreliable because delivery is not guaranteed, and packets may well be lost, duplicated, delayed, or delivered out of order. Finally, the service is best-effort delivery because the software makes an earnest attempt to deliver packets; unreliability arises only when the resources are exhausted or the underlying networks fail. The key idea in IP is to keep the network relatively simple and put any necessary intelligence in the end hosts. The IP layer resembles the postal system.

(b) What is a ―internetworking? State and compare internetworking devices used to connect different LAN segments. (4 Marks) 
Ans: 
Internetworking is the practice of connecting a computer network with other networks through the use of gateways that provide a common method of routing information packets between the networks. The resulting system of interconnected networks is called an internetwork.
Repeater:-

  • A repeater connects different segments of a LAN. 
  • A repeater forwards every frame it receives.
  • A repeater is a regenerator, not an amplifier.
  • It can be used to create a single extended LAN. 
Bridge:-
A bridge is a device that separates two or more network segments within one logical network. A bridge is used for linking two networks that work with the same protocol (similar type network). It can filter frames to transmit it to destination address corresponds to a machine located on the other side of the bridge. It connects two or more local area networks (LANs) together.
  • A bridge operates both in physical and data-link layer 
  • A bridge uses a table for filtering/routing 
  • A bridge does not change the physical (MAC) addresses in a frame.
3. (a) Describe the activities to be performed at every layer in the TCP model when information flows from layer to another layer.(6 Marks) 
Ans: 
Application Layer:
The application layer provides format and configuration for the user to access information on the network through an application. This layer is the main interface for users to interact with the application and therefore the network.
Services:
  • Resource sharing and device redirection
  • Remote file access
  • Remote printer access
  • Network management
  • Directory services
  • Electronic messaging (such as mail) etc 
Presentation Layer:
The presentation layer transforms data to provide a standard interface for the application layer. Encoding, data compression, data encryption and similar manipulation of the presentation is done at this layer to present the data as a service or protocol developer sees fit.
Services:
  • Data representation
  • Data security
  • Data compression
Session Layer:
The session layer controls the connections (sessions) between computers. It establishes, manages and terminates the connections between the local and remote application. 
Services:
  • Simplex
  • Half Duplex
  • Full Duplex 
Transport Layer
The transport layer provides transparent transfer of data between end users, thus relieving the upper layers from transfer concerns while providing reliable data transfer. The transport layer controls the reliability of a given link through flow control, segmentation/ desegmentation, and error control. 
Services:-
  • Resource Utilization (multiplexing):
  • Connection Management (establishing & terminating
  • Flow Control (Buffering / Windowing):
Network Layer
The network layer provides the means of transferring data sequences from a source to a destination by using one or more networks while maintaining the quality of service requested by the Transport layer. The Network layer performs network routing functions, and might also perform segmentation/de-segmentation, and report delivery errors. 
Services:-
  • Connection setup
  • Addressing
  • Routing
  • Security
  • Quality of Service
  • Fragmentation 
Data Link Layer
The data link layer provides the means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. It arranges bits from the physical layer into logical chunks of data, known as frames. 
Services:- 
  • Frame Traffic Control:
  • Frame Sequencing:
  • Frame Acknowledgment:
  • Frame Delimiting:
  • Link Establishment and Termination:
  • Frame Error Checking:
  • Media access management: 
Physical Layer
The physical layer defines all the electrical and physical specifications for devices. This includes the Layout of pins, voltages, and cable specifications. 
Services:-
  • Data encoding:
  • Transmission technique:
  • Physical medium transmission:

(b) Classify the problems faced by network administrator. Make a chart to explain the available solutions for each problem.(4 Marks) 
Ans: 
Flexibility vs. Security
Network security has had to adapt increasingly quickly, in order to keep up with the new ways those users and back-end systems work. Mobility and variety are currently on the increase at both sides of the enterprise network. At the outer edge, users are operating a growing range of hand-held computing devices. 
Cost vs. Capability 
New applications drive requirements for new capabilities within the network infrastructure:
  • Multimedia applications require enhancements to network QoS, and the introduction of multicasting protocols.
  • High-performance applications, for example high-definition video, high-end CAD and graphics applications, require enhancements to network bandwidth.
  • Migration to IPv6 requires the introduction of new protocols into the network.
Reliability vs. Growth 
Networks are growing not just in complexity, but also in size. As more and more functions converge onto data networks, the number of devices attached to the network grows, and therefore the number of switching and routing nodes in the network must also grow. Organizations need to attach more and more of their operations onto the data network – remote locations need connections into central sites; even locations with no staff need network links for surveillance cameras and/or environmental monitoring, and/or control of automated devices.
Solution
  • Efficient configuration change management
  • Automated recovery of failed units
  • Automatic provisioning of new units
  • Automated software upgrade 

4. (a) Explain the connection oriented & connection less services using bind, connect, listen & accept system calls. (6 Marks) 
Ans: 
Connection oriented service is implemented by Transmission Control Protocol (TCP). There are various characteristics of this protocol.
  • It is a connection-oriented.
  • A client must connect a socket to a server.
  • TCP socket provides bidirectional channel between client and server.
  • Lost data is re-transmitted.
  • Data is delivered in-order.
  • Data is delivered as a stream of bytes.
  • TCP uses flow control.
Connection less communication is implemented by User Datagram Protocol (UDP). Characteristics of this protocol:-
  • It is a connectionless.
  • A single socket can send and receive packets from many different computers.
  • Best effort delivery.
  • Some packets may be lost some packets may arrive out of order.

(b) List and explain the features of any four popular enterprise security solutions.(4 Marks) 
Ans: 
Enterprises security solution and its features:-
End Point Data Protection Features
  • Minimize risk of losing sensitive data.
  • Improve incident response time.
  • Identify security threads quickly with comprehensive correlations.
  • Reduce security operations costs with standardized process.
  • Leverage security intelligence to improve security posture
  • Security log data and detailed reports support your IT policy and regulatory compliance requirements
Disaster Recovery Features
  • Simple and easy to deploy
  • Pay per use business model
  • Best in class TCO for DR solutions
  • Continuous Data Protection technology with multi-site replication
  • DR protection from multiple geographic Data centers, 100% scalable to meet your production workloads
  • 24 X 7 support
Enterprise Data Protection
  • Protect your data wherever it goes — on devices, external media and in public cloud storage.
  • Implement encryption options ranging from simplified to full disk encryption.
  • Help your organization meet regulatory requirements and avoid costly fines with onetouch preset compliance templates.
  • Easily implement encryption with optional and customized factory installation.
  • Remotely manage encryption and authentication policies with a single console designed to work seamlessly.
  • Enable end users to securely access and share data on any device and in the cloud with non-disruptive, data-centric encryption.
End Use security Solution
  • Reduce cost and complexity of risk management
  • ITighter control and visibility of regulatory compliance
  • Provision appropriate network access for non employee
  • Mitigate the risk of end point vulnerabilities 

5.
(a) What is a mail server? Briefly explain specifying the protocols involved how a
sender can send a mail to the server and the recipient retrieves it from the server? (6
Marks)
ANs: 
An e-mail server is a computer within your network that works as your virtual post office. A
mail server usually consists of a storage area where e-mail is stored for local users, a set of
user definable rules which determine how the mail server should react to the destination of a
specific message
Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail)
transmission across Internet Protocol (IP) networks. SMTP is generally used to send
messages from a mail client to a mail server. This is why you need to specify both the POP
or IMAP server and the SMTP server when you configure your e-mail application.

  • After composing a message and hitting send, your email client - whether it's Outlook Express or Gmail - connects to your domain's SMTP server. This server can be named many things;
  • Your email client communicates with the SMTP server, giving it your email address, the recipient's email address, the message body and any attachments.
  • The SMTP server processes the recipient's email address - especially its domain. If the domain name is the same as the sender's, the message is routed directly over to the domain's POP3 or IMAP server - no routing between servers is needed. If the domain is different, though, the SMTP server will have to communicate with the other domain's server.
  • In order to find the recipient's server, the sender's SMTP server has to communicate with the DNS, or Domain Name Server. The DNS takes the recipient's email domain name and translates it into an IP address. The sender's SMTP server cannot route an email properly with a domain name alone; an IP address is a unique number that is assigned to every computer that is connected to the Internet. By knowing this information, an outgoing mail server can perform its work more efficiently.
  • Now that the SMTP server has the recipient's IP address, it can connect to its SMTP server. This isn't usually done directly, though; instead, the message is routed along a series of unrelated SMTP servers until it arrives at its destination.
  • The recipient's SMTP server scans the incoming message. If it recognizes the domain and the user name, it forwards the message along to the domain's POP3 or IMAP server. From there, it is placed in a send mail queue until the recipient's email client allows it to be downloaded. At that point, the message can be read by the recipient.

(b) Explain the importance of three-way handshake method for connection
establishment in TCP/IP with the help of suitable diagram.(4 Marks)
Ans: 
To establish a connection, TCP uses a three-way handshake. Before a client attempts to
connect with a server, the server must first bind to and listen at a port to open it up for
connections: this is called a passive open. Once the passive open is established, a client
may initiate an active open. To establish a connection, the three-way (or 3-step) handshake
occurs: 
1. SYN: A client sending a SYN to the server. The client sets the segment's sequence
number to a random value X.
2. SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment
number is set to one more than the received sequence number (X + 1), and the
sequence number that the server chooses for the packet is another random number,Y.
3. ACK: Finally, the client sends an ACK back to the server. The sequence number is
set to the received acknowledgement value i.e. X + 1, and the acknowledgement
number is set to one more than the received sequence number i.e. Y + 1.

6.
(a) Draw the TCP header and list its components. Also, explain how can TCP handle urgent
data?
(6 Marks)
Ans: 
TCP provides a mechanism to handle urgent data
• Urgent data is received before octets already in the stream
• Sender:
– Sets urgent bit in segment header
– Puts urgent data at the beginning of the data field
– Sets urgent pointer to the end of the urgent data
• Receiver:
– Notified of the urgent data as soon as it arrives
– Enters “urgent mode” until all urgent data has been consumed
– Returns to “normal mode” 


(b) What do you understand by a domain name? How is a domain name translated to
an equivalent IP address?(4 Marks)
Ans: 
The Domain Name System (DNS) is a standard technology for managing the names of
Web sites and other Internet domains. DNS technology maps IP address with names like
“www.pixelesindia.com” and a computer automatically find that address on the Internet.
A DNS server is any computer registered to join the Domain Name System. A DNS
server runs special-purpose networking software, features a public IP address, and
contains a database of network names and addresses for other Internet hosts. There are
two types of DNS servers:-primary (master) and secondary DNS server.

  • It can supply the IP address because it knows it from its zone file.
  • It can contact another DNS server and try to locate the IP address for the name requested. Every DNS server has an entry called alternate DNS server, which is the DNS server it should get in touch with for unresolved domains. If this server is in authority, it responds, otherwise sends the query to another server. When the query is finally resolved, it travels back until it finally reaches the resolver. 

7.
(a) List the protocols presently supported by Intranet and explain the use of each
protocol in Intranet administration. (6 Marks)
Ans: 
HTTPd
It stands for HTTP daemon. A daemon is a UNIX background process that implements the
server side of a protocol. For example, FTPd is the File Transfer Protocol daemon. HTTP
daemon, a software program that runs in the background of a Web server and waits for
incoming server requests. The daemon answers the requests automatically and serves the
hypertext and multimedia documents over the Internet using HTTP. HTTPd is the program you would run on a UNIX platform to establish a web server. Daemons are unique to UNIX
on other platforms, such as Microsoft Windows NT, the web server is a background process
implemented as a system service.
SOCKS
SOCKS is an Intranet protocol that facilitates the routing of network packets between client–
server applications via a proxy server. SOCKS perform at Layer 5 of the OSI model—the
Session Layer Port 1080 is the well-known port designated for the SOCKS server.
The SOCKS5 protocol was originally a security protocol that made firewalls and other
security products easier to administer. It was approved by the IETF in 1996. The protocol
was developed in collaboration with Aventail Corporation, which markets the technology
outside of Asia. 
#ARP / RARP (Address resolution protocol & Reverse Address resolution
Protocol):- 
 It is a basic communication protocol that is used to identify IP address if physical
address is known. It is used by networking equipment.
It obtains the MAC address for requesting device. It is also used to translate MAC address to
IP address & vice-versa.
The Address Resolution Protocol uses a simple message format that contains one
address resolution request or response. The size of the ARP message depends on the
upper layer and lower layer address sizes, which are given by the type of networking
protocol (usually IPv4) in use and the type of hardware or virtual link layer that the upper
layer protocol is running on. The message header specifies these types, as well as the size
of addresses of each. The message header is completed with the operation code for request
(1) and reply (2). The payload of the packet consists of four addresses, the hardware and
protocol address of the sender and receiver hosts. 
#SSL Secure Socket Layer (SSL)
SSL are cryptographic protocols that provide security for
communications over networks such as the Internet. TLS and SSL encrypt the segments of
network connections at the Transport Layer end-to-end.
Several versions of the protocols are in widespread use in applications like web browsing,
electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP). 
# SSH
Secure Shell or SSH is a network protocol that allows data to be exchanged using
a secure channel between two networked devices. Used primarily on GNU/Linux and Unix
based systems to access shell accounts, SSH was designed as a replacement for Telnet
and other insecure remote shells, which send information, notably passwords, in plaintext,
rendering them susceptible to packet analysis. The encryption used by SSH provides
confidentiality and integrity of data over an insecure network, such as the Internet.
#RSH
The remote shell (rsh) is a command line computer program that can execute shell
commands as another user, and on another computer across a computer network.
The remote system to which rsh connects runs the rshd daemon. The rshd daemon typically
uses the well-known Transmission Control Protocol (TCP) port number 514.


(b) How many networks can each IP address class (A, B and C) can have? Calculate and
justify your answer using a suitable example for each. (4 Marks)
Ans: 



8.
(a) What is the purpose of DNS? What is the function of a secondary or tertiary DNS
server? In which case will the lookups be transferred to additional DNS servers?(6
Marks)
ANs: 
A DNS server is any computer registered to join the Domain Name System. A DNS
server runs special-purpose networking software, features a public IP address, and
contains a database of network names and addresses for other Internet hosts. There are
two types of DNS servers:-primary (master) and secondary DNS server. 
  • Primary server: - it is responsible creating, maintaining and updating zone file and it is stored in its local disk.
  • Secondary server: - Secondary server stores the latest zone file from the primary server only.
  • A primary DNS server holds the "master copy" of the data for a zone, and secondary servers have copies of this data which they synchronize with the primary through zone transfers at intervals or when prompted by the primary.
  • Only one DNS server should be configured as primary for a zone, but you can have any number of secondary servers for redundancy.
  • Both primary and secondary servers for a zone serve exactly the same data to clients.
  • Once a zone is configured on both primary and secondary servers, zone transfers should automatically occur when needed. 


(b) What are the NTFS, FAT, HPFS file systems?
Ans: 
NT File System, one of the file systems for the Windows NT operating system (Windows NT
also supports the FAT file system). NTFS has features to improve reliability, such as
transaction logs to help recover from disk failures. To control access to files, you can set
permissions for directories and/or individual files. NTFS files are not accessible from other
operating systems such as DOS. For large applications, NTFS supports spanning volumes,
which means files and directories can be spread out across several physical disks. 
The HPFS file system was first introduced with OS/2 1.2 to allow for greater access to the
larger hard drives that were then appearing on the market. Additionally, it was necessary for
a new file system to extend the naming system, organization, and security for the growing
demands of the network server market. HPFS maintains the directory organization of FAT,
but adds automatic sorting of the directory based on filenames. Filenames are extended to
up to 254 double byte characters. HPFS also allows a file to be composed of "data" and
special attributes to allow for increased flexibility in terms of supporting other naming
conventions and security. In addition, the unit of allocation is changed from clusters to
physical sectors (512 bytes), which reduces lost disk space.

1 comment: