Wednesday, November 16, 2011

Summary of Module 10

Summary

This page summarizes the topics discussed in this module.
The transport layer of the OSI model is responsible for the reliable transport and regulation of data flow from a source to a destination. TCP makes sure that each host on the network is ready and willing to communicate.
A three-way handshake is a process that ensures that each side is ready for data transmission and allows each device to determine the initial sequence number. A three-way handshake starts with a host initiating a connection. The other host receives a packet, records a sequence number and then replies with an ACK. The initiating host then responds back and finalizes the connection.
DoS attacks are designed to deny services to legitimate hosts that attempt to establish connections. It is used by hackers to halt system response. SYN flooding is one type of DoS attack. It exploits the normal three-way handshake and causes targeted devices to ACK to source addresses that will not complete the handshake. Spoofing occurs when a receiving device replies to a non-existent, unreachable IP address and is placed in a wait state until it receives the final ACK from the initiator. In addition to software specifically created as a defense against these kinds of attacks, an administrator can decrease the connection timeout period and increase the connection queue size.
Breaking data into smaller pieces is called segmenting and is done with TCP. Once the data is segmented, it must be transmitted to the destination device. TCP applies sequence numbers to the data segments so that the receiver can reassemble the bytes properly and the sender knows when all the segments have been received. Windowing is the process of flow control that regulates how much data is sent during a given transmission period. TCP uses a sliding window when determining transmission size. A sliding window allows for devices to negotiate a window size to allow for more than one byte to be sent during a single transmission.
Many protocols use PAR to provide reliability. With PAR, the source sends a packet, starts a timer, and waits for an ACK before it sends the next packet. If the timer expires before the source receives an ACK, the source retransmits the packet and resets the timer. TCP uses expectational ACKs in which the Acknowledgment Number refers to the next octet that is expected.
UDP provides connectionless, non-guaranteed transmission of packets at Layer 4 of the OSI model. Since UDP does not use windowing or acknowledgments, application layer protocols must provide error detection.
A port number must be associated with the conversation between hosts to ensure that the packet reaches the appropriate service on the server. Port numbers have the following assigned ranges:
  • The Well Known Ports are those from 0 through 1023
  • The Registered Ports are those from 1024 through 49151
  • The Dynamic and/or Private Ports are those from 49152 through 65535
The three methods of addressing include port numbers, which are located at the transport layer and serviced by the network layer. The network layer assigns the logical or IP address and the data link layer assigns the physical or MAC address.

No comments:

Post a Comment