Network Security
Network Security
Privacy: Privacy means both the sender and the receiver expects
con dentiality. The transmitted message should be sent only to the intended
receiver while the message should be opaque for other users. Only the
sender and receiver should be able to understand the transmitted message
as eavesdroppers can intercept the message. Therefore, there is a
requirement to encrypt the message so that the message cannot be
intercepted. This aspect of con dentiality is commonly used to achieve
secure communication.
Message Integrity: Data integrity means that the data must arrive at the
receiver exactly as it was sent. There must be no change in the data content
during transmission, either maliciously or accident, in a transit. As there are
more and more monetary exchanges over the internet, data integrity is more
crucial. The data integrity must be preserved for secure communication.
1
fi
ff
ff
ffi
fi
fi
End-point authentication:Authentication means that the receiver is sure of
the sender’s identity, i.e., no imposter has sent the message.
1. Security Attacks
2
fi
fl
fi
fi
fi
A security attack is an attempt by a person or entity to gain
unauthorized access to disrupt or compromise the security of a
system, network, or device. These are defined as the actions that
put at risk an organization’s safety. They are further classified into 2
sub-categories:
Passive Attack:
Attacks in which a third-party intruder tries to access the message/ content/
data being shared by the sender and receiver by keeping a close watch on
the transmission or eave-dropping the transmission is called Passive
Attacks. These types of attacks involve the attacker observing or monitoring
system, network, or device activity without actively disrupting or altering it.
Passive attacks are typically focused on gathering information or
intelligence, rather than causing damage or disruption. Here, both the sender
and receiver have no clue that their message/ data is accessible to some
third-party intruder. One way to prevent attacks is to encrypt the message/
data that needs to be transmitted; this will prevent third party intruders to
use the information though it would be accessible to them.
Passive attacks are further divided into two parts based on their behavior:
Eavesdropping, Tra c Analysis.
Active Attacks:
Active attacks refer to types of attacks that involve the attacker actively
disrupting or altering system, network, or device activity. Active attacks are
typically focused on causing damage or disruption, rather than gathering
information or intelligence. Here, both the sender and receiver have no clue
that their message/ data is modi ed by some third-party intruder. The
message/ data transmitted doesn’t remain in its usual form and shows
deviation from its usual behavior. This makes active attacks dangerous as
there is no information provided of the attack happening in the
communication process and the receiver is not aware that the data/
message received is not from the sender.
Active attacks are further divided into four parts based on their behavior:
• Masquerade is a type of attack in which the attacker pretends to be an
authentic sender in order to gain unauthorized access to a system.
• Replay is a type of active attack in which the attacker intercepts a
transmitted message through a passive channel and then maliciously
or fraudulently replays or delays it at a later time.
3. Security Services:
Security services refer to the different services available for
maintaining the security and safety of an organization. They help in
preventing any potential risks to security. Security services are
divided into 5 types:
• Authentication is the process of verifying the identity of a user or
device in order to grant or deny access to a system or device.
• Access control involves the use of policies and procedures to
determine who is allowed to access speci c resources within a
system.
4
ffi
ffi
fi
fi
ffi
fi
fi
fi
fi
ffi
• Data integrity is a security mechanism that involves the use of
techniques to ensure that data has not been tampered with or altered
in any way during transmission or storage.
5
fi
fi
fi
fi
fi
fi
fi
The network security model presents the two communicating parties sender
and receiver who mutually agrees to exchange the information. The sender
has information to share with the receiver.
But sender cannot send the message on the information cannel in the
readable form as it will have a threat of being attacked by the opponent. So,
before sending the message through the information channel, it should be
transformed into an unreadable format.
Secret information is used while transforming the message which will also be
required when the message will be retransformed at the recipient side. That’s
why a trusted third party is required which would take the responsibility of
distributing this secret information to both the parties involved in
communication.
So, considering this general model of network security, one must consider
the following four tasks while designing the security model.
1. To transform a readable message at the sender side into an unreadable
format, an appropriate algorithm should be designed such that it should be
di cult for an opponent to crack that security algorithm.
2. Next, the network security model designer is concerned about the
generation of the secret information which is known as a key.
This secret information is used in conjunction with the security algorithm in
order to transform the message.
3. Now, the secret information is required at both the ends, sender’s end and
receiver’s end. At sender’s end, it is used to encrypt or transform the
message into unreadable form and at the receiver’s end, it is used to decrypt
or retransform the message into readable form.So, there must be a trusted
third party.
4.trusted third party which will distribute the secret information to both
sender and receiver. While designing the network security model designer
must also concentrate on developing the methods to distribute the key to
the sender and receiver.
7
ff
ff
fi
fi
fi
fi
fi
ffi
Symmetric Encryption and Message Con dentiality
9
fi
ff
ff
fi
fi
fi
ff
ffi
fi
ffi
ff
fi
2. Cipher Block Chaining (CBC):
In CBC mode, each plaintext block is XORed with the ciphertext of the
previous block before encryption. This ensures that each ciphertext block
depends on all previous plaintext blocks, providing di usion and making it
more resistant to certain attacks compared to ECB mode.
CBC mode requires an initialization vector (IV) to XOR with the rst
block of plaintext. The IV should be unique for each encryption operation to
prevent certain cryptographic attacks. CBC mode is widely used in secure
communications protocols such as TLS (Transport Layer Security) and IPsec
(Internet Protocol Security).
Hash Function
Hash functions are extremely useful and appear in almost all information
security applications. A hash function is a mathematical function that
converts a numerical input value into another compressed numerical value.
The input to the hash function is of arbitrary length but output is always of
xed length. Values returned by a hash function are called message digest or
simply hash values.
Features of Hash Functions
The typical features of hash functions are −
Fixed Length Output (Hash Value)
o Hash function coverts data of arbitrary length to a xed length. This
process is often referred to as hashing the data.
o In general, the hash is much smaller than the input data, hence hash
functions are sometimes called compression functions.
o Since a hash is a smaller representation of a larger data, it Is also referred
to as a digest.
o Hash function with n bit output is referred to as an n-bit hash function.
Popular hash functions generate values between 160 and 512 bits.
• E ciency of Operation
o Generally for any hash function within put x, computation of h(x) is a
fast operation.
11
fi
ffi
ff
fi
fi
ff
fi
o Computationally hash functions are much faster than a symmetric
encryption.
• Collision Resistance
o This property means it should be hard to nd two di erent inputs of
any length that result in the same hash. This property is also referred
to as collision free hash function.
o In other words, for a hash function h, it is hard to nd any two
di erent inputs x and y such that h(x) = h(y).
o Since, hash function is compressing function with xed hash length,
it is impossible for a hash function not to have collisions. This property
of collision free only con rms that these collisions should be hard to
nd.
Hash Functions
Let us brie y see some popular hash functions −
12
fi
ff
fi
fl
ff
ffi
ff
fi
fi
fi
ffi
fi
fi
fi
ff
ff
fi
• MD5 digests have been widely used in the software world to provide
assurance about integrity of transferred le. For example, le servers
often provide a pre-computed MD5 checksum for the les, so that a
user can compare the checksum of the downloaded le to it.
• SHA-1 is the most widely used of the existing SHA hash functions. It is
employed in several widely used applications and protocols including
Secure Socket Layer (SSL) security.
• SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-
384, and SHA-512 depending up on number of bits in their hash value.
No successful attacks have yet been reported on SHA-2 hash function.
• In October 2012, the NIST chose the Keccak algorithm as the new
SHA-3 standard. Keccak o ers many bene ts, such as e cient
performance and good resistance for attacks.
RIPEMD
The RIPEMD is an acronym for RACE Integrity Primitives Evaluation
Message Digest. This set of hash functions was designed by open research
community and generally known as a family of European hash functions.
13
ff
fi
fi
fi
fi
fi
ff
fi
ff
ffi
• The set includes RIPEMD, RIPEMD-128, and RIPEMD-160. There also
exist 256, and 320-bit versions of this algorithm.
• Original RIPEMD (128 bit) is based upon the design principles used in
MD4 and found to provide questionable security. RIPEMD 128-bit
version came as a quick x replacement to overcome vulnerabilities on
the original RIPEMD.
14
fi
fi
fi
fi
fi
fi
fi
fi
a pair of keys to encrypt and decrypt data to protect it against unauthorized
access or use.
We can add a sixth requirement that, although useful, is not necessary for all
1. Either of the two related keys can be used for encryption, with the other
used for decryption.
M = D[PUb E(PRb, M)] = D[PRb, E(PUb, M)]
16
ff
ffi
fi
RSA encryption algorithm:
RSA is the most common public-key algorithm, named after its inventors
Rivest, Shamir, and Adelman (RSA).
RSA algorithm uses the following procedure to generate public and private
keys:
• Select two large prime numbers, p and q.
Multiply these numbers to nd n = p x q, where n is called the modulus
for encryption and decryption.
• Choose a number e less than n, such that n is relatively prime to (p - 1) x
(q -1).It means thateand(p - 1) x (q - 1)have no common factor
except 1. Choose "e" such that 1<e < φ (n), e is prime to φ (n),
gcd (e,d(n)) =1
• Ifn = p x q,then the public key is <e, n>. A plaintext messagemis
encrypted using public key <e, n>. To nd ciphertext from the plain text
e
following formula is used to get ciphertext C. C = m mod n
• Here, m must be less than n. A larger message (>n) is treated as a
concatenation of messages, each of which is encrypted separately.
• To determine the private key, we use the following formula to calculate the
d such that:
De mod {(p - 1) x (q - 1)} = 1
Or
De mod φ (n) = 1
• The private key is <d, n>. A ciphertext message c is decrypted using
private key <d, n>. To calculate plain text m from the ciphertext c following
formula is used to get plain text m. m = cd mod n
For example,
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = pq = 17 × 11 = 187.
3. Calculate (n) = (p - 1)(9 - 1) = 16 × 10 = 160.
17
fi
fi
4. Select e such that e is relatively prime to (n) = 160 and less than (n); we
choose e = 7.
5. Determine d such that de mod 160 = 1 and d < 160. The correct value is
d = 23, because 23 × 7 = 161 = (1 × 160) + 1.
The resulting keys are public key PU = (7,187) and private key PR = (23, 187).
The example shows the use of these keys for a plaintext input of M = 88.
Example
1. Alice and Bob both use public numbers P = 23, G = 5
2. Alice selected private key a = 4, and Bob selected b = 3 as the private key
3. Both Alice and bob now calculate the value of x and y as follows:
• Alice: x = (5^4 mod 23) = 4
• Bob: y = (5^3 mod 23) = 10
4. Now, both Alice and Bob exchange public numbers with each other.
5. Alice and Bob now calculate the symmetric keys
• Alice: ksmalla = y^a mod p = 10^4 mod 23 = 18
• Bob: ksmallb = x^b mod p = 4^3 mod 23 = 18
6. 18 is the shared secret key.
18
ffi
ffi
fi
ffi
DIGITAL SIGNATURE
Digital signatures are the public-key primitives of message authentication. In
the physical world, it is common to use handwritten signatures on
handwritten or typed messages. They are used to bind signatory to the
message. Similarly, a digital signature is a technique that binds a person/
entity to the digital data. This binding can be independently veri ed by
receiver as well as any third party. Digital signature is a cryptographic value
that is calculated from the data and a secret key known only by the signer.
• Signer feeds data to the hash function and generates hash of data.
• Hash value and signature key are then fed to the signature algorithm
which produces the digital signature on given hash. Signature is
appended to the data and then both are sent to the veri er.
• Veri er feeds the digital signature and the veri cation key into the
veri cation algorithm. The veri cation algorithm gives some value as
output.
19
fi
fi
ff
fi
fi
fi
fi
fi
• Veri er also runs same hash function on received data to generate
hash
value.
• For veri cation, this hash value and output of veri cation algorithm are
compared. Based on the comparison result, veri er decides whether
the digital signature is valid.
• Data Integrity − In case an attacker has access to the data and modi es
it, the digital signature veri cation at receiver end fails. The hash of
modi ed data and the output provided by the veri cation algorithm will
not match. Hence, receiver can safely deny the message assuming
that data integrity has been breached.
• A prime number p is chosen with a length between 512 and 1024 bits such
that q divides (p – 1). So, p is prime number where 2L-1 < p <2L for 512<=
20
fi
fl
fi
fi
fi
fi
fi
fi
fi
fi
L<=1024 and L is a multiple of 64; i.e., bit length of between 512 and 1024
bits in increments of 64 bits.
• Next, an N-bit prime number q is selected. So, q is prime divisor of (p – 1),
where 2N-1 < q < 2N i.e., bit length of N bits.
• Finally, g is selected to be of the form h(p-1)/q mod p, where h is an integer
between 1 and (p – 1) with the limitation that g must be greater than 1. So,
g is = h(p – 1)/q mod p, where h is any integer with 1 < h < (p – 1) such that
h(p-1)/q mod p > 1.
If a user has these numbers, then it can selects a private key and generates
a public key.
4. Signing
If a user want to develop a signature, a user needs to calculates two
quantities, r and s, that are functions of the public key components (p, q, g),
the hash code of the message H(M, the user’s private key (x), and an integer
k that must be generated randomly or pseudorandomly and be unique for
each signing. k is generated randomly or pseudorandomly integer such that
0<k < q.
5. Veri cation
Let M, r′, and s′ be the received versions of M, r, and s, respectively.
Veri cation is performed using the formulas shown in below:
• w = (s′)-1 mod q
• u1 = [H(M′)w] mod q
• u2 = (r′)w mod q
• v = [(gu1 yu2) mod p] mod q
The receiver needs to generate a quantity v that is a function of the public
key components, the sender’s public key, and the hash code of the
message. If this value matches the r value of the signature, then the
signature is considered as valid.
TEST: v = r′
Now, at the end it will test on the value r, and it does not
depend on the message or plaintext as, r is the function of k and the three
global public-key components as mentioned above.
21
fi
fi
Network Security Algorithm
24
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
fi
CRL issuer : An optional component that a CA can delegate to publish CRLs.
Repository : A generic term used to denote any method for storing
certi cates and CRLs so that they can be retrieved by end entities.
Objectives of SSL
The goals of SSL are as follows −
• Data integrity − Information is safe from tampering. The SSL Record
Protocol, SSL Handshake Protocol, SSL Change CipherSpec Protocol,
and SSL Alert Protocol maintain data privacy.
• Client-server authentication − The SSL protocol authenticates the
client and server using standard cryptographic procedures.
• SSL is the forerunner of Transport Layer Security (TLS), a
cryptographic technology for secure data transfer over the Internet.
HTTPS
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP,
which is the primary protocol used to send data between a web browser and
a website. HTTPS is encrypted in order to increase security of data transfer.
This is particularly important when users transmit sensitive data, such as by
logging into a bank account, email service, or health insurance provider.
How does HTTPS work?
HTTPS uses an encryption protocol to encrypt communications. The
protocol is called Transport Layer Security (TLS), although formerly it was
known as Secure Sockets Layer (SSL). This protocol secures
26
communications by using what’s known as an asymmetric public key
infrastructure. This type of security system uses two di erent keys to encrypt
communications between two parties:
• The private key - this key is controlled by the owner of a website and
it’s kept, as the reader may have speculated, private. This key lives on a
web server and is used to decrypt information encrypted by the public
key.
• The public key - this key is available to everyone who wants to interact
with the server in a way that’s secure. Information that’s encrypted by
the public key can only be decrypted by the private key.
TSL SSL
More secure in comparison to SSL.
Less secure in comparison to TLS.
27
fi
fi
fi
ff
TSL SSL
Provides more alert messages than
SSL. Less alert messages in comparison
to TLS.
29
fi
ff
• CCMP prevents everyone except for authorized users to receive data
by using cipher block chaining. This helps to ensure the integrity of the
message.
EMAIL SECURITY
PGP S/MIME
It is designed for processing the While it is designed to process email
plain texts as well as many multimedia les.
PGP is less costly as compared to S/ While S/MIME is comparatively
MIME expensive.
PGP is good for personal as well as While it is good for industrial use.
o ce use.
PGP is less e cient than S/MIME. While it is more e cient than PGP.
It depends on user key exchange. Whereas it relies on a hierarchically
valid certi cate for key exchange.
P G P i s c o m p a r a t i v e l y l e s s While it is more convenient than PGP
convenient. due to the secure transformation of
all the applications.
PGP uses Di e hellmandigital While it uses Elgamal digital
signature. signature.
30
ffi
fi
fi
ffi
ffi
ffi
fi
Ip Security
The IP security (IPSec) is an Internet Engineering Task Force (IETF) standard
suite of protocols between 2 communication points across the IP network
that provide data authentication, integrity, and con dentiality. It also de nes
the encrypted, decrypted and authenticated packets. The protocols needed
for secure key exchange and key management are de ned in it.
Uses of IP Security –
IPsec can be used to do the following things:
• To encrypt application layer data.
• To provide security for routers sending routing data across the public
internet.
• To provide authentication without encryption, like to authenticate that the
data originates from a known sender.
• To protect network data by setting up circuits using IPsectunneling in which
all data is being sent between the two endpoints is encrypted, as with a
Virtual Private Network(VPN) connection.
Components of IP Security –
It has the following components:
31
fi
fi
fi
fi
fi
fi
fi
correct or not. Packets which are not authorized are discarded and not given
to receiver.
Working of IP Security –
1. The host checks if the packet should be transmitted using IPsec or not.
These packet tra c triggers the security policy for themselves. This is done
when the system sending the packet apply an appropriate encryption. The
incoming packets are also checked by the host that they are encrypted
properly or not.
2. Then the IKE Phase 1 starts in which the 2 hosts( using IPsec )
authenticate themselves to each other to start a secure channel. It has 2
modes. The Main mode which provides the greater security and
the Aggressive mode which enables the host to establish an IPsec circuit
more quickly.
3. The channel created in the last step is then used to securely negotiate the
way the IP circuit will encrypt data across the IP circuit.
4. Now, the IKE Phase 2 is conducted over the secure channel in which the
two hosts negotiate the type of cryptographic algorithms to use on the
session and agreeing on secret keying material to be used with those
algorithms.
5. Then the data is exchanged across the newly created IPsec encrypted
tunnel. These packets are encrypted and decrypted by the hosts using IPsec
SAs.
6. When the communication between the hosts is completed or the session
times out then the IPsec tunnel is terminated by discarding the keys by both
the hosts.
Intruders
One of the two most publicized threats to security is the intruder (the other is
viruses), often referred to as a hacker or cracker. In an important early study
of intrusion, Anderson [ANDE80] identi ed three classes of intruders:
32
ffi
fi
lists the following examples of intrusion:
• Performing a remote root compromise of an e-mail server
• Defacing a Web server
• Guessing and cracking passwords
• Copying a database containing credit card numbers Viewing sensitive data,
including payroll records and medical information, without authorization
• Running a packet sni er on a workstation to capture usernames and
passwords.
33
ffi
fi
ff
fi
ffi
fi
fi
fi
ff
fi
ffi
ffi
fi
fi
fi
3. Protocol-based Intrusion Detection System (PIDS):
Protocol-based intrusion detection system (PIDS) comprises of a system or
agent that would consistently resides at the front end of a server, controlling
and interpreting the protocol between a user/device and the server. It is
trying to secure the web server by regularly monitoring the HTTPS protocol
stream and accept the related HTTP protocol. As HTTPS is un-encrypted
and before instantly entering its web presentation layer then this system
would need to reside in this interface, between to use the HTTPS.
2. Anomaly-based Method:
Anomaly-based IDS was introduced to detect the unknown malware attacks
as new malware are developed rapidly. In anomaly-based IDS there is use of
machine learning to create a trustful activity model and anything coming is
compared with that model and it is declared suspicious if it is not found in
model. Machine learning based method has a better generalized property in
comparison to signature-based IDS as these models can be trained
according to the applications and hardware con gurations.
34
ffi
fi
ff
ffi
fi
fi
fi
Malicious Software
The words “Malicious Software” coin the word “Malware” and the meaning
remains the same. Malicious Software refers to any malicious program that
causes harm to a computer system or network. Malicious Malware Software
attacks a computer or network in the form of viruses, worms, trojans,
spyware, adware or rootkits.
Their mission is often targeted at accomplishing unlawful tasks such as
robbing protected data, deleting con dential documents or add software
without the user consent.
Functions of Firewall
As stated above, the rewall works as a gatekeeper. It analyzes every
attempt coming to gain access to our operating system and prevents tra c
from unwanted or non-recognized sources.
Since the rewall acts as a barrier or lter between the computer system and
other networks (i.e., the public Internet), we can consider it as a tra c
controller. Therefore, a rewall's primary function is to secure our network
and information by controlling network tra c, preventing unwanted incoming
network tra c, and validating access by assessing network tra c for
malicious things such as hackers and malware.
Generally, most operating systems (for example - Windows OS) and security
software come with built-in rewall support. Therefore, it is a good idea to
ensure that those options are turned on. Additionally, we can con gure the
security settings of the system to be automatically updated whenever
available.
Types of Firewall
There are mainly three types of rewalls, such as software rewalls, hardware
rewalls, or both, depending on their structure. Each type of rewall has
di erent functionality but the same purpose. However, it is best practice to
have both to achieve maximum possible protection.
A hardware rewall is a physical device that attaches between a computer
network and a gateway. For example- a broadband router. A hardware
rewall is sometimes referred to as an Appliance Firewall. On the other hand,
a software rewall is a simple program installed on a computer that works
through port numbers and other installed software. This type of rewall is
also called a Host Firewall.
1. Packet Filtering Firewall: Examines each packet of data that enters or
leaves the network and decides whether to allow or block it based on
pre-de ned rules (such as IP addresses, ports, protocols).
2. Stateful Inspection Firewall: Keeps track of the state of active
connections and makes decisions based on the context of the tra c,
rather than just individual packets. This provides better security by
understanding the state of the connection.
3. Proxy Firewall: Acts as an intermediary between internal and external
network tra c. It establishes a connection with the external server on
behalf of the client, which hides the internal network structure and
provides additional security features like content ltering and caching.
4. Application Layer Firewall (also known as Next-Generation Firewall):
Operates at the application layer of the OSI model, allowing it to
inspect and lter tra c based on speci c applications or protocols. It
provides more granular control over network tra c and can identify and
block sophisticated threats.
5. Uni ed Threat Management (UTM) Firewall: Integrates multiple
security features like rewall, intrusion detection/prevention, antivirus,
content ltering, and VPN capabilities into a single platform. This
provides comprehensive security solutions for networks.
6. Cloud Firewall: Provides rewall functionality in the cloud, protecting
cloud-based assets and applications. Cloud rewalls are often highly
scalable and can be managed centrally.
SNMP
SNMP stands for Simple Network Management Protocol. SNMP is a
framework used for managing devices on the internet.It provides a set of
operations for monitoring and managing the internet. SNMP enables network
administrators to remotely monitor the status of network devices, collect
performance data, and even modify con guration settings.
37
fi
fi
ff
fi
fi
fi
ffi
fi
fi
fi
ffi
fi
fi
fi
fi
fi
fi
ffi
fi
fi
fi
fi
ffi
SNMP Concept
SNMP has two components Manager and agent.
• The manager is a host that controls and monitors a set of
agents such as routers.
• It is an application layer protocol in which a few manager
stations can handle a set of agents.
• The protocol designed at the application level can monitor
the devices made by different manufacturers and installed
on different physical networks.
• It is used in a heterogeneous network made of different
LANs and WANs connected by routers or gateways.
Management Components
• Management is not achieved only through the SNMP protocol but also the
use of other protocols that can cooperate with the SNMP protocol.
Management is achieved through the use of the other two protocols: SMI
(Structure of management information) and MIB(management information
base).
• Management is a combination of SMI, MIB, and SNMP. All these three
protocols such as abstract syntax notation 1 (ASN.1) and basic encoding
rules (BER).
38
fl
SMI
The SMI (Structure of management information) is a component used in
network management. Its main function is to de ne the type of data that can
be stored in an object and to show how to encode the data for the
transmission over a network.
MIB
• The MIB (Management information base) is a second component for the
network management.
• Each agent has its own MIB, which is a collection of all the objects that the
manager can manage. MIB is categorized into eight groups: system,
interface, address translation, ip, icmp, tcp, udp, and egp. These groups
are under the mib object.
SNMP
SNMP de nes ve types of messages: GetRequest, GetNextRequest,
SetRequest, GetResponse, and Trap.
GetRequest: The GetRequest message is sent from a manager (client) to the
agent (server) to retrieve the value of a variable.
GetNextRequest: The GetNextRequest message is sent from the manager
to agent to retrieve the value of a variable. This type of message is used to
retrieve the values of the entries in a table. If the manager does not know the
indexes of the entries, then it will not be able to retrieve the values. In such
situations, GetNextRequest message is used to de ne an object.
GetResponse: The GetResponse message is sent from an agent to the
manager in response to the GetRequest and GetNextRequest message. This
message contains the value of a variable requested by the manager.
SetRequest: The SetRequest message is sent from a manager to the agent
to set a value in a variable.
Trap: The Trap message is sent from an agent to the manager to report an
event. For example, if the agent is rebooted, then it informs the manager as
well as sends the time of rebooting.
40
fi
fi
fi
fi
fi