1. State the use of 6 flags in TCP header ? 3. Compare TCP and UDP ?
Source port number = BC8216 = 48258
There are 6, 1-bit control bits that control
connection establishment, termination,
abortion, flow control etc..
URG ACK PSH RST SYN FIN
a) URG: Urgent pointer If this bit field is
set the receiving TCP should interpret
the urgent pointer field.
b) ACK: Acknowledgement If this bit field
is set the ACK field described earlier is
valid.
c) PSH: Push function Request for push
d) RST: Reset the connection If this bit is
present it signals the receiver that
sender is aborting the connection i.e.
Reset the connection.
e) SYN: Synchronize When this bit field in
present then the sender is attempting
to “synchronize” sequence numbers
f) FIN: No more data from sender. If this 4. The dump of a UDP header in
bit is set then it terminates the
connection
2. List two advantages of using UDP over
TCP ?
a) UDP is connection less and unreliable (iii) Total length
transport layer protocol. i.e. It does
not require to maintain a connection.
b) UDP is transaction oriented and
suitable for simple query response
protocols.
c) UDP is faster since it does not require
acknowledgment.
d) Useful when time sensitivity is more
important
hexadecimal format is as follows :
BC 82000 D 002 B 001 D Obtain the
following from it :
(i) Source port number
(ii) Destination port number
(iv) Length of the data
The UDP header has four parts, each
of two bytes. That means we get the
following interpretation of the header.
I.
II. Destination port number = 000D16= 13
III.Total length = 002B16 = 43 bytes
IV. Since the header is 8 bytes the data length is 43
− 8 =35 bytes.
5. Explain the TCP connection establishment using
a three way handshake mechanism ?
TCP uses a Three way handshaking mechanism to
establish a connection between client and server
machines. The three steps in three way handshaking
mechanism are as follows.
SYN:
The client sends the first segment, a SYN segment,
in which only the SYN flag is set. This segment is for
synchronization of sequence numbers.
SYN + ACK
The server sends the second segment, a SYN +ACK
segment, with 2 flag bits set.
ACK:
The client sends the third segment. This is just an
ACK segment. It guarantees the completion of three
way handshaking.
6. Explain how TCP connections are
established using the 3 way handshake.
What happens when 2 hosts simultaneously
try to establish a connection ?
If 2 host Simultaneously try to establish
connection
• Simultaneous Open:
a) It's possible for two applications to send a
SYN to each other to start a TCP connection,
although the possibility is small, because
both sides have to know which port on the
other side to send to. This process is called
"Simultaneous Open", or "simultaneous
active open on both sides".
b) In a simultaneous open, both applications
issue active opens.
c) This is a rare situation in which there is no
client or server; communication is between
two peers that know their local port
numbers.
d) Both TCPs go through SYN-SENT and SYN-
RCVD states before going to the
ESTABLISHED state.
e) Both processes act as client and server.
f) The two SYN+ACK segments acknowledge
the SYN segments and open the connection
OR
• Simultaneous Close:
a) It's permitted in TCP for both sides to do
"active close", which is called
"Simultaneous Close". During
"Simultaneous Close", 4 packets are
exchanged, the same as in normal
situations.
b) In this situation, both ends issue an active
close.
c) Both TCPs go to the FIN-WAIT-1 state • The dotted black lines in the figure
and send FIN segments that are in represent the transition that a server
transit simultaneously normally goes through;
d) After receiving the FIN segment, each • The solid black lines show the transitions
end goes to the CLOSING state and that a client normally goes through.
sends an ACK segment. • Sometimes in some situations, a server
e) The CLOSING state takes the place of transitions through a solid line or a client
FIN-WAIT-2 or CLOSEWAIT in a transitions through a dotted line.
common scenario.
7. Explain TCP connection management
with the help of TCP connection
management finite state machine ?
To keep track of all the different events
happening during connection
establishment, connection termination,
and data transfer, TCP is specified as the
Finite State Machine –FSM
TCP State Machine:
• TCP uses a three way handshake to
close connection
• Singled by the FIN bit in the packet
header
The figure shows the two FSMs used by
the TCP client and server combined in
one diagram.
• Ovals/rectangle represents states.
• Transition from one state to another is
shown using directed lines.
• Each line has two strings separated by a
slash.
• The first string is the input, what TCP
receives.
• The second is the output, what TCP
sends.
SUMMER 2022
1. State any four features of TCP ?
a) TCP is connection oriented Protocol.
b) It provides reliable delivery of messages
c) TCP makes checks for errors and reporting.
d) TCP has flow control.
e) TCP has High Speed
2. State different applications of UDP ?
a) Lossless data transmission
UDP can be used in applications that require
lossless data transmission.
b) Gaming, voice and video
UDP is an ideal protocol for network
applications in which perceived latency is
critical, such as in gaming, voice and video
communications.
c) Multicasting and routing update protocols
UDP can also be used for multicasting because
it supports packet switching
3. List and explain, services provided by TCP
(Transmission Control Protocol) ?
Transmission Control Protocol (TCP) to the
processes at the application layer:
a) Stream Delivery Service.
b) Full Duplex Service
c) Connection Oriented Service.
d) Reliable Service.
Stream Delivery Service
TCP is a stream-oriented protocol. It enables
the sending process to deliver data as a
stream of bytes and the receiving process to
acquire data as a stream of bytes. TCP creates
a working environment so that the sending
and receiving procedures are connected by an
imaginary "tube", as shown in the figure below:
4. Draw state transition diagram of TCP ?
Full-Duplex Service
TCP offers a full-duplex service where
the data can flow in both directions
simultaneously. Each TCP will then
have a sending buffer and receiving
buffer. The TCP segments are sent in
both directions.
Connection-Oriented Service
We are already aware that the TCP is
a connection-oriented protocol.
When a process wants to
communicate (send and receive) with
another process (process -2), the
sequence of operations is as follows:
• TCP of process-1 informs TCP of
process-2 and gets its approval
• TCP of process-1 tells TCP of
process-2 exchange data in both
directions.
• After completing the data exchange,
when buffers on both sides are
empty, the two TCPs destroy their
buffers.
The type of connection in TCP is not
physical, but it is virtual. The TCP
segment encapsulated in an IP
datagram can be sent out of order.
These segments can get lost or
corrupted and may have to be resend.
Each segment may take a different
path to reach the destination
Reliable Service
TCP is a reliable transport protocol. It
uses an acknowledgment mechanism
for checking the safe and sound
arrival of data.
5. Differentiate between TCP, UDP and SCTP
on the basis of reliability, connection
management, transmission of message,
flow control, security and data delivery
SUMMER 2023
3. List UDP services and UDP applications
(any 4 each).
• Services offered by the UDP are a s follows:
a) Process to process port to port
transmission of segment.
b) Connectionless and minimum overhead
Protocol
c) Fast and simple transmission
d) No flow and error control application
using UDP services are responsible for
providing them.
e) UDP encapsulates and encapsulates
the message.
• UDP application
a) Domain Name Services.
b) Simple Network Management
Protocol.
c) Trivial File Transfer Protocol.
d) Routing Information Protocol.
e) Kerberos.
5. Explain TCP with respect to flow
control and error control ?
TCP Flow Control is a protocol designed to
manage the data flow between the user
and the server. It ensures that there is a
specific bandwidth for sending and
receiving data so the data can be
processed without facing any major
issues. In order to achieve this, the TCP
protocol uses a mechanism called the
sliding window protocol
Error control in TCP is mainly done through
the use of three simple techniques :
1. Checksum – Every segment contains a
checksum field which is used to find corrupted
segments. If the segment is corrupted, then
that segment is discarded by the destination
TCP and is considered lost.
2. Acknowledgement – TCP has another
mechanism called acknowledgement to affirm
that the data segments have been delivered.
Control segments that contain no data but
have sequence numbers will be acknowledged
as well but ACK segments are not
acknowledged.
3. Retransmission – When a segment is
missing, delayed to deliver to a receiver,
corrupted when it is checked by the receiver
then that segment is retransmitted again.
Segments are retransmitted only during two
events: when the sender receives three
duplicate acknowledgements (ACK) or when a
retransmission timer expires.
Retransmission after RTO: TCP always
preserves one retransmission time-out (RTO)
timer for all sent but not acknowledged
segments. When the timer runs out of time,
the earliest segment is retransmitted. Here no
timer is set for acknowledgement. In TCP, the
RTO value is dynamic in nature and it is
updated using the round trip time (RTT) of
segments. RTT is the time duration needed for
a segment to reach the receiver and an
acknowledgement to be received by the
sender.
Retransmission after Three duplicate ACK 1. Source and Destination port number to
segments: RTO method works well when the enable multiplexing of different SCTP
value of RTO is small. If it is large, more time is
associations at the same address.
needed to get confirmation about whether a 2. A 32-bit verification tag that guards against
segment has been delivered or not. the insertion of an out-of-date or false
Sometimes one segment is lost and the message into the SCTP association.
receiver receives so many out-of-order 3. A 32-bit checksum for error detection. The
segments that they cannot be saved. In order checksum can be either a 32-bit CRC
to solve this situation, three duplicate checksum or Alder-32 checksum.
acknowledgement method is used and missing 4. Chunk Layout: A chunk can be either a
segment is retransmitted immediately instead control chunk or data chunk.
of retransmitting already delivered segment. i. Chunk Type: This field identifies the type
This is a fast retransmission because it makes of information contained in the Chunk
it possible to quickly retransmit lost segments data field. The value of chunk field
instead of waiting for timer to end. ranges from 0 to 254. the value 255 is
reserved for future. SCTP consists of one
6. Describe the fields of SCTP packet format.
DATA chunk and 12 control chunks.
Explain SCTP association establishment
ii. Chunk Flag: The chunk field contains the
process ?
flag, such as U(unordered bit),
SCTP transmits data in the form of messages B(beginning bit), and E(ending bit).
and each message contains one or more Usage of this field depends on the chunk
packets. The control come before data chunks. type specified in the chunk type field.
iii. Chunk Length: This field represents the
size of the fields chunk type, chunk flag,
chunk length, and chunk value, in bytes.
5. SCTP DATA CHUNK: Data chunks are used
to send actual data through the stream and
have rather complex headers in some ways,
but not really worse than TCP headers in
general
SCTP Association Establishment Process:-
SCTP association startup and shutdown
guidelines are described here. SCTP
association is comprised of a four-way
handshake that takes place in the following
order:
i. The client sends an INIT signal to the
server to initiate an association.
ii. On receipt of the INIT signal, the
server sends an INIT-ACK response to
the client. This INIT-ACK signal
contains a state cookie. This state
cookie must contain a Message
Authentication Code (MAC), along
with a time stamp corresponding to
the creation of the cookie, the life
span of the state cookie, and the
information necessary to establish the
association. The MAC is computed by
the server based on a secret key only
known to it.
iii. On receipt of this INIT-ACK signal, the
client sends a COOKIE-ECHO response,
which just echoes the state cookie.
iv. After verifying the authenticity of the
state cookie using the secret key, the
server then allocates the resources for
the association, sends a COOKIE-ACK
response acknowledging the COOKIE-
ECHO signal, and moves the
association to ESTABLISHED state.
SCTP supports also graceful close of an
active association upon request from the
SCTP user. The following sequence of
events occurs:
i. The client sends a SHUTDOWN signal
to the server, which tells the server
that the client is ready to close the
connection.
ii. The server responds by sending a
SHUTDOWN-ACK acknowledgement.
iii. The client then sends a SHUTDOWN-
WINTER 2023
6. Demonstrate with suitable example of call
collision in TCP connection ?
The connection is established in TCP using the
three-way handshake as discussed earlier to
create a connection. One side, say the server,
passively stays for an incoming link by
implementing the LISTEN and ACCEPT
primitives, either determining a particular
other side or nobody in particular. The other
side performs a connect primitive specifying
the I/O port to which it wants to join. The
maximum TCP segment size available, other
options are optionally like some private data
(example password). The CONNECT primitive
transmits a TCP segment with the SYN bit on
and the ACK bit off and waits for a response.
The sequence of TCP segments sent in the
typical case, as shown in the figure below –
When the segment sent by Host-1
reaches the destination, i.e., host -2,
the receiving server checks to see if
there is a process that has done a
LISTEN on the port given in the
destination port field. If not, it sends
a response with the RST bit on to
refuse the connection. Otherwise, it
governs the TCP segment to the
listing process, which can accept or
decline (for example, if it does not
look similar to the client) the
connection. Call Collision: If two
hosts try to establish a connection
simultaneously between the same
two sockets, then the events
sequence is demonstrated in the
figure under such circumstances.
Only one connection is established.
It cannot select both the links
because their endpoints identify
connections. Suppose the first set up
results in a connection identified by
(x, y) and the second connection are
also released up. In that case, only
tail enter will be made, i.e., for (x, y)
for the initial sequence number, a
clock-based scheme is used, with a
clock pulse coming after every 4
microseconds. For ensuring
additional safety when a host
crashes, it may not reboot for sec,
which is the maximum packet
lifetime. This is to make sure that no
packets from previous connections
are roaming around.
WINTER 2022
1. what is udp ? which services are provided by
udp?.(any two points)
UDP(User Datagram Protocol)
UDP is a simple, datagram-oriented, transport layer
protocol. It involves a minimum amount of
communication mechanisms. It is a connectionless,
reliable protocol.
UDP Services:
1. Process-to-Process Communication: - UDP
provides process-to process communication
using socket addresses, a combination of IP
addresses and port numbers.
2. Connectionless Service: - UDP provides a
connectionless service, i.e. each user datagram
sent by UDP is an independent datagram.
3. UDP provides no flow control.
4. UDP does not provides no error control.
5. UDP does not provide congestion control.
6. UDP protocol encapsulates and decapsulates
messages.
2. Describe flow control under SCTP
Flow control under SCTP
Flow control in SCTP is similar to that in TCP. Like
TCP, SCTP executes flow control to prevent
overwhelming the receiver. In SCTP, we need to
handle two units of data, the byte and the chunk.
The values of rwnd and cwnd are expressed in
bytes; the values of TSN and acknowledgments are
expressed in chunks. Current SCTP
implementations still use a byte-oriented window
for flow control.
Receiver Site:
The receiver has one buffer (queue) and three
variables. The queue holds the received data
chunks that have not yet been read by the
process. The first variable holds the last TSN
received, cum TSN. The second variable holds
the available buffer size; win size. The third
variable holds the last accumulative
acknowledgment, last ACK. The following
figure shows the queue and variables at the
receiver site.
1. When the site receives a data chunk, it
stores it at the end of the buffer (queue)
and subtracts the size of the chunk from
winSize. The TSN number of the chunk is
stored in the cumTSN variable.
2. When the process reads a chunk, it
removes it from the queue and adds the
size of the removed chunk to winSize
(recycling).
3. When the receiver decides to send a SACK,
it checks the value of lastAck; if it is less
than cumTSN, it sends a SACK with a
cumulative TSN number equal to the
cumTSN. It also includes the value of
winSize as the advertised window size.
Sender Site:
The sender has one buffer (queue) and
three variables: curTSN, rwnd, and
inTransit, as shown in the following figure.
We assume each chunk is 100 bytes long.
The buffer holds the chunks produced by
the process that either have been sent or
are ready to be sent. The first variable,
curTSN, refers to the next chunk to be sent.
All chunks in the queue with a TSN less than
this value have been sent, but not
acknowledged; they are outstanding. The
second variable, rwnd, holds the last value
advertised by the receiver (in bytes). The
third variable, inTransit, holds the number
of bytes in transit, bytes sent but not yet
acknowledged. The following is the
procedure used by the sender.
1. A chunk pointed to by curTSN can be sent
if the size of the data is less than or equal
to the quantity rwnd - inTransit. After
sending the chunk, the value of curTSN is
incremented by 1 and now points to the
next chunk to be sent. The value of
inTransit is incremented by the size of the
data in the transmitted chunk.
2. When a SACK is received, the chunks
with a TSN less than or equal to the
cumulative TSN in the SACK are
removed from the queue and
discarded. The sender does not have to
worry about them anymore. The value
of inTransit is reduced by the total size
of the discarded chunks. The value of
rwnd is updated with the value of the
advertised window in the SACK.
3. Draw and Explain TCP segment
structure ?
TCP is a reliable connection- oriented
protocol i.e., connection is established
between the sender and receiver before
the data can be transmitted.
A Packet in TCP is called a segment. TCP
segment consists of data bytes to be sent
and a header that is added to the data by
TCP as shown in following figure.

The header of TCP segment can range from 20-60 bytes.40 bytes are
for option. if there are no options, header is of 20 bytes else it can
be of upmost 60 bytes.
Header Fields in TCP Segment Structure:
1) Source port address: - This is a 16-bit field that defines the port
number of the application program in the host that is sending
the segment. This serves the same purpose as the source port
address in the UDP header
2) Destination port address: - This is a 16-bit field that defines the
port number of the application program in the host that is
receiving the segment. This serves the same purpose as the
destination port address in the UDP header.
3) Sequence Number: - This 32-bit field defines the number
assigned to the first byte of data contained in this segment. As
we said before, TCP is a stream transport protocol. To ensure
connectivity, each byte to be transmitted is numbered. The
sequence number tells the destination which byte in this
sequence comprises the first byte in the segment. During
connection establishment, each party uses a random number
generator to create an initial sequence number (ISN), which is
usually different in each direction.
4) Acknowledgment Number: - This 32-bit field defines the byte
number that the receiver of the segment is expecting to receive
from the other party. If the receiver of the segment has
successfully received byte number x from the other party, it
defines x + 1 as the acknowledgment number. Acknowledgment
and data can be piggybacked together.
5) Header length: - This 4-bit field indicates the number of 4-byte
words in the TCP header. The length of the header can be
between 20 and 60 bytes. Therefore, the value of this field can
be between 5 (5 x 4 = 20) and 15 (15 x 4 = 60).
6) Reserved:- This is a 6-bit field reserved for future use.
7) Control Field:- This field defines 6 different control bits or flags.
These are 6, 1 bit control bits that controls connection
establishment, connection termination, connection abortion,
flow control, mode of transfer etc.
The function of control fields in TCP are:
URG: Urgent pointer is valid.
PSH: Request for push.
RST: Reset the connection.
SYN: Synchronize sequence numbers.
FIN: Terminate the connection
8) Window Size: This field tells the window size of the sending TCP
in bytes
9) Checksum: This field holds the checksum for error control. It is
mandatory in TCP as opposed to UDP
10) Urgent Pointer: This field (valid only if the URG control flag is
set) used to point to data that is urgently required that needs to
reach the receiving process at the earliest. The value of this field
is added to the sequence number to get the byte number of the
last urgent byte
11) Options: There can be up to 40 bytes of optional information in
the TCP header.
4. List different timers used in TCP ?
TCP uses several timers to ensure that
excessive delays are not encountered during
communications. Several of these timers are
elegant, handling problems that are not
immediately obvious at first analysis. Each of
the timers used by TCP is examined in the
following subsections, which reveal its role in
ensuring data is properly sent from one
connection to another. TCP implementations
use at least four timers as shown in following Retransmission Timeout:
Fig.
1) Retransmission Timer: To retransmit lost
segments, TCP uses Retransmission Time
Out (RTO). When TCP sends a segment the 2. Persistent Timer: To deal with a zero-window-
timer starts and stops when the
acknowledgment is received. If the timer
expires timeout occurs and the segment is
retransmitted. RTO (retransmission
timeout is for 1 RTT) to calculate
retransmission timeout we first need to
calculate the RTT. Three Types of RTT:
1. Measured RTT (RTTm): The measured
Round Trip Time (RTT) for a segment is the
time required for the segment to reach the
destination and be acknowledged,
although the acknowledgment may
include other segments.
2. Smoothed RTT (RTTS): It is the weighted
average of RTTm. RTTM is likely to change
and its fluctuation is so high that a single
measurement cannot be used to calculate
RTO.
connection remains open forever. So a
keepalive timer is used. Each time the
server hears from a client, it resets
3. Deviated RTT (RTTd): Most implementation do this timer. The time-out is usually 2
not use RTTS alone so RTT deviated is also hours. . If the server does not hear
calculated to find out RTO. from the client after 2 hours, it sends
a probe segment. If there is no
response after 10 probes, each of
which is 75 s apart, it assumes that
the client is down and terminates the
connection
4) Time Wait Timer: This timer is
1. RTO Calculation: The value of RTO is based on
used during TCP connection
the smoothed round-trip time and its
termination. The timer starts after
deviation. Most implementations use the
sending the last Ack for 2nd FIN
following formula to calculate the RTO: Initial
and closing the connection. After a
value → Original (given in question). After any
TCP connection is closed, it is
measurement→RTO=RTTs +4*RTTd
possible for datagrams that are
still making their way through the
size deadlock situation, TCP uses a persistence
network to attempt to access the
timer. When the sending TCP receives an
closed port. The quiet timer is
acknowledgment with a window size of zero, it
intended to prevent the just closed
starts a persistence timer. When the
port from reopening again quickly
persistence timer goes off, the sending TCP
and receiving these last
sends a special segment called a probe. This
datagrams. The quiet timer is
segment contains only 1 byte of new data. It
usually set to twice the maximum
has a sequence number, but its sequence
segment lifetime (the same value
number is never acknowledged; it is even
as the Time- To-Live field in an IP
ignored inCalculating the sequence number for
header), ensuring that all
the rest of the data. The probe causes the
segments still heading for the port
receiving TCP to resend the acknowledgment
have been discarded.
which was lost.
3. Keepalive Timer: A keepalive timer is used to
prevent a long idle connection between two
TCPs. If a client opens a TCP connection to a
server transfers some data and becomes silent
the client will crash. In this case, the
5. State need for Flow control in networking. • Large number to hosts and servers
a. Sequence control Flow Control Flow control make it possible connected in the internet can be classified
b. Error control for sender to send the amount of data bytes using Domain name system so that
c. Flow control in networking. that can be sent without worrying an hierarchical naming system is
Sequence Control acknowledgment and is one of the most implemented
The 32-bit sequence number field defines the important duties of the data link layer. In • To identify an entity, TCP/IP protocols
number assigned to the first byte of data most protocols, flow control is a set of use the IP address. An IP is uniquely
contained in this segment. TCP is a stream procedures that tells the sender how much identifies the connection of a host to
transport protocol. To ensure connectivity, each data it can transmit before it must wait for internet. Use for mapping can map a
byte to be transmitted is numbered. The an acknowledgment from the receiver. The name to an address or an address to a
sequence number tells the destination which flow Control procedures not allowed to name.
byte in this sequence comprises the first byte in overwhelm the receiver. Any receiving 2. State the transmission modes of FTP ?
the segment. During connection establishment, device has a limited speed at which it can Transmission modes of FTP:
each party uses a Random number generator to Flow Control Flow control make it possible • Stream mode
create an initial sequence number (ISN), which is for sender to send the amount of data bytes • Block mode
usually different in each direction. We know that that can be sent without worrying an • Compressed mode
a TCP sequence number is 32 bit. So it has finite acknowledgment and is one of the most
(from 0 to (232-1) = 4 Giga sequence numbers) important duties of the data link layer. In 3. Explain working of WWW. ?
and it means we will be able to send only 4GB of most protocols, flow control is a set of The Web is a repository of information in
data with a unique sequence number not more procedures that tells the sender how much which the documents, called web pages, are
than that. It helps with the allocation of a data it can transmit before it must wait for distributed all over the world and related
an acknowledgment from the receiver. The documents are linked together. The WWW
sequence number that does not conflict with
flow Control procedures not allowed to today is a distributed client-server service, in
other data bytes transmitted over a TCP which a client using a browser can access a
connection. An ISN is unique to each connection overwhelm the receiver. Any receiving service using a server. The service provided is
and separated by each device. device has a limited speed at which it can
distributed over many locations called sites.
Error Control ACN UNIT 5 QUESTION BANK Each site holds one or more web pages. Each
Error Control mechanisms are useful to ensure WINTER 2019 web page can contain some links to other
reliability service of TCP. To provide reliable 1. State the need of domain name system ? web pages in the same or other sites.
service TCP detects and corrects errors. Error • Simple web page has no links to other web
• Since IP addresses are difficult to pages.
control mechanisms are useful for detecting
remember and names are easier to • Composite web page has one or more links
corrupted segments, lost segments, out-of-order
remember Domain Name System is used to other web pages. Each web page is a file
segments, and duplicated segments. Error
and DNS servers are used for converting with a name and address. The web page is
detection and correction in TCP is achieved
these names into IP addresses. stored at the web server. Each time a request
through the use of three simple tools: checksum, arrives, the corresponding document is sent
acknowledgment, and time-out. to the client.
4. Explain the working of TELNET ? 5. Construct a diagram to show the application • Request Line
TELNET: TELNET is an abbreviation for of cookies in a scenario in which the server The first line in a request message
TErminaLNETwork. It is the standard TCP/IP protocol uses cookies for advertisement ? is called a request line. There are
for virtual terminal service. Use of Cookies for advertisements: A cookie is three fields in this line separated by
TELNET Working: also used by advertising agencies. An some character delimiter as shown
• TELNET is a client-server application that allows a advertising agency can place banner ads on in Figure 22.11. The fields are called
user to log on to a remote machine, giving the user some main website that is often visited by methods, URL, and Version. These
access to the remote system. users. The advertising agency supplies only a three should be separated by a
• The user sends the keystrokes to the terminal URL that gives the banner address instead of space character. At the end two
driver, where the local operating system accepts the the banner itself. When a user visits the main characters, a carriage return
characters but does not interpret them. website and clicks on the icon of an advertised followed by a line feed, terminate
• A terminal driver correctly interprets the corporation, a request is sent to the advertising the line.
keystrokes on the local terminal or terminal agency. The advertising agency sends the E.g: HTTP/1.1 200 OK
emulator. banner, a GIF file, for example, but it also • Headers
• The characters are sent to the TELNET client, includes a cookie with the ill of the user. Any Three types of headers are present
which transforms the characters to a universal future use of the banners adds to the database HTTP Response message which are
character set called network virtual terminal (NVT) that profiles the Web behavior of the user. The as follows.
characters and delivers them to the local TCP/IP advertising agency has compiled the interests a) General Header The general
protocol stack. of the user and can sell this information to header gives general information
• The commands or text, in NVT form, travel other parties. This use of cookies has made about the message and can be
through the Internet and arrive at the TCP/IP stack them very controversial. Hopefully, some new present in both a request and a
at the remote machine regulations will be devised to preserve the response.
• Here the characters are delivered to the operating privacy of users. e.g. Date: Mon, 27 Jul 2009
system and passed to the TELNET server, which 12:28:53 GMT
6. Describe the HTTP response message b) Response Header The response
changes the characters to the corresponding
format ? header can be present only in a
characters understandable by the remote computer
• However, the characters cannot be passed directly response message. It specifies the
to the operating system because the remote server's configuration and special
operating system is not designed to receive information about the request.
characters from a TELNET server: It is designed to e.g. Server: Apache/2.2.14 (Win32)
receive characters from a terminal driver. c) Entity Header The entity header
• A piece of software called a pseudo terminal gives information about the body
driver is added which pretends that the characters of the document.
are coming from a terminal. e.g. Content-Length: 88 e.g.
• The operating system then passes the characters Content-Type: text/html
to the appropriate application program.
• Blank Line An empty line (i.e., a line with
nothing preceding the CRLF) indicating the end
of the header fields
• Body It contains actual content. This part is
optional.
7. Explain about standard and non standard
protocols at the application layer ?
• HTTP
a) The Hypertext Transfer Protocol (HTTP) is a • DNS
Application layer protocol used mainly to
access data on the World Wide Web.
b) HTTP uses the services of TCP on well-
known port 80.
• FTP
a) FTP(File Transfer Protocol) is standard
TCP/IP protocol to transfer files. It uses the
services of TCP. It needs two TCP
connections.
b) The well-known port 21 is used for the
control connection and the well-known
port 20 for the data connection.
• SMTP
a) It stands for Simple Mail Transfer Protocol.
It is a part of the TCP/IP standard protocol.
Using a process called “store and forward,”
SMTP moves your email on and across
networks.
b) It works closely with something called the
Mail Transfer Agent (MTA) to send your
communication to the right computer and
email inbox.
c) Port number for SMTP is 25.
• TELNET
a) TELNET is an abbreviation for
TErminaLNETwork. It is the standard TCP/IP
protocol for virtual terminal service
b) TELNET enables the establishment of a
connection to a remote system in such a
way that the local terminal appears to be a
terminal at the remote system.
c) There are two parties involved TELNET
Client and TELNET server.
a) It stands for Domain Name Service. Every
time you use a domain name, therefore, a
DNS service must translate the name into
the corresponding IP address.
b) For example, the domain name
www.abc.com might translate to
198.105.232.4
c) Port number for DNS is 53.
• DHCP
a) It stands for Dynamic Host Configuration
Protocol (DHCP). It gives IP addresses to
hosts.
b) There is a lot of information a DHCP server
can provide to a host when the host is
registering for an IP address with the DHCP
server.
c) Port number for DHCP is 67, 68.
• POP3
a) Post Office Protocol, version 3 (POP3)
is simple and limited in functionality. •
POP works as a Message Access Agent.
b) The client POP3 software is installed
on the recipient computer; the server
POP3 software is installed on the mail
server.
c) Mail access starts with the client when
the user needs to download e-mail
from the mailbox on the mail server.
8. Describe E-mail security over non-
secure channel ?
a) Email security describes different
techniques for keeping sensitive
information in email communication
and accounts secure against
unauthorized access, loss or
compromise.
b) Email is often used to spread malware,
spam and phishing attacks. Attackers
use deceptive messages to entice
recipients to part with sensitive
information, open attachments or click
on hyperlinks that install malware on
the victim‟s device.
c) Email encryption involves encrypting,
or disguising, the content of email
messages to protect potentially
sensitive information from being read
by anyone other than intended
recipients. Email encryption often
includes authentication.
d) Since most organizations rely on email to 2. Distinguish between FTP and TFTP
do business, attackers exploit email in an
attempt to steal sensitive information.
e) Because email is an open format, it can be
viewed by anyone who can intercept it. It
can be easily read and the contents of an
email by intercepting it.
f) Email Security Policies can be established
by viewing the contents of emails flowing
through their email servers. It’s important
to understand what is in the entire email
in order to act appropriately. After these
baseline policies are put into effect, an
organization can enact various security
policies on those emails.
g) These email security policies can be as
simple as removing all executable content
from emails to more in-depth actions, like
sending suspicious content to a
sandboxing tool for detailed analysis.
h) If security incidents are detected by these
policies, the organization needs to have
actionable intelligence about the scope of
the attack.
i) Enforce email encryption policies to
prevent sensitive email information from a) It is the protocol that defines MTA client &
falling into the wrong hands.
SUMMER 2022
1. List two protocols of each for Connection- c) It transfer messages from sender’s mail
oriented service and Connectionless
service ?
Connection-Oriented Service = TCP, Telnet, FTP.
Connection-less Service = UDP, IP, ICMP.
protocols ?
3. Describe SMTP with suitable diagram ?
server in internet.
b) It is an application layer protocol of TCP/IP
model.
servers to receivers mail server.
d) SMTP interacts with local mail system and
not user.
e) SMTP uses a TCP socket on port 25 to
transfer email reliably from client to server
f) Email is temporarily stored on the
local and eventually transferred
directly to receiving server.
g) It is simple ASCII protocol.
• COMMANDS & RESPONSE
❖ SMTP uses commands and response to
transfer message between MTA client and
MTA server
• SMTP Commands:
1. HELO: Used by client to identify itself.
2. MAIL FROM: Identify sender.
3. RCPT TO: Identify intended recipient.
4. DATA: Send actual message.
5. QUIT: Terminate the message.
6. RSET: Reset the connection.
7. VRFY: Verify the add of recipient
8. HELP: Mail
4. Describe the frame format of SSH ?
a) Length: It indicates the size of the
packet, not including the length field
or the variable length random padding
fields that follows it.
b) Padding: It causes an intrusion to be
more difficult.
c) Type: It identifies the type of message.
d) CRC: It is an error detection field.
6. Describe DHCP with its operation & static as well as other configuration details. The c) Telnet can be used to test or
and dynamic allocation ? whole process takes place immediately after troubleshoot remote web or mail
• The Domain Name System, more popular as the new computer boots, and to be successful, servers, as well as trusted internal
DNS, and the Dynamic Host Configuration it has to be completed before initiating IP networks
Protocol, also known as DHCP, represent two based communication with other hosts in the 1. Distinguish between SMTP and POP3
crucial TCP/IP areas of a Windows NT Server network. (2 points) ?
network. The DNS is responsible for • STATIC ALLOCATION
converting hostnames into IP addresses, The static allocation method is very popular in
while the DHCP is engaged in assigning modern ISP networks, which do not use dial-
unique dynamic IP addresses and the up methods. With the static allocation, the
corresponding subnet masks and default DHCP sever keeps a database with all clients'
gateways to TCP/IP running computers within LAN MAC addresses and gives them an IP
a particular server network. Thanks to the address only if their MAC address is in the
dynamic addressing executed by the DHCP, a database. This way, the clients can be sure that
computer can have a different IP address they will be getting the same IP address every
every time it connects to the network it time.
belongs to, without the intervention of a • DYNAMIC ALLOCATION
UNIX administrator. Through this DHCP When the DHCP server is configured to use
functionality every new computer added to a dynamic allocation, this means that it uses a
network is automatically assigned a unique IP lease policy. This way, when an assigned IP
address. address from the available pool is no longer
• DHCP servers greatly simplify the used, it will be transferred back to the pool,
configuration of networks and are built in the making it available for someone else to use.
majority of the wireless access points and The advantage of this method is that the IP
wired Ethernet routers. In a network, a DHCP addresses are used to their maximum - as soon
server manages a pool of IP addresses, as as they are no longer used by the client, they
well as default gateway details, DNS details are instantly made available to others. The
and other information for the clients’ disadvantage of this method is that a client will
network configuration. When a new always have a random IP address.
computer is introduced into a DHCP server- 2. State the use of Telnet ?
enabled network, it will send a query to the
a) TELNET is used to connect remote
DHCP server requesting all the necessary
computers and issue commands on those
information. When the query reaches the
computers.
DHCP server, it will grant the new computer a
b) It is used as a standard TCP/IP protocol for
new IP address and a lease - a time frame for virtual terminal service which is given by
which the computer can use this IP address,
4. With the help of diagram explain 7. Explain working of SSH ?
architecture of WWW ? SSH (Secure Shell) is the most popular
The WWW (World Wide Web) is a way of remote login application program. SSH
exchanging information between computers uses client-server architecture in its
on the Internet. WWW works on client server implementation. An SSH server can be
architecture, in which a client using a browser deployed and allow several SSH clients to
can access a service using a server. Today, the connect to it. The architecture of SSH is
WWW is a distributed client server service. shown in following Fig. and the SSH
The service provided is distributed over many process is as follows: 1) The SSH client on
locations called sites and each site holds one the left provides authentication to the SSH
or more documents i.e., Web pages. server on the right. In the initial
connection, the client receives a host key
The main web document and the image are
of the server, therefore, in all subsequent
stored in two separate files in the same site
connections, the client will know it is
(file X and file Y) and the referenced text file is
connecting to the same SSH server. This
stored in another site (file Z). Since, we are
places less emphasis on the IP address of
dealing with three different files, (namely, X, Y
the SSH server, which can be easily
and Z) we need three transactions if we want
spoofed, and more emphasis on the host
to see the whole document. The first
key of the server, which cannot be spoofed
transaction (request/response) retrieves a
very easily. 2) The SSH server determines if
copy of the main document (file X), which has
Client sends a request through its browser to a reference (pointer) to the second and the the client is authorized to connect to the
the server using HTTP protocol which SSH service by verifying the
third files. When a copy of the main document
specifies the way the browser and web server is retrieved and browsed, the user can click on username/password or public key that the
communicates. Then server receives request the reference to The image to invoke the client has presented for authentication.
using HTTP protocol and checks its search for second transaction and retrieve a copy of the This process is completely encrypted. 3) If
the requested web page. If found it returns it image (file Y). if the user further needs to see the SSH server authenticates the client
back to the web browser and close the HTTP the contents of the referenced text file, she and the client is authorized, the SSH
connection. Now the browser receives the session begins between the two entities.
can click on its reference pointer) invoking the
web page, it interprets it and display the All communication is completely
third transaction and retrieving a copy of the
contents of web page in web browser's encrypted.
file Z. Note that although file x and y both are
window. The steps involved in creating an SSH
stored in site x, they are independent files with
session go like this:
different names and addresses. Two
1. Client contacts server to initiate a
transactions are needed to retrieve them
connection.
2. The server responds by sending the
client a public cryptography key.
3. The server negotiates parameters and When the sender and the receiver of an e-
opens a secure channel for the client. mail are on the same mail server, we need
4. The user, through their client, logs into only two user agents.
the serve b) Second Scenario

SUMMER 2023 When the sender and the receiver of an e-

5. Describe the architecture of E-mail system mail are on different mail servers, we need
using four scenario ? two UAs and a pair of MTAs (client and
To explain the architecture of e-mail, we give server).
four scenarios. We begin with the simplest c) Third Scenario
situation and add complexity as we proceed.
The fourth scenario is the most common in
the exchange of e-mail. TCP/IP Protocol Suite
2 Topics Discussed in the Section
a) First Scenario When both sender and receiver are
b) Second Scenario connected to the mail server via a LAN or a
c) Third Scenario WAN, we need two UAs, two pairs of MTAs
d) Fourth Scenario (client and server), and a pair of MAAs
a) First Scenario (client and server). This is the most
When the sender is connected to the mail common situation today.
server via a LAN or a WAN, we need two UAs
and two pairs of MTAs (client and server)
d) Fourth Scenario
WINTER 2023 5. Compare POP3 with IMAD on below points
4. Construct a suitable (i) TCP port used
diagram for each (ii) E-mail stored at
below commands of (iii) Time required to connect
FTP to show its use ? (iv) Multiple mail boxes
(i) get
(ii) mget
(iii) put
(iv) mput
8. Describe DHCP operations, when DHCP
client and server on same network ?
DHCP is based on a client-server model and
based on discovery, offer, request, and
ACK.DHCP client and server can either be on
the same network or on different networks.
DHCP (Dynamic Host Configuration Protocol)
is a network management protocol used to
dynamically assign an IP address to any
device, or node, on a network so it can
communicate using IP. DHCP automates and
centrally manages these configurations rather
than requiring network administrators to In this case, the operation can be described as follows:
manually assign IP addresses to all network a) The DHCP server issues a passive open command on UDP port number 67 and waits for
devices. DHCP can be implemented on small a client
local networks, as well as large enterprise b) A booted client issues an active open command on port number 68. The message is
networks. DHCP assigns new IP addresses in encapsulated in a UDP user datagram, using the destination port number 67 and the
each location when devices are moved from source port number 68.
place to place, which means network c) The server responds with either a broadcast or a unicast message using UDP source
administrators do not have to manually port number 67 and destination port number 68.
configure each device with a valid IP address
or reconfigure the device with a new IP
address if it moves to a new location on the
network.