Download presentation
Presentation is loading. Please wait.
Published byJemima Beasley Modified over 6 years ago
1
Final Exam Review Will release at 10:00am Dec. 6th,
Due on Webcourse at 11:59pm the next day
2
Final Exam Review Knowledge questions
True or false statement (explain why) Protocol Calculation Cover the contents after midterm coverage
3
Knowledge Question Examples
Three classes of switch fabric, speed relationship Where can queue occur in router? TCP header size? IP header size? UDP header size? How many bits in IP of IPv6? Address space size? Why it is very slow to be deployed? (enough IP space, hard upgrading and compatible) What is DHCP? NAT? Their pros and cons? Routing: what are Link state, distance vector? Internet two-level routing? (inter-AS, intra-AS) RIP, OSPF, BGP? Used where? OSPF uses link state, BGP/RIP uses distance vector RIP, OSPF -> intra-AS, BGP -> inter-AS Which is better? pure ALOHA, slotted ALOHA, CSMA/CD? What are their assumptions? (collision detection, time syn) CSMA/CD? CSMA/CA? Why wireless use CSMA/CA? Ethernet Broadcast MAC addr.? What the broadcast address for? What is ARP? Why Ethernet is much better than aloha in efficiency? Carrier sense, collision detection, exp. backoff
4
Knowledge Question Examples
Hub vs. Switch? 802.11a, b, g: speed? Working frequency? 802.15? (personal area network, example: bluetooth) Wireless no collision detection? listen while sending, fading, hidden terminal Network security three elements: Confidentiality, authentication, integrity What is public/symmetric key cryptography? Pro vs. con? Why use “nonce” in security? (replay attack) What is man-in-the-middle attack? Usage of firewall? (block outside active traffic to inside) IP spoofing? SYN flood DoS attack?
5
Protocol Problem Examples
NAT address translation procedure Digital signature procedure HTTPS connection procedure CA, public key Secure (assume known public key) Confidentiality Integrity
6
Calculation Examples subnet addressing link state, distance vector
Figure out subnet based on host’s IP and subnet mask link state, distance vector parity checking CRC calculation wireless MAC protocol Caesar cipher decrypt, Vigenere cipher, one-time pad decrypt (given the pad)
7
Three types of switching fabrics
Property? Speed order?
8
Routing Algorithm classification
Global or decentralized information? Global: all routers have complete topology, link cost info “link state” algorithms Decentralized: router knows physically-connected neighbors, link costs to neighbors iterative process of computation, exchange of info with neighbors “distance vector” algorithms
9
NAT: Network Address Translation
NAT translation table WAN side addr LAN side addr 1: host sends datagram to , 80 2: NAT router changes datagram source addr from , 3345 to , 5001, updates table , , 3345 …… …… S: , 3345 D: , 80 1 S: , 80 D: , 3345 4 S: , 5001 D: , 80 2 S: , 80 D: , 5001 3 4: NAT router changes datagram dest addr from , 5001 to , 3345 3: Reply arrives dest. address: , 5001
10
Intra-AS and Inter-AS routing
between A and B a b C A B d c A.a A.c C.b B.a Host h2 Host h1 Intra-AS routing within AS B Intra-AS routing within AS A RIP: Routing Information Protocol OSPF: Open Shortest Path First BGP: Border Gateway Protocol (Inter-AS)
11
ARP protocol: Same LAN (network)
A wants to send datagram to B, and B’s MAC address not in A’s ARP table. A broadcasts ARP query packet, containing B's IP address Dest MAC address = FF-FF-FF-FF-FF-FF all machines on LAN receive ARP query B receives ARP packet, replies to A with its (B's) MAC address frame sent to A’s MAC address (unicast) A caches (saves) IP-to-MAC address pair in its ARP table until information becomes old (times out) soft state: information that times out (goes away) unless refreshed ARP is “plug-and-play”: nodes create their ARP tables without intervention from net administrator
12
What is network security?
Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Virus really from your friends? The website really belongs to the bank? Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Digital signature
13
Collision Avoidance: RTS-CTS exchange
B AP DIFS RTS(A) RTS(B) reservation collision RTS(A) CTS(A) CIFS CIFS DATA (A) ACK(A) defer time CIFS Textbook Page 522 figure
14
Firewall Block outside-initiated traffic to inside of a local network
Usually do not block any traffic initiated from inside to outside Have at least two NICs (two IPs) administered network public Internet firewall
15
Internet security threats
Denial of service (DOS): flood of maliciously generated packets “swamp” receiver Distributed DOS (DDOS): multiple coordinated sources swamp receiver e.g., C and remote host SYN-attack A A C SYN SYN SYN SYN SYN B SYN SYN
16
Digital signature = signed message digest
Alice verifies signature and integrity of digitally signed message: Bob sends digitally signed message: large message m H: Hash function KB(H(m)) - encrypted msg digest H(m) digital signature (encrypt) Bob’s private key large message m K B - Bob’s public key digital signature (decrypt) K B + KB(H(m)) - encrypted msg digest H: Hash function + H(m) H(m) equal ? No confidentiality !
17
Secure Alice wants to send confidential , m, to Bob. KS KS( ) . KS(m ) m + Internet KB( ) . + KS KB(KS ) + KB + Alice: generates random symmetric private key, KS. encrypts message with KS (for efficiency) also encrypts KS with Bob’s public key. sends both KS(m) and KB(KS) to Bob.
18
Secure Alice wants to send confidential , m, to Bob. KS( ) . KB( ) + - KS(m ) KB(KS ) m KS KB Internet Bob: uses his private key to decrypt and recover KS uses KS to decrypt KS(m) to recover m
19
Secure e-mail (continued)
Alice wants to provide message integrity (unchanged, really written by Alice). H( ) . KA( ) - + H(m ) KA(H(m)) m KA Internet compare Alice digitally signs message. sends both message (in the clear) and digital signature.
20
Secure e-mail (continued)
Alice wants to provide secrecy, sender authentication, message integrity. H( ) . KA( ) - + KA(H(m)) m KA KS( ) KB( ) KB(KS ) KS KB Internet Alice uses three keys: her private key, Bob’s public key, newly created symmetric key
21
Internet Web Security Architecture
Web Server B CA K+B K-CA(K+B) Client A Cert Request K-CA(K+B) K+B(KAB, R) KAB(R) KAB(m) Network Security
22
Forwarding table Destination Address Range Link Interface
through through through otherwise
23
Longest prefix matching
Prefix Match Link Interface otherwise Examples DA: Which interface? DA: Which interface? DA: Which interface?
24
CRC Example Want: D.2r XOR R = nG equivalently: D.2r = nG XOR R
if we divide D.2r by G, want remainder R D.2r G R = remainder[ ]
25
Dijkstra’s algorithm: example
Step 1 2 3 4 5 N D(B),p(B) D(C),p(C) D(D),p(D) D(E),p(E) D(F),p(F) A 2,A ,A ,A infinity,- infinity,- AD 2,A ,D ,A ,D infinity,- ADE 2,A ,E ,A ,D ,E ADEB 2,A ,E ,A ,D ,E ADEBC 2,A ,E ,A ,D ,E ADEBCF 2,A ,E ,A ,D ,E 5 3 B C 2 5 A 2 1 F 3 1 2 D E 1
26
z y x Dx(z) = min{c(x,y) + Dy(z), c(x,z) + Dz(z)} = min{2+1 , 7+0} = 3
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)} = min{2+0 , 7+1} = 2 node x table x y z x y z ∞ from cost to cost to cost to x y z x y z x x from y from y z z node y table cost to cost to cost to x z 1 2 7 y x y z x y z x y z x ∞ ∞ x ∞ x y from y from from y z z ∞ ∞ ∞ z node z table cost to cost to cost to x y z x y z x y z x x x ∞ ∞ ∞ from y from y from y ∞ ∞ ∞ z z z 7 1 time
27
Caesar cipher decrypt: Vigenere cipher
“welcome”, key= +2 Vigenere cipher “final exam” key=3,4,-1 (blank space does not change)
28
Subnet calculation Remember each subnet is represented by a.b.c.d/x
Don’t use “ to ” to represent a subnet!
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.