TCP and UDP Networking Protocols

Questions and Answers

Which network layer protocol is connectionless and good for video/audio?

UDP (correct)

ICMP

IP

IGMP

Which routing protocol is suitable for a larger network in terms of cost?

BGP

OSPF (correct)

RJPVZ

TCP

What does encapsulation involve for each packet?

Payload & Trailer

Header & Trailer

Header & Footer

Header & Payload (correct)

What is the purpose of using NET to map between public and private IP addresses?

Address translation

Which part of an IP address determines its class?

1st octet

What does the IP address 192.168.1.10 indicate based on its class?

Class B address

What is the purpose of ARP (Address Resolution Protocol)?

To map between IP and MAC addresses

What does the Blackhole attack involve?

Pretending to be the shortest path but dropping received packages

How is TCP SYN Flood attack carried out?

Keeping connections half open and flooding the host with re-sent SYN packets

What is the purpose of Flow Control in networking?

Measuring network traffic to control congestion

What is the common security issue associated with FTP, Telnet, and FTP?

Transmission of passwords in clear text without protection

What is the TCP Starvation attack?

Asking the server to send the last packet without closing the connection

How does the MiM & DoS attack tactic work?

Quickly exhausting the victim's session limit by closing TCP sessions on the attacker's side

What are the common vulnerabilities that FTP faces?

Transmission of passwords in clear text without protection

What technique is suggested to reduce fake browsers?

Using SSL for secure communication

What is the main concern regarding the transmission of passwords in clear text?

Easy sniffing of passwords and session hijacking by attackers

Which network layer protocol is connectionless and good for video/audio?

UDP

What is the main concern regarding the transmission of passwords in clear text?

Security vulnerability

What does encapsulation involve for each packet?

Header and payload

How does IP address 192.168.1.10 indicate based on its class?

Class C

What technique is suggested to reduce fake browsers?

Multiplexing

What is the main purpose of ARP (Address Resolution Protocol)?

To find the MAC address corresponding to an IP address

What is the Blackhole attack in networking?

A router pretending to be the shortest path and dropping or misusing data packets

What is the purpose of TCP SYN Flood attack?

To keep connections half open and resend SYN to flood the host

What is the common vulnerability associated with FTP, Telnet, and FTP?

Messages can be read and modified during transmission

What does the TCP Starvation attack involve?

Asking the server to send the last package without closing the connection

What does Flow Control in networking aim to achieve?

Controlling congestion and traffic by measuring network traffic

What technique is suggested to reduce fake browsers in networking?

Not opening sources that are not trusted

What is the common aspect between FTP, Telnet, and FTP in terms of security vulnerability?

The issue here is transmission of passwords in clear which will enable attackers to easily sniff password & hijack sessions.

What are common features between FTP, Telnet, and FTP?

Username + password are sent in clear text without any protection

Study Notes

Connectionless Network Layer Protocol

• User Datagram Protocol (UDP) is connectionless and suitable for video/audio transmission.

Routing Protocols

• Open Shortest Path First (OSPF) is cost-effective and suitable for larger networks, optimizing route selection.

Packet Encapsulation

• Encapsulation involves wrapping data in packets with headers and trailers, ensuring proper data delivery and routing through the network.

Purpose of Network Address Translation (NAT)

• NAT maps private IP addresses to public IP addresses, allowing multiple devices to share a single public IP and enhancing security.

Determining IP Address Class

• The first octet of an IP address indicates its class (A, B, C, etc.), with specific ranges assigned to each class.

Analysis of IP Address 192.168.1.10

• The address 192.168.1.10 is a Class C address, commonly used for private networks.

Address Resolution Protocol (ARP)

• ARP resolves IP addresses to MAC addresses, enabling communication between devices on a local network.

Blackhole Attack

• A Blackhole attack involves maliciously discarding network packets, causing loss of data and service disruptions.

TCP SYN Flood Attack

• In a TCP SYN Flood attack, an attacker sends numerous SYN requests, overwhelming the target server and exhausting available resources.

Flow Control in Networking

• Flow control manages data transmission rates between devices, preventing network congestion and ensuring efficient data flow.

Common Security Issues with FTP and Telnet

• FTP and Telnet are vulnerable to interception and unauthorized access, primarily due to lack of encryption.

TCP Starvation Attack

• A TCP Starvation attack prevents certain connections from accessing resources by monopolizing bandwidth through excessive SYN packets.

Man-in-the-Middle (MiM) and Denial of Service (DoS) Attacks

• MiM attacks intercept communications, while DoS attacks aim to overwhelm and incapacitate network services.

Vulnerabilities of FTP

• FTP faces issues such as lack of encryption, exposing sensitive data during transmission and allowing unauthorized access.

Reducing Fake Browsers

• Techniques like implementing CAPTCHA, browser fingerprinting, and behavioral analysis help reduce the presence of fake browsers.

Concerns over Clear Text Password Transmission

• Transmitting passwords in clear text poses risks of interception, potentially compromising user accounts and sensitive information.

Common Vulnerabilities Summary

• FTP, Telnet, and similar protocols lack encryption, making them susceptible to data theft and unauthorized access.

Description

Test your knowledge of TCP and UDP networking protocols, including their reliability, handshaking, and use cases. Also explore the protocols at the network layer.