Transcript MSc – CD4040 – Internet and Web Research Topics

MSc
WLAN, IP/TCP and COMM NETWORK
Topics
By
Prof R A Carrasco
School of Electrical ,Electronic and Computer Engineering
University of Newcastle Upon Tyne
[email protected]
Ext: 7332
MSc
WLAN, IP/TCP and COMM NETWORK
References
[1] Tanenbaum, Andrew S., Computer Networks, Fourth Edition ed: Pearson
Education International, 2003, ISBN: 0-13-038488-7.
[2] Comer, Douglas E, Computer Networks and Internets with Internet
Applications, Third Edition ed: Prentice Hall, 2001, ISBN: 0-13-091449-5.
[3] Peterson, Larry L. & Davie, Bruce S., Computer Networks, A Systems
Approach: Morgan Kaufman Publishers, 2000, ISBN: 1-55860-577-0.
[4] Halsall, Fred, Data Communications, Computer Networks and Open
Systems: Adison-Wesley Publishing, 1995, ISBN: 0-201-42293-X
Internet and Protocols
• Advanced Research Projects Agency Network (ARPAnet), 1969.
• The protocols in the TCP/IP suite either use transport control protocols (TCP) or
user datagram protocol (UDP) as the transport protocol.
• Low level functions such as File Transfer Protocol (FTP), the Internet Terminal
Protocol (TELNET) and Electronic Mail (E-Mail), remote logon.
• IP is responsible for moving packets of data from node to node. IP forwards each
packet based on a four byte destination address (the IP number), different
organisation, IP operates on a gateway machine.
• TCP is responsible for verifying the correct delivery of data from client to server.
TCP adds support to detect errors or lost data to trigger retransmission until the
data is correctly and completely received.
• Sockets is a name given to the package of subroutines that provide access to
TCP/IP on most systems
• The Internet Protocol was developed to create a Network of Networks (the
Internet). Individual machines are first connected to a LAN (Ethernet or Token
Ring). TCP/IP shares the LAN with other users. One device provides the TCP/IP
connection between the LAN and the rest of the World.
• A Network consisting of two or more far-apart LANs is a Wide Area Network (WAN)
• Typical Network consisting of Switches, Hubs and Routers are intermediary
devices between clients and servers
The Network Layer in the Internet





The Internet can be viewed as a collection of sub-networks
or autonomous systems (AS) that are connected together
There is not real structure, but several major backbones
exist
These are constructed from high-bandwidth lines and fast
routers
Attached to the backbones are regional networks, and
attached to these regional networks are LANs
(Universities, companies etc.)
The glue that holds the Internet together is the network
layer protocol, IP
The Network Layer in the Internet



The Internet transmits data by packet switching
using a standardised Internet Protocol (IP)
IP Datagram
The header has a 20-byte fixed part and a variable
length optional part
It is transmitted in big edian order from left to
right with higher-order bit of the version field
going first
Ethernet hub is a device for
connecting multiple twisted pair
or fibre Ethernet devices
together.
Ethernet bridge connects multiple
network segments at the data link
layer ( layer 2 ) of the OSI model.
[2] D. E. Comer, "Computer Networks and Internets with
Internet Applications," Prentice Hall, 2001, pp. 157-167.
http://netbook.cs.purdue.edu/anmtions/anim09_2.htm
A router is a computer networking
device that forwards data across
networks towards their destination,
through a process known as routing.
http://netbook.cs.purdue.edu/anmtions/anim09_3.htm
Modem is a device that modulates an
analogue carrier signal to encode digital
information and also demodulate such a
carrier signal to decode the transmitted
information.
Popular Wired LAN Standards
High-Level Data Link Control (HDLC)
 Ethernet (IEEE 802.3)
 Token Bus (IEEE 802.4)
 Token Ring (IEEE 802.5)

[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 234-243, pp.
16-26, pp. 271-291.
HIGH LEVEL DATA LINK CONTROL
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 234-243.
8
01111110
8
address
8
>0
control
Data
16
Checksum
Frame format for bit-oriented protocols.
8
01111110
HIGH LEVEL DATA LINK CONTROL(2)
(a)
(b)
(c)
1
3
1
3
0
Seq
P/F
Next
1
3
1
3
0
Type
P/F
Next
1
3
1
3
0
Type
P/F
Modifier
Control Field of
(a)
An information frame
(b)
A supervisory frame
(c)
An unnumbered frame
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 234-243.
PPP- Point to Point Protocol
Bytes
1
1
1
Flag
Address
Control
01111110
11111111
1 or 2
Variable
2 or 4
1
Flag
Protocol
Payload
checksum
00000011
The PPP full frame format for unnumbered mode operation
01111110
Ethernet (IEEE 802.3)
Bus Topology
 Carrier Sense Multiple Access with
Collision Detection (CSMA/CD)
 10 Bases denoting 10 Mbit/s

http://netbook.cs.purdue.edu/anmtions/anim06_1.htm
Ethernet (IEEE 802.3)
Tap
Transceiver
Drop cable
MAC Unit
Protocol Firmware
Network Service
Ethernet (IEEE 802.3)
PR SFD DA SA TYPE
INFORMATION FCS
Data frame






PR = Preamble
SFD = Start Frame Data
DA = Destination Address
SA = Source Address
TYPE = Type of data
FCS = Frame Checksum
CSMA/CD MAC Protocol


Station checks if there is data being currently
transmitted (carrier sense)
If no data is present, station begins to transmit data
http://netbook.cs.purdue.edu/anmtions/anim06_2.htm


If two or more stations begin this process
simultaneously, there will be a collision of frames
Station monitors its own receiver output and
compares with transmitted signal to detect when
this occurs (collision detection)
http://netbook.cs.purdue.edu/anmtions/anim06_5.htm
CSMA/CD MAC Protocol



If a collision is detected, the station aborts the
transmission and sends a jamming signal to inform
all other stations that a collision has occurred
Transmitting stations that have caused the
collision wait a randomly generated time interval
before reattempting to transmit
This avoids step-lock in terms of retransmission
causing repeated collisions
Capacity Calculations
A
B

delay

TX - A TX - B
Time
T = Transmitted frame length
Capacity Calculations
Time to transfer information
Collision interval
TX-A

2
TX-B
Sensing time
Time to detect collision
a=/T
The maximum propagation delay to frame length ratio
The figure above allows a new frame to be transmitted immediately following
the previous one, giving a frame rate of 1/T frames/sec
Capacity Calculations

If, on average K retries are necessary before
the next frame can be transmitted (in a lightly
loaded network k=0), then the average time
for transmitting one frame, tv, is given by:
 tv
= T +  + 2K
= T + (1 + 2K)
= T [1 + /T(1 +2K)] = T[1 + a(1+2K)]
Where
a=/T
Capacity Calculations
The utilisation factor, U, of the transmission
medium is given by:
 U = T/tv = 1/(1+a(1+2k))
 Let Pt be the probability constant for all
stations over all time that any particular
station wishes to transmit at the end of a
specific 2 collision detection interval
 Pt = 2 λ ,(where λ is the rate of packets/s)

Capacity Calculations



For a successful event, one station transmits, but
n-1 stations do not
The probability of n successful transmissions p is
therefore given by:
p = nPt(1 - Pt)n-1
It can be shown by differentiating p with respect to
Pt that the maximum value of the probability Pt is:
Pt = 1/n
Where n is the number of stations
Capacity Calculations






Consequently the maximum value of p is given by:
pmax= n  1/n(1 – 1/n)n-1 = (1 – 1/n) n-1
If n→∞ then pmax → 1/e where e = 2.718…
At the end of a 2 collision detection interval, a further
collision occurs with probability 1-p, while a successful
transmission occurs with probability P
Thus, a sequence of K collision intervals occupying a time
2K sec, occurs with probability:
P (k) = p(1-p)K-1 at least one collision occurring
Capacity Calculations
The average number of collisions is
therefore given by:
 k= Σk=1 kp(k) = Σk=1 kp(1-p) k-1
 From this it can be proven that k=1/p, and
we obtain the limiting utilisation:
 U = T/tv = 1/(1+a(1+2k))
 Umax = 1 / (1+a(1+22.718)) = 1/(1+6.44a)

Utilisation with different values for
the a parameter
Max Utilisation for different values of
Max Utilisation
1
0.8
0.6
0.4
0.2
0
0
0.2
parameter
0.4
a
a
Ethernet Exercises


Problem: A certain Ethernet system has a
maximum bus delay of 16 μsec, and operates with
a bit rate of 10 Mbit/sec. Each frame is 576 bits in
length. Determine the maximum utilisation factor
of the medium under collision conditions
For the system above, calculate the actual capacity
if there are 15 active stations, each with an equal
amount of data to transmit
Token Ring (IEEE 802.5)
Ring Structure
SD AC FC DA SA INFORMATION FCS ED FS
Data frame
SD AC ED
http://netbook.cs.purdue.edu/anmtions/anim06_4.htm
Token frame
Token Ring Frame Structures
SD = Start Delimited (1 octet)
 AC = Access Control (1 octet)
 FC = Frame Control (1 octet)
 DA = Destination Address (2/6)
 FCS = Frame Check (4)
 ED = End Delimiter (1)
 FS = Frame Status (1)

Token Ring
Trunk Coupling Unit (TCU)
Ring cable
Drop cable
MAC Unit
Protocol Firmware
Network Service
Token Ring
D
D
Free Token
C
A
C
A
B
B
D
D
A removes
the data
frame
A
C
A
C
A generates
data frame
for station A
Busy Token
B
Free Token
B
Capacity Calculations

Empty Ring
 C = Capacity (bits/sec)
  = Propagation time around ring
 N = Number of stations
 L = Delay of L bits in each station on the
ring (station latency)
Capacity Calculations
The ring latency is given by:
 TL =  + (NL)/C
 The free token is 24 bits (3 bytes) in length,
thus the maximum waiting time, if no other
station is transmitting, is given by:
 Tmax,empty = (24/C + TL)

Capacity Calculations

Full Ring
 Consider a full ring, where all stations have
data to transmit
 Each station can only transmit when it has the
token
 If each frame is limited to M bytes, the
transmission time is:
 T = 8M/C
 The maximum waiting time is:
 Tmax, Full = (N-1)(T+TL)
Capacity Calculations

Exercise
 A 4Mbit/s ring has 50 stations, each with a
latency of 2 bits, the total length of the ring is
2km, and the propagation delay of the cable is
5μs/km
 Determine the maximum waiting time when the
ring is empty, and when all stations are
transmitting. A full frame is 64 bytes in length
Capacity Calculations

Loaded Ring
 Traffic load of λi frame/sec
 T = Time when transmitted on the ring for
each frame
 Tc = time interval elapsed before the free
token arrives
 ti = λiTcT
Capacity Calculations
The maximum waiting time experienced by
every station on the ring Tc is given by:
 Tc = TL + ΣNi=1 ti = TL + tc ΛT
 Where Λ = ΣNi=1 λi
 Here the parameter Λ represents the gross
input to the ring in frame/sec
 Tc/TL = 1 / (1-U) and U = ΛT

Tutorial: Network Systems and Technologies
by Professor R. A. Carrasco



1)
a)
b)
Describe the basic differences between a wide area network and a local area network in terms of:
Structure
Operation
2)
The techniques of passing information from node to node across a broadcast network differ according
to the type of configuration employed.
Compare the methods used for bus and ring networks.
3)
a) What is a baseband LAN?
What is a broadband LAN?
b) What are the advantages of using a star ring architecture in a computer network? What are its
disadvantages?
4)
Describe the effects of a complete failure of a node in the operation of the following network
configurations:
 a bus
 a ring
 a star
5)
List the seven layers of the CCITT ISO architecture for network communications.
 a)
Describe their function and justify the existence of each one.
 b)
Which layers are essential to LAN communications and why?










6)
Assuming HDLC protocol
 a)
Distinguish between the normal response mode and the asynchronous mode of working.
How are they defined in the HDLC frame structure?
 b)
How is flow control achieved through this frame structure?
7)
Describe the function of the logical link control and medium access control layers as defined in the
IEEE 802 standards and indicate their relationship with the lower protocol layers in the ISO
seven-layer reference model.



8)
a) Describe the basic differences between circuit switching, message switching and packet
switching.
b) Give examples of each switching technique. Advantages and disadvantages of
switching techniques.
c) For packet switching technique: give an example. How will the network handle stream of
packets?


9)
i) Discuss IEEE 802 standards and frame format for CSMA/CD, token bus, token ring, 802.2
(logical link control), 802.3, 802.4 and 802.5 standards.
ii) Briefly discuss the comparison of 802.3, 802.4 and 802.5 standards.


10) Imagine two LAN bridges, both connecting a pair of 802.4 networks. The first bridge is faced with
1000 512-byte frames per second that must be forwarded. The second is faced with 200 4096-byte
frames per second. Which bridge do you think will need the faster CPU? Discuss.



11) Suppose that the two bridges of the previous problem each connected an 802.4 LAN to an 802.5
LAN. Would that change have any influence on the previous answer?

12) A bridge between an 802.3 LAN and an 802.4 LAN has a problem with intermittent memory
errors. Can this problem cause undetected errors with transmitted frames, or will these all be
caught by the frame checksums?


13) A large FDDI ring has 100 stations and a token rotation time of 40 msec. The token holding time
is 10 msec. What is the maximum achievable efficiency of the ring?
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 26-49.
• The Internet uses almost exclusively TCP for layer 4 and IP for layer 3
Clients and servers typically implement all of the seven OSI layers whilst
hubs and switches are only aware of MAC addresses
Routers are aware of network address (IP addresses), a layer 3 switch is really
a fast router
• Routing protocols differ from routed protocols since they dynamically determine
routing and the route taken by one packet can be different to that of another
packet taking place in the same transaction.
• Transmission Control Protocol (TCP) is a transport layer protocol layered on top
of IP and below the application layer SMTP, Telnet, FTP, HTTP(web) etc.
Transmission Control Protocol (TCP)
(RFC 793)
• Van Jacobson’s algorithm
• Karn’s algorithm
• Nagle’s Algorithm
IEEE 802.x, TCP/IP and ISO/OSI
Architecture Comparison
TCP/IP
ISO/OSI
Application
Application
Presentation
Session
Transport
IEEE 802.x
Network (IP)
IEEE 802.2
Ethernet
IEEE 802.3 IEEE 802.4 IEEE 802.5 IEEE 802.6
Transport
Network
Data Link
Physical
SMTP (Simple Mail Transfer Protocol)
Simple Mail Transfer Protocol is the de facto standard for e-mail transmission across
the internet. This is a text based protocol. SMTP uses TCP port 25.
FTP (File Transfer Protocol)
FTP is used to connect two computers over the internet so that users of one computer
can transfer files and perform file commands on the other computer.
TELNET (TELe type NETwork)
TELNET is a network protocol based on the internet or the local area network (LAN)
connections. The term telnet also refers to software which implements the client part of
the protocol.
DNS (Domain Name System)
Domain Name System ( DNS) stores and associates many types of information with
translation of domain names ( computer host names ) to IP addresses.
SNMP (Simple Network Management Protocol)
SNMP is used by network management system to monitor network attached devices
for conditions that warrant administrative attention ( Application Layer, database
scheme, date objects)
TFTP (Trivial File Transfer Protocol)
TFTP is a very simple file transfer protocol ( basic form of TFTP). TFTP is therefore
useful for booting computers such as routers which doesn’t have any mass storage
devices.
ARP (Address Resolution Protocol)
ARP is a protocol used by the internet protocol (IP) specifically IPV4, to map P
network addresses to the hardware addresses used by the data link protocol.
RARP (Reverse Address Resolution Protocol)
RARP is a network layer protocol used t resolve an IP address from a given hardware
address. It has been rendered obsolete by BOOTP and modern DHCP ( Dynamic Host
Control Protocol ).
ICMP (Internet Control Message Protocol)
ICMP is one of the core protocols of the internet protocol suite.
IGMP (Internet Group Message Protocol)
IGMP is a communication protocol used to manage the membership if internet
protocol multicast groups.
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 431-449.
IP
The IP is the internetworking protocol that offers a
service with the following characteristics:
It is connectionless, so units of network layer data
protocol ,denominated datagram in the IP context,
are dealt with in an individual way from the
source host up to the destination host
It is not reliable. The data-grams can be lost,
duplicated, or disordered, and the network does
not detect or report this problem
http://netbook.cs.purdue.edu/anmtions/anim17_1.htm
[1] A. S. Tanenbaum, "Computer Networks,"
Pearson Education, 2003, pp. 431-448.
IP Header format




The version field keeps track of which version of the
protocol the datagram belongs to.
Hlen is provided to tell how long the header is in 32-bit
words
The type of service field allows the host to tell the subnet
what kind of service it wants. Various combinations of
reliability and speed are possible. The three flag bits allow
the host to specify what it cares most about from the net
[delay, throughput, reliability]
The total length includes everything in the datagram –
both header and data
IP Header Format

The identification field is needed to allow the destination host to
determine which datagram a newly arrived fragment belongs to. All
the fragments of a datagram contain the same identification value
DF = Don’t Fragment
MF = More Fragment

The fragment offset tells where in the current datagram this fragment
belongs

The time to live field is a counter used to limit packet lifetimes

The protocol field tells it which transport process to give it to, TCP,
UDP and some others
IP Header Format



The header checksum verifies the header only. Checksum is useful to detecting
errors generated by bad memory words inside a router
The source address and destination address indicate the network number and
host numbers
The option field was designed to provide an escape to allow subsequent
version of the protocol to include information not present in the original design
Option
Description
Security
Specifies how secret the datagram is
Strict source routing
Gives the complete path to be followed
Loose source routing
Record route
Timestamp
Gives a list of routers not to be missed
Makes each router append its IP address
Makes each router append its address and timestamp
Fragmentation


The IP-level datagram must be encapsulated in a lower
network level packet to travel in the network
The rules for the fragmentation are as follows:
 The size of the resulting fragments must be a multiple
of an octet so that the data displacement records, offset,
within the datagram are done correctly
 The size of the fragments are freely chosen
 The gateway must accept datagram with a greater size
than that of the network they are connected to. This is
so larger datagram can be admitted to the network
 The host and gateways must handle datagram larger
than 576 octets
[2] D. E. Comer, "Computer Networks and Internets
with Internet Applications," Prentice Hall, 2001,
pp. 283-297.
http://netbook.cs.purdue.edu/anmtions/anim16_1.htm
ARP Address Resolution Protocol


The IP packet are sent encapsulated in LAN or
WAN frame such as Ethernet, token ring or ATM
Q. How does the host needs to know the correct
Ethernet destination address to put in the frame?

EtherDes EtherSour length IP header Payload

A. It uses ARP to map from the IP destination
address to the Ethernet destination address
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 450-452.
http://netbook.cs.purdue.edu/anmtions/anim15_1.htm
ARP cont
The host broadcasts an APR request packet
which contains the IP address of the
required station
 The station which has that IP address replies
directly (unicast) returning the correct IP
address
 Now the IP packet can be sent directly to
the correct Ethernet address

Reverse Address Resolution Protocol
(RARP)



Allows a station to determine its IP address from
its hardware address
A server can be configured to respond to RARP
request automatically allocating IP address across
the network
Not used much nowadays, replaced instead by
more powerful auto configuration protocols such
as DHCP (Dynamic Host Configuration Protocol)
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 453-454.
Dynamic Host Configuration
Protocol DHCP
Allows a client to be configured
automatically over the network.
 Means that machines do not have to have
configured by hand
 New machines can be added to the IP
network more easily
 Less chance of error (for example duplicate
IP addresses being configured)

Domain Name Service DNS
IP addresses are very difficult to remember
 DNS translates easier to remember text
names
www.soc.ncl.ac.uk
into IP address 128.10.20.30
 When a host requires a domain name
translation it makes the request to its local
Domain Name Server

[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 579-588,.
Domain Naming






Each name in DNS can be split up a series of
domains
E.g. www.soc.ncl.ac.uk
uk=domain of the UK
ac.uk= academic domain within the UK
ncl.ac.uk=Newcastle University domain within
UK academic
soc.ncl.ac.uk School of computing domain within
Newcastle University within UK academic
Domain Name Servers



Each domain name server is responsible domain
The first request will go to the server which is the local machine
domain
DNS server can react in 3 different way
-DIRECT just send back the correct IP address
-RECURSIVE if it doesn’t know the IP address make a request to another
DNS server for the IP address then send back the IP address
-INDIRECT send back the IP address of another DNS server
 The change from IPv4 to IPv6 falls primarily into the following categories:
• Expanded Addressing Capabilities
IP address size from 32 bits to 128
• Header format simplification
• Improved support for extensions and options
• Flow labelling capability
•Authentication and privacy capabilities
IPv6 extension headers
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 464-473.
[2] D. E. Comer, "Computer Networks and Internets
with Internet Applications," Prentice Hall, 2001,
pp. 339-348.
Order of extension headers for IPv6
Option header formats
Hop-by-hop extension IPv6 options header
Routing Extension IPv6 header
Routing type 0 header
Fragment extension IPv6 header
TCP and UDP “pseudo-header” for IPv6
Tutorial Sheet: Network Systems and Technologies
by Prof R. A. Carrasco
1)
What is the principal difference between connectionless communication and connection-oriented
communication?
2)
Two networks each provide reliable connection-oriented service. One of them offers a reliable byte
stream and the other offers a reliable message stream. Are these identical? If so, why is the
distinction mode? If not, give an example of how they differ.
3)
What are two reasons for using layered protocols?
4)
Give two example applications for which connection-oriented service is appropriate. Now give two
examples for which connectionless service is best.
5)
Are there any circumstances when a virtual circuit service will (or at least should) deliver packets
out of order? Explain.
6)
Datagram subnets route each packet as a separate unit, independent of all others. Virtual circuit
subnets do not have to do this, since each data packet follows a predetermined route. Does this
observation mean that virtual circuit subnets do not need the capability to route isolated packets from
an arbitrary source to an arbitrary destination? Explain your answer.
7)
What does ‘negotiation’ mean when discussing network protocols? Give an example of it.
8)
9)
Give three examples of protocol parameters that might be negotiated when a connection is set up.
Discuss the advantages and disadvantages of message switching over circuit switching and
performance comparison.
10) Discuss the advantages/disadvantages of packet switching over circuit switching (and performance
comparison)
11) Discuss the characteristics and medium access control techniques of Broadcast Networks.
12) Describe the routing functions attributes and their elements.
13) Describe the following routing strategies:
Fixed Routing
Flooding
Random Routing
Adaptive Routing
TCP Transmission Control Protocol
Services
-Guarantees end to end delivering of packets
-Control the flow of data from host to host
and host into the network
-Multiplexing, the TCP header has a port
number which is used to determine which
application should receive the packet
http://netbook.cs.purdue.edu/anmtions/anim20_1.htm
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 41-49.
TCP Datagram Format, RFC 793
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 532-553.
TCP Client Ports


Q. If you have a computer running an e-mail
package, 2 web browsers (e.g. Netscape and IE)
how does the compute know when a TCP/IP
packet arrives which application should receive
the packet?
A. Each application sets up its connection using a
different port number, when the replies come back
from the server the port number is used to send the
packet to the current connection.
TCP SERVER PORTS
The server must respond to client requests
 Q. How does the client know which port to
send its request to?
 A. “Well known port numbers” are assigned
to particular services

TCP Error control





The acknowledgment (ack) and sequence number fields are
used to guarantee delivery of packets to the destination
For each packet sent out an ack must be sent back.
If no ack is sent back within a certain time the packet is
sent again.
Each new packet to be transmitted is allocated a new
sequence no. the returning ack no. informs the sender of
the next expected sequence no.
The sequence no. is used to keep the packets in order
http://netbook.cs.purdue.edu/anmtions/anim20_5.htm
TCP flow control

The window size field is used by the receiver to
control the flow of packets from the sender.
http://netbook.cs.purdue.edu/anmtions/anim20_3.htm


If the receiver sets the window size to 400 the
sender is only allowed to send 400 bytes before
stopping.
The receiver can stop the sender by setting the
window size to 0
http://netbook.cs.purdue.edu/anmtions/anim20_3.htm
TCP congestion control
TCP uses a slow start algorithm to initially
limit a new connection’s bandwidth.
 This is so that the connection does not
overload the network infrastructure
 TCP increases the flow of data into the
network until an ack timeout occurs it will
then cut back

UDP User Datagram Protocol
Services
-provides port allocations the same as TCP
-does NOT guarantee delivery
-does not guarantee sequencing
-useful when speed is more important than
reliability e.g. Internet telephony

[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp. 524-532.
User Datagram Protocol (UDP), RFC 768
• Source Port
Destination Port
Length Field
The Checksum
• Internet Protocol IP
RFC 791, RFC 792, RFC 826
IPv4, IPv6
Applications of UDP
Appropriate when
- transport layer overhead must be
minimized or
- data reliability is not crucial
- Services such as NFS, DNS, SNMP and
Voice over IP (VoIP) use UDP

Sockets
Applications
Socket references
UDP sockets
TCP sockets
Sockets bound to ports
TCP ports 1
2
1
65535
2
65535
UDP ports
UDP
TCP
IP
 A socket allows applications to send and receive data.
 It allows an application to connect to a network and communicate with other
 applications on that network
 Stream sockets use TCP as the end-to-end protocol with IP underneath
 Datagram sockets use UDP end-to-end with IP underneath
 A TCP/IP socket is uniquely identified by an Internet address, type of protocol and
 a port number
Relationship of Socket Classes
.NET
Framework
Classes
TcpListener
TcpClient
Class
UdpClient
Class
Socket Class
Underlying
Implementation
WinSock 2.0 Implementation
 WinSock was developed by Microsoft and provides standard socket functions.
 The .NET framework provides higher level classes to simplify programming tasks.
 The .NET socket class allows access to the underlying sockets interface.
 TcpListener, TcpClient and UdpClient are higher level .NET socket classes that are implemented
using the .NET Socket wrapper class.
TCP Sockets

The .NET framework provides two classes for TCP:
TcpClient and TcpListener

.NET uses the EndPoint class and IPEndPoint subclass
to represent the TCP channel.

Communication with a TCP client is initiated in three
steps:
1.
Construct an instance of TcpClient
Communicate using the socket’s stream
Close the connection
2.
3.
TCP Client and Echo server in C#
0. using System;
//For string, Int32, Console, ArgumentException
1. using System.text;
//For Encoding
2. using System.IO;
//For IOException
3. using System.Net.Sockets
//For TcpClient, NetworkStream, SocketException
4.
5. class TcpEchoClient{
6.
7. static void Main(string[] args){
8.
9. if ((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args
10.
throw new ArgumentException(“Parameters: <Server> <Word> [<Port>]”);
11. }
12.
13. String server = args[0]; // Server name or IP address
14.
15.// Convert input String to bytes
16. byte[] byteBuffer = Encoding.ASCII.Getbytes(args[1]);
17.
18. //Use port argument if supplied, otherwise default to 7
19. Int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;
20.
TCP Client and Echo server in C#
21. TcpClient client = null;
22. NetworkStream netStream = null;
23.
24. try{
25. // Create socket that is connected to server on specified port
26. client = new TcpClient(server, servPort);
27.
28. Console.WriteLine(“Connected to server… sending echo string”);
29.
30. netStream = client.GetStream();
31.
32. // Send the encoded string to the server
33. netStream.Write(byteBuffer, 0, byteBuffer.Length);
34.
35. Console.WriteLine(“Sent {0} bytes to server…”, byteBuffer.Length);
36.
37. int totalBytesRcvd = 0; // Total bytes received so far
38. int bytesRcvd = 0;
// Bytes received in last read
39.
TCP Client and Echo server in C#
40. //Receive the same string back from the server
41. while(totalBytesRcvd < byteBuffer.Length){
42.
if((bytesRcvd = netStream.Read(byteBuffer, totalBytesRcvd, byteBuffer.Length – totalBytesRcvd)) == 0){
43.
Console.WriteLine(“Connection closed prematurely.”);
45.
break;
46.
}
47.
totalBytesRcvd += bytesRcvd;
48. }
49.
50.
Console.WriteLine(“Received {0} bytes from server: {1}”, totalBytesRcvd,
51.
Encoding.ASCII.Getstring(byteBuffer, 0, totalBytesRcvd));
52.
53.
} catch (Exception e){
54.
Console.WriteLine(e.Message);
55.
} finally {
56.
netStream.Close();
57.
client.Close();
58.
}
59.
}
60.}
TCP Client and Echo server in C#









Lines 15-16 convert the echo string to bytes
Line 19 finds the echo server port
Lines 25-26 create the TCP socket
Line 30 gets the socket stream
Lines 32-33 send the string to the echo server
Line 40-48 receive the reply from the echo server
Lines 50-51 print the echoed string
Lines 53-54 handle errors
Lines 55-58 close the stream and socket
UDP Sockets

The .NET framework provides UDP sockets
functionality using the class UdpClient. This allows for
both sending and receiving UDP packets, and can be
used to construct a UDP client and server.

The UDP client works in the following way:
1.
Construct an instance of UdpClient
2.
Communicate using the Send() and Receive() methods of UdpClient
3.
Use the Close() method of UdpClient to deallocate the socket.
UDP Client and Echo Server in C#
0. using System;
//For String, Int32, Console
1. using System.Text;
//For Encoding
2. using System.Net;
//For IPEndPoint
3. using System.Net.Sockets //For UdpClient, SocketException
4.
5. class UdpEchoClient {
6.
7. static void Main(string[] args) {
8.
9.
if((args.Length < 2) || (args.Length > 3)) { // Test for correct no of args
10.
throw new System.ArgumentException(“Parameters: <Server> <Word> [<Port>]”);
11. }
12.
13. String server = args[0];
// Server name or IP address
14.
15. // Use port argument if supplied, otherwise default to 7
16. int servPort = (args.Length == 3) ? Int32.Parse(args[2]) : 7;
17.
18. // Convert input String to an array of bytes
19. byte[] sendPacket = Encoding.ASCII.GetBytes(args[1]);
20.
21. // Create a UdpClient instance
22. UdpClient client = new UdpClient();
UDP Client and Echo Server in C#
23
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
try {
// Send the echo string to the specified host and port
client.Send(sendPacket, sendPacket.Length, server, servPort);
Console.WriteLine(“Sent {0} bytes to the server…”, sendPacket.Length);
// This IPEndPoint instance will be populated with the remote sender’s endpoint information after the
Receive() call
IPEndPoint remoteIPEndPoint = new IPEndPoint(IPAddress.Any, 0);
// Attempt echo reply receive
byte[] rcvPacket = client.Receive(ref remoteIPEndPoint);
Console.Writeline(“Received {0} bytes from {1}: {2}”, rcvPacket.Length, remoteIPEndPoint,
Encoding.ASCII.Getstring(rcvPacket, 0,
rcvPacket.Length));
37.
38.
} catch (SocketException se) {
39.
Console.WriteLine(se.ErrorCode + “: “ + se.Message);
40.
}
41.
42.
client.Close();
43. }
44. }
UDP Client and Echo Server in C#
Lines 21-22 create the UDP socket
 Lines 24-25 send the datagram
 Lines 29-30 create a remote IP end point for
receiving
 Lines 32-33 handle datagram reception
 Lines 35-36 print reception results
 Line 42 closes the socket

Voice over IP (VoIP)
VoIP is the routing of voice signals over an
IP-based network.
 The analogue voice signal is converted to a
digital signal.
 The digital signal is compressed using a
codec (G.7xxx for voice, H.26xx for video)
 The digital signal is then split into packets
by a process called Packetization

Voice over IP (VoIP)
Advantages:


Incoming calls can be routed to a VoIP phone anywhere on
the network
Lower cost especially for international calls
Disadvantages:


Received IP packets can arrive in any order or even be
missing resulting in poor QoS.
Susceptible to power cuts
Voice over IP Protocols
Audio/Video
Applications
RTSP
ENUM
H.323
SIP
Codecs
G.xxx, H.26x
MEGACO/
H.248
DNS
RTP
SDP
RTCP
UDP
TCP
IP
Network Interface Layer Protocols
SAP
MGCP
RSVP
Protocols supporting VoIP








Multicast IP
Real-Time Transport Protocol (RTP)
Real-Time Control Protocol (RTCP)
Resource Reservation Protocol (RSVP)
Real-Time Streaming Protocol (RTSP)
Session Description Protocol (SDP)
Session Initiation Protocol (SIP)
Electronic Numbers (ENUM)
Protocols supporting VoIP

Multicast IP efficiently sends data to multiple receivers at the same
time on TCP/IP networks.

RTP provides end-to-end delivery services for data that requires realtime support.

RTCP monitors the QoS and conveys information about each user in
the communication session.

RSVP requests an appropriate level of service from the network.

RTSP controls the delivery of data that has real-time properties.

SDP describes a multimedia session for the purposes of session
announcement and invitation.
Protocols supporting VoIP

SIP establishes a communication session
between two end-points. It creates, modifies
and terminates sessions between
participants.

ENUM bridges the gap between telephone
numbers and IP addresses.
Real-Time Transport Protocol (RTP)
1111111111222222222233
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Bits
V=2 P X
CC
M
Sequence Number
PT
Timestamp
Synchronisation Source (SSRC) Identifier
Contributing Source (CSRC) Identifier
(0 to 15 items)
20 ms Voice Sample
 V = Version (currently 2)
 CC = CSRC Count. Counts the number of CSRC identifiers in the RTP header
 CSRC – Identifies contributing sources (conferencing) in the payload. There can only be a
maximum of 15 contributing sources. These are inserted by a mixer.
 SSRC – Identifies synchronisation sources. It is chosen randomly so that two or more
synchronisation sources in the same RTP session have the same SSRC identifier.
Voice over IP Packet Format
1111111111222222222233
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Bits
VER IHL Type of service
Total Length
Flags
Identifier
Fragment Offset
Header Checksum
Protocol
Time to live
Source Address
Destination Address
Options + Padding
Source Port
Length
V=2 PX
CC
M
Destination Port
Checksum
IPv4 Header
20 octets
+
Options
+
Padding
UDP Header
8 Octets
Sequence Number
PT
Timestamp
Synchronisation Source (SSRC) Identifier
Contributing Source (CSRC) Identifier
(0 – 15 items)
20 ms Voice Sample
RTP Header
12 octets
+
Identifiers
Data
20 octets
References

“TCP/IP Illustrated, Volume 1, The Protocols”, W. Richard
Stevens, Addison-Wesley Professional Computing Series,
1994

“TCP/IP Sockets in C#, Practical Guide for Programmers”,
David B. Makofske, Michael J. Donahoo, Kenneth L.
Calvert, The Practical Guide Series, Elsevier, 2004

“Voice over IP Technologies, Building the Converged
Network”, Mark A. Miller, M&T Books, 2002
ALOHA and Packet Broadcasting
Channel
Prof. R. A. Carrasco
School of Electrical, Electronic and Computer engineering
2006
University of Newcastle-upon-Tyne
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp.251-264.
Packet Broadcasting Related Works
by Metcalfe and Abransom
1) 1970: N. Abramson, “The ALOHA System – Another
alternative for computer communications.”, in Proc.
AFIPS Press, vol 37, 1970
2) 1973: R. M. Metcalfe, “Packet communication,” MIT,
Cambridge, MA, Rep. MAC TR-114, July 1973.
3) 1977: N. Abramson, “The Throughput of Packet
Broadcasting Channels,” IEEE Trans. Commun., vol.
COM-25, no. 10, Jan 1977
4) 1985: N. Abramson, “Development of the
ALOAHANET,” IEEE Trans. Info. Theory., March 1985
IEEE Transactions on Information
Theory, March 1985

Development of the ALOHANET
ALOHA Project


Started In September 1968
Goal
 To build computer network in University of Hawaii.
 To investigate the use of radio communications as an
alternative to the telephone system for computer
communication.
 To determine those situations where radio
communications are preferable to conventional wire
communications
Problem
Limited Resource: Channel
 Intermittent operation typical of
interactive computer terminal don’t
need point-to-point channels. (FDMA or
TDMA)
 Spread Spectrum is not appropriate to
share the channel.

Approach

Packet Broadcasting Channels
 Each user transmits its packets over the
common broadcast channel.
 Key innovation of ALOHANET.
There are basically two types of ALOHA
systems
--Synchronized or slotted and
--Unsynchronized or unslotted
System Design

1968, they decided main approach (Packet
Broadcasting) for design simplicity.

Frequency Band: two 100KHz bandwidth channels at
407.350MHz and 413.475MHz.

TCU (Terminal Control Unit):
 Formatting of the ALOHA packets.
 Retransmission protocol.
 A Terminal attached TCU by means of RS232.
 Half duplex mode. (too expensive memory)
History

1971: start operation in University of Hawaii.

1971-72: build additional TCUs.

1972: connect to ARPANET using satellite channel. (56kbps)

1973: Metcalfe’s doctorial dissertation about packet broadcasting.

1973: PACNET, international satellite networks. (9600 bits/s)

1973 ~ : Many researches about “packet broadcasting”.

1976: slotted ALOHA.

1984: unslotted ALOHA in the UHF band by Motorola.
Strategic Theoretical Realities

An appreciation of the basic capacity of the channels and the matching
of that capacity to the information rate of the signals.



Deals with the problem of scaling for large system.


In data network, distinguish between the average data rate and
the burst data rate
Network design: to handle different kinds of signals from different
source.
Packet broadcasting channel is more scalable than point-to-point
channel or switching.
Theoretical analysis give good guide to design network, but the
converse also is true.
 The operation of a real network can be a valuable guide to the
selection of theoretical problems.
Packet Switching and Packet
Broadcasting



•
Packet switching can provide a powerful means of
sharing communication resources.
But it employ point-to-point channels and large
switches for routing.
By use of packet broadcasting
 Elimination of routing and switches.
 System simplicity
 Some channels are basically broadcast channel.
(satellite, ..)
Needs unified presentation of packet broadcasting
theory.
Packet Broadcasting Channel

Each user transmits packets over the
common broadcast channel completely
unsynchronized.

Loss due to the overlap.
How many users can share a channel?

Recovery of Lost Packets

Positive Acknowledgements.

Transponder Packet Broadcasting.

Carrier Sense Packet Broadcasting.

Packet Recovery Codes
ALOHA Systems and Protocols

We assume that the start time of packets/s that are
transmitted is a Poisson point process

An average rate of λ packets

Let Tp denote the time duration of a packet

The normalised channel traffic G is defined
G=λTp
It also called the offered channel traffic
ALOHA Capacity

Errors reduce the ALOHA Capacity
 Random noise errors
 Errors caused by packet overlap.
Statistical Analysis:
S: Channel Throughput
G: Channel Traffic
Throughput is maximum 1/2e
when channel traffic equals 0.5.
ALOHA Capacity

Meaning of the result
 ALOHA: 9600 bits/s
 Terminal: 5bits/s
9600 X 1/2e = about 1600 bits/s
 The channel can handle the traffic of over
300 active terminals and each terminal will
operate at a peak data rate 9600 bits/s

Slotted ALOHA Channel Capacity

Each user can start his packet only at
certain fixed instants.
Statistical Analysis
It increase the throughput
Mixed Data Rates




Unslotted ALOHA: Variable Packet Lengths
 = Long Packet Length/ Short Packet Length
G1 = Short Packet Traffic
G2 = Long Packet Traffic
Total channel throughput
can undergo a significant
decrease.
Slotted ALOHA: Variable Packet
Rates

Assume ALOHA used by n users with different channel traffic.
ALOHA

Meaning of the result
 In a lightly loaded slotted ALOHA channel,
a single user can transmit data at rates
above the limit 1/e.
: Excess Capacity.
 Important for the network consisting of
many interactive terminal users and small
number of users who send large but
infrequent files.
Question 1
In a pure ALOHA system, the channel bit
rate is 2400bits/s. Suppose that each
terminal transmits a 100-bit message every
minute on average.
i) Determine the maximum number of
terminals that can use the channel
ii) Repeat (i) if slotted ALOHA is used

Question 2
An alternative derivation for the
throughput in a pure ALOHA system
may be obtained from the relation
G=S+A, where A is the average
(normalised) rate of retransmission. Show that
A=G(1-e-2G ) and then solve for S.

Question 3

i)
ii)
Consider a pure ALOHA system that is
operating with a throughput S=0.1
and packets are generated with a
Poisson arrival rate λ. Determine:
The value of G
The average number of attempted
transmissions to send a packet.
Question 4

Consider a CSMA/CD system in which the
transmission rate on the bus is 10 Mτbits/s. The
bus is 2 Km and the propagation delay is 5 μs/Km.
Packets are 1000 bits long.
Determine:
i) The end-to-end delay d.
ii) The packet duration Tp
iii) The ratio d/Tp
iv) The maximum utilization of the bus and the maximum bit
rate.
MSc Telecommunications Questions
by Professor R. A. Carrasco
1.
Describe the evolution of the Internet and protocols for a communication network.
2.
Explain the concept of a hub, bridge, router and modem for local area networks.
3.
Explain the concept and protocols of Ethernet (IEEE 802.3), Token Bus (IEEE 820.4) and
Token Ring (IEEE 802.5)
4.
1
Describe how you can determine the utilisation for IEEE 802.3 and prove U  T 
tv (1  a(1  2k ))
5.
Give advantages and disadvantages of a wireless LAN
6.
Describe the criteria for LAN design
7.
Explain the architecture for IEEE 802.x, TCP/IP and ISO/OSI
8.
Describe the OSI and TCP/IP model
9.
Explain each feature of the IP datagram
10.
Explain the Internet classes and give an example of how to design an IP address for a network
11.
Explain the concept of ARP, RARP, DHCP and DNS
12.
Explain IPv4 and IPv6 and how they differ
13.
Explain TCP, TCP Client Ports, TCP Server Ports, Error Control, Flow Control and Congestion
Control
14.
Describe UDP
15.
Explain the concept of TCP sockets and what their relation is with the different socket classes
16.
Repeat for UDP
17.
Give advantages and disadvantages of Voice over IP (VoIP)
18.
Explain VoIP protocols and how they are related to each other
19.
Give an overview of the IEEE 802 and IEEE 802.11 working group
20.
Give an example of an IEEE 802.11 WLAN architecture and explain stations and access points
21.
Explain how to determine the channel utilisation expression to evaluate the performance of IEEE
802.11b
22.
Describe the concept of a fragment burst
23.
Make comparisons between WiMax, WLAN and Bluetooth
24.
For security in communication networks, describe private and public key cryptography for Internet
browsers.
25.
Why is the ALOHA project important in a broadcasting system?
26.
Explain how to determine the ALOHA capacity and channel throughput
Wireless LANs

Advantages
 Increased mobility of users
 Increased flexibility and fluidity,
including ad-hoc networks
 Instant networking
 Availability of LAN technology
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp.292-302.
Wireless LANs

Disadvantages
 Higher Cost
 Lower Performance
 Lower Reliability (Variable Channel
Characteristics)
 Multiple Standards
 Poor Inherent Security
LAN Design
IEEE 802.11 Wireless LAN
Draft Standard
Professor R. A. Carrasco
[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp.292-317.
Introduction

IEEE 802.11 Draft 5.0 is a draft standard for Wireless
Local Area Network (WLAN) communication.

This tutorial is intended to describe the relationship
between 802.11 and other LANs, and to describe some of
the details of its operation.

It is assumed that the audience is familiar with serial data
communications, the use of LANs and has some
knowledge of radios.
802.11 Data Frame
Bytes
2
Frame
Control
Bits
2
6
6
6
6
2
Duration Address 1 Address 2 Address 3 Seq Address 4
2
2
4
Version
Type
Subtype
1
1
1
To From
MF
DS DS
1
1
RePwr More W
try
O
1
1
1
0-2312
4
Data
Checksum
Frame Control
Contents










Glossary of 802.11 Wireless Terms
Overview
802.11 Media Access Control (MAC)
Frequency Hopping and Direct Sequence Spread Spectrum
Techniques
802.11 Physical Layer (PHY)
Security
Performance
Inter Access Point Protocol
Implementation Support
Raytheon Implementation
Glossary of 802.11 Wireless
Terms







Station (STA): A computer or device with a wireless network
interface.
Access Point (AP): Device used to bridge the wireless-wired
boundary, or to increase distance as a wireless packet repeater.
Ad Hoc Network: A temporary one made up of stations in mutual
range.
Infrastructure Network: One with one or more Access Points.
Channel: A radio frequency band, or Infrared, used for shared
communication.
Basic Service Set (BSS): A set of stations communicating wirelessly
on the same channel in the same area, Ad Hoc or Infrastructure.
Extended Service Set (ESS): A set BSSs and wired LANs with Access
Points that appear as a single logical BSS.
Glossary of 802.11 Wireless Terms,
cont.






BSSID & ESSID: Data fields identifying a stations BSS &
ESS.
Clear Channel Assessment (CCA): A station function used
to determine when it is OK to transmit.
Association: A function that maps a station to an Access
Point.
MAC Service Data Unit (MSDU): Data Frame passed
between user & MAC.
MAC Protocol Data Unit (MPDU): Data Frame passed
between MAC & PHY.
PLCP Packet (PLCP_PDU): Data Packet passed from
PHY to PHY over the Wireless Medium.
Overview, IEEE 802, and 802.11
Working Group

IEEE Project 802 charter:
 Local & Metropolitan Area Networks
 1Mb/s to 100Mb/s and higher
 2 lower layers of 7 Layer OSI Reference Model

IEEE 802.11 Working Group scope:
 Wireless connectivity for fixed, portable and moving
stations within a limited area
 Appear to higher layers (LLC) the same as existing 802
standards
 Transparent support of mobility (mobility across
router ports is being address by a higher layer
committee)
Overview, IEEE 802.11
Committee







Committee formed in 1990
 Wide attendance
Multiple Physical Layers
 Frequency Hopping Spread Spectrum
 Direct Sequence Spread Spectrum
 Infrared
2.4GHz Industrial, Scientific & Medical shared unlicensed band
 2.4 to 2.4835GHz with FCC transmitted power limits
2Mb/s & 1Mb/s data transfer
50 to 200 feet radius wireless coverage
Draft 5.0 Letter Ballot passed and forwarded to Sponsor Ballot
 Published Standard anticipated 1997
Next 802.11 - November 11-14, Vancouver, BC
 Chairman - Victor Hayes, [email protected]
Overview, 802.11 Architecture
ESS
Existing
Wired LAN
AP
STA
BSS
AP
STA
STA
BSS
STA
Infrastructure
Network
STA
Ad Hoc
Network
STA
BSS
BSS
STA
STA
Ad Hoc
Network
Overview, Wired vs. Wireless
LANs

802.3 (Ethernet) uses CSMA/CD, Carrier Sense
Multiple Access with 100% Collision Detect for
reliable data transfer

802.11 has CSMA/CA (Collision Avoidance)
 Large differences in signal strengths
 Collisions can only be inferred afterward
 Transmitters fail to get a response
 Receivers see corrupted data through a CRC
error
802.11 Media Access Control



Carrier Sense: Listen before talking
Handshaking to infer collisions
 DATA-ACK packets
Collision Avoidance
 RTS-CTS-DATA-ACK to request the medium
 Duration information in each packet
 Random Backoff after collision is determined
 Net Allocation Vector (NAV) to reserve
bandwidth
 Hidden Nodes use CTS duration information
802.11 Media Access Control,
cont.

Fragmentation
 Bit Error Rate (BER) goes up with distance and decreases
the probability of successfully transmitting long frames
 MSDUs given to MAC can be broken up into smaller
MPDUs given to PHY, each with a sequence number for
reassembly
 Can increase range by allowing operation at higher BER
 Lessens the impact of collisions
• Trade overhead for overhead of RTS-CTS
• Less impact from Hidden Nodes
802.11 Media Access Control,
cont



Beacons used convey network parameters such as
hop sequence
Probe Requests and Responses used to join a
network
Power Savings Mode
 Frames stored at Access Point or Stations for
sleeping Stations
 Traffic Indication Map (TIM) in Frames alerts
awaking Stations
802.11 Protocol Stack
Upper
Layers
Logical Link Control
Data
Link
Layer
MAC
Sublayer
802.11
Infrared
802.11
FHSS
802.11
DSSS
802.11a
OFDM
802.11b
HR-DSSS
802.11g
OFDM
Physical
Layer
Performance of IEEE802.11b
ttr
MAC Header
30 Bytes
CRC
4 Bytes
Data
MPDU
tcont
DIFS
Backoff
t pr
PLCP
Preamble
PLCP
Header
MPDU
10 sec
t pr
SIFS
PLCP
Preamble
t ack
Header
5 sec
Ack
14 Bytes
Performance of IEEE802.11b


Successful transmission of a signal frame
PLCP = physical layer convergence protocol
preamble
t pr  Header transmission time (varies according to the bit rate used by
the host
SIFS = 10 sec (Short Inter Frame Space) is the MAC
acknowledgement transmission time (10 sec if the selected
rate is 11Mb/sec, as the ACK length is 112 bits
Performance of IEEE802.11b

ttr
DIFS = 5 sec
= is the frame transmission time, when it transmits at 1Mb/s, the
long PLCP header is used and
t pr
=
192 sec
If it uses 2, 5.5 or 11 Mb/s, then
t pr
=
96 sec
(Short PLCP header)
Performance of IEEE802.11b

For bit rates greater than 1Mb/s and the frame size of
1500 Bytes of data (MPDU of total 1534 Bytes),
proportion p of the useful throughput measured above
the MAC layer will be:
Ttr
1500
P 

 0.70
T
1534

So, a signal host sending long frames over a 11Mb/s
radio channel will have a maximum useful
throughput of 7.74Mb/s
Performance of IEEE802.11b

If we neglect propagation time, the overall transmission
time is composed of the transmission time and a constant
overhead
T  ttr  tov
Where the constant overhead
tov  DIFS  t pr  SIFS  t pr  tack
Performance of IEEE802.11b

The overall frame transmission time experienced by a
single host when competing with N – 1 other hosts has
to be increased by time interval tcont that accounts for
the time spent in contention procedures
Performance of IEEE802.11b
So the overall transmission time
T ( N )  ttr  tov  tcont ( N )
1  Pc ( N ) CWmin
tcont ( N )  SLOT 

2N
2
Where
Pc (N )
is the propagation of collision experienced for each
packet successfully acknowledged at the MAC
Performance of IEEE802.11b

Consider how the situation in which N hosts of different
bit rate compete for the radio channel. N-1 hosts use the
high transmission rate R = 11Mb/s and one host transmits
at a degraded rate R = 5.5, 2, or 1Mb/s
Sd
Sd
Ttr 
or Ttr 
R
T
Where
Sd
is the data frame length in bits
Performance of IEEE802.11b

The MAC layer ACK frame is also sent at the rate
that depends on the host speed, thus we denote by
t ovR
Let
and
t ovT
the associated overhead time
T f be the overall transmission time for a “fast” host transmitting at
rate R
Sd
Tf  t 
 tcont
R
R
ov
Performance of IEEE802.11b

Similarly, let Ts be the corresponding time for a
“slow” host transmitting at rate T:
Sd
T
Ts  tov   tcont
T
We can express the channel utilization of the slow host as
Ts
Us 
( N  1)T f  Ts  Pc ( N )  t jam  N
where
t jam 
2
2
Ts  (1  )T f
N
N
Performance of IEEE802.11b

Study:
The UDP traffic &
TCP traffic.
Flows in IEEE 802.11 WLANs
Frequency Hopping and Direct
Sequence Spread Spectrum
Techniques
Spread Spectrum used to avoid interference from licensed and other

non-licensed users, and from noise, e.g., microwave ovens

Frequency Hopping (FHSS)
 Using one of 78 hop sequences, hop to a new 1MHz channel (out
of the total of 79 channels) at least every 400milliseconds
 Requires hop acquisition and synchronization
 Hops away from interference

Direct Sequence (DSSS)
 Using one of 11 overlapping channels, multiply the data by an 11bit number to spread the 1M-symbol/sec data over 11MHz
 Requires RF linearity over 11MHz
 Spreading yields processing gain at receiver
 Less immune to interference
802.11 Physical Layer

Preamble Sync, 16-bit Start Frame Delimiter, PLCP Header including 16-bit
Header CRC, MPDU, 32-bit CRC

FHSS
 2 & 4GFSK
 Data Whitening for Bias Suppression
 32/33 bit stuffing and block inversion
 7-bit LFSR scrambler
 80-bit Preamble Sync pattern
 32-bit Header

DSSS
 DBPSK & DQPSK
 Data Scrambling using 8-bit LFSR
 128-bit Preamble Sync pattern
 48-bit Header
802.11 Physical Layer, cont.

Antenna Diversity
 Multipath fading a signal can inhibit reception
 Multiple antennas can significantly minimize
 Spacial Separation of Orthoganality
 Choose Antenna during Preamble Sync pattern
 Presence of Preamble Sync pattern
 Presence of energy
• RSSI - Received Signal Strength Indication


Combination of both
Clear Channel Assessment
 Require reliable indication that channel is in use to defer
transmission
 Use same mechanisms as for Antenna Diversity
 Use NAV information
A Fragment Burst
Fragment Burst
A
B
C
D
Frag1
RTS
CTS
Frag2
ACK
NAV
NAV
Time
Frag3
ACK
ACK
Security

Authentication: A function that determines
whether a Station is allowed to participate
in network communication
 Open System (null authentication) &
Shared Key
 WEP - Wired Equivalent Privacy
• Encryption of data

ESSID offers casual separation of traffic
Performance, Theoretical Maximum
Throughput

Throughput numbers in Mbits/sec:


Assumes 100ms beacon interval, RTS, CTS used, no collision
Slide courtesy of Matt Fischer, AMD
1 Mbit/sec
DS
FH (400ms
2 Mbit/sec
MSDU size
(bytes)
128
DS
0.364
0.364
0.517
0.474
512
0.694
0.679
1.163
1.088
512
0.503
0.512
0.781
0.759
0.906
0.860
1.720
1.624
hop time)
FH (400ms
hop time)
(frag size = 128)
2304
Background for broadband
wireless technologies





UWB – Ultra Wide Band
 High speed wireless personal area network
Wi-Fi – Wireless fidelity
 Wireless technology for indoor environment (WLANS)

broader range that WPANs
WiMAX – Worldwide Interoperability for Microwave Access
 Wireless Metropolitan Area Networks (WMANs)
 For outdoor coverage in LOS and NLOS environment
 Fixed and Mobile standards
3G – Third generation
 Wireless Wide Area Networks (WMANs) are the broadest range wireless
networks
 High speed data transmission and greater voice capacity for mobile users
[1] A. S. TanenBaum, "Computer Networks,"
Education, 2003, pp.310-317.
Bluetooth Pearson
-
What is WiMax?



[1] A. S. TanenBaum, "Computer Networks,"
Pearson Education, 2003, pp.302-310.
WiMAX is an IEEE802.16/ETSI HiperMAN
based certificate for equipments fulfilling the
interoperability requirements set by WiMAX
Forum.
WiMAX Forum comprises of industry leaders
who are committed to the open interoperability of
all products used for broadband wireless access.
The technique or technology behind the standards
is often referred as WiMAX
What is WiMax?
Broadband is thus a Broadband Wireless
Access (BWA) technique
 WiMax offers fast broadband connections
over long distances
 The interpretability of different vendor’s
product is the most important factor when
comparing to the other techniques.

The IEEE 802.16 Standards



The IEEE 802.16 standards family
- broadband wireless wideband internet connection
- wider coverage than any wired or wireless connection
before
Wireless system have the capacity to address broad
geographic areas without the expensive wired
infrastructure
For example, a study made in University of Oulu state that
WiMax is clearly more cost effective solution for
providing broadband internet connection in Kainuu than
xDSL
The IEEE 802.16 Standards



The IEEE 802.16 standards family
- broadband wireless wideband internet connection
- wider coverage than any wired or wireless connection
before
Wireless system have the capacity to address broad
geographic areas without the expensive wired
infrastructure
For example, a study made in University of Oulu state that
WiMax is clearly more cost effective solution for
providing broadband internet connection in Kainuu than
xDSL
The IEEE 802.16 Standards



802.16, published in April 2002
- A set od air interfaces on a common MAC protocol
- Addresses frequencies 10 to 66 GHz
- Single carrier (SC) and only LOS
802.16a, published in January 2003
- A completed amendment that extends the physical layer to the 2 to 11 GHz
both licensed and lincensed-exempt frequencies
- SC, 256 point FFT OFDM and 2048 point FFT OFDMA
- LOS and NLOS
802.16-2004, published in July 2004
- Revises and replaces 802.16, 802.16a and 802.16 REVd.
- This announcements marks a significant milestone in the development of
future WiMax technology
- P802.16-2004/Corl published on 8.11.2005
IEEE 802.16: Broadband
Wireless MAN Standard
(WiMAX)
An 802.16 wireless service provides a communications path between a

subscriber site and a core network such as the public telephone
network and the Internet. This wireless broadband access standard
provides the missing link for the "last mile" connection in metropolitan
area networks where DSL, Cable and other broadband access methods
are not available or too expensive.
Comparison Overview of IEEE
802.16a
• IEEE 802.16 and WiMAX are designed as a complimentary technology to Wi-Fi and Bluetooth. The following
table provides a quick comparison of 802.16a with to 802.11b
Parameters
802.16a
(WiMax)
802.11
(WLAN)
802.15
(Bluetooth)
Frequency Band
2-11GHz
2.4GHz
Varies
Range
~31miles
~100meters
~10meters
Data transfer rate
70 Mbps
11 Mbps – 55
Mbps
20Kbps – 55
Mbps
Number of Users
Thousands
Dozens
Dozens
Protocol Structure -IEEE 802.16:
Standard (WiMAX)

IEEE 802.16 Protocol Architecture has 4 layers: Convergence, MAC,
Transmission and physical, which can be map to two OSI lowest
layers: physical and data link
Internet Security
Prof. R. A. Carrasco
School of Electrical, Electronic and Computer Engineering
University of Newcastle-upon-Tyne
Overview

Internet security is the practice of protecting and
preserving private resources and information on the
Internet.

Computer and network security are challenging topics
among executives and managers of computer corporations.

Together, network security and a well-implemented
security policy can provide a highly secure business
solution.
Introduction





Elements of Networking Security:
 Orange Book Security Levels & Firewalls
 Passwords
 Encryption, Authentication & Integrity
Developing a Site Security Policy
Violation Response
Other Security Resources
Conclusions
Elements of Networking Security:
Orange Book Security Levels & Firewalls


Understand the need & outline a security policy relevant to
any company.
 Each business has a different threshold of well-being,
different:
 assets/culture/technology infrastructure
 requirements for storing/sending/communicating
information
Many strong tools available to secure a computer network:
 Software applications, hardware products
 These alone do not comprise a security policy, but are
essential elements
Elements of Networking Security:
Orange Book Security Levels & Firewalls

Protection tools evolved over last 2 decades
 Protect network at many levels
 A well-guarded enterprise deploys many different
security measures
 Elements of security
 Physical Security: controlling access to most
sensitive components e.g network administration,
access to server room
 Operating System Security (OSS)
• Used in UNIX and Microsoft Windows NT
• C2 level: discretionary acces control file,
control-file, directory read and write permission,
and auditing and authentication controls.
Orange Book Security Levels
There are 7 levels of computer OSS in the
Trusted Computer Standards Evaluation
Criteria or Orange Book.
 Levels are used to evaluate protection for
hardware, software, and stored information.
 System is additive - higher ratings include
the functionality of the levels below.
 definition centres around access control,
authentication, auditing, and levels of trust

Orange Book Security Levels





D1: no security
C1: lowest level of security
 File and directory read & write controls and authentication, root is
insecure & auditing (system logging) is not available
C2 features an auditing function
 records all security-related events & provides stronger protection on
key system files, password file.
B-rated: multilevel security, such as secret, top secret, and mandatory
access control
 B2:every object & file is labelled, labels change dynamically
depending on what is being used.
 B3: includes system hardware, terminals connect using trusted paths &
specialised system hardware
A1: highest level of security
 Mathematically design verified
 large amounts of processing power & disk space.
Firewalls





In theory firewalls allow authorised communications between internal & external
networks
 Properly implemented, are very effective at keeping out unauthorised users &
stopping unwanted activities on an internal network.
Protect and facilitate network at a number of levels
 allow e-mail, file transfer protocol (FTP) & remote login as desired, whilst
limiting access to the internal network.
Provide authorisation mechanism
 assures only specified users or applications can gain access
 address translation: masks name & address of a machine
 e.g. messages for anyone in technical support department have their
address translated to [email protected].
 encryption and virtual private network (VPN) capabilities.
Deployed in a network to segregate different servers & networks
 controlling access within the network
 e.g. separating the accounting and payroll server from the rest of the network to
allow certain individuals to access the information.
Performance degradation: as a system is busy checking/rerouting data packets,
latency is increased.
Elements of Networking Security:
Passwords


Password Mechanisms
 identify and authenticate users as they access a computer system
 A password can be compromised:
 Eavesdroppers can listen for a username password & gain access over a
public network
 A potential intruder can attack the access gateway, entering an entire
dictionary of words (or license plates or any other list) against a password
field.
 Users may loan their password to a co-worker or inadvertently leave out a
list of system passwords
Password technologies & tools to make a network more secure.
 Useful in ad hoc remote access situations,
 one-time password generation assumes that a password will be compromised.
 Before leaving the internal network, a list of passwords that will work only one
time against a given username is generated.
 When logging into the system remotely, a password is used once and then will
no longer be valid.
Elements of Networking Security:
Passwords


Password Aging & Policy Enforcement
 users required to create new passwords every so often
 passwords must be a minimum number of characters
and a mix of letters & numbers
 Smart cards provide extremely secure password
protection
 Unique passwords, based on a challenge-response
scheme, are created on a small credit-card device
 The password is then entered as part of the log-on
process and validated against a password server, which
logs all access to the system
Expensive to implement.
Elements of Networking Security:
Passwords




Single sign-on overcomes the ultimate irony in system security:
 as a user gains more passwords, these become less secure, not
more, and the system opens itself up for unauthorised access.
Many company computer networks require users to have different
passwords to access different parts of the system
 As users acquire more passwords (some have more than 50) they
cannot help but write them down or create easy-to-remember
passwords.
A single sign-on system is a centralised access control list which
determines who is authorised to access different areas of the computer
network & a mechanism for providing the expected password
A user need only remember a single password to sign onto the system.
Elements of Networking Security:
Good password procedures









Do not use your login name in any form (as is, reversed, capitalised,
doubled, etc.).
Do not use your first, middle, or last name in any form or use your
spouse’s or children’s names.
Do not use other information easily obtained about you. This includes
license plate numbers, telephone numbers, social security numbers, the
make of your automobile, the name of the street you live on, etc.
Do not use a password of all digits or all the same letter.
Do not use a word contained in English or foreign language
dictionaries, spelling lists, or other lists of words.
Do not use a password shorter than six characters.
Do use a password with mixed-case alphabetics.
Do use a password with non-alphabetic characters (digits or
punctuation).
Do use a password that is easy to remember, so you don’t have to write
it down.
Elements of Networking Security:
Encryption, Authentication & Integrity


ecrypio
 the coding of data through an algorithm or transform table into
apparently unintelligible garbage
 used on both data stored on a server or as data is communicated
through a network
 a method of ensuring privacy of data and that only intended users
may view the information
Many forms:
 The digital encryption standard (DES) has been endorsed by the
National Institute of Standards and Technology (NIST) since 1975
and is the most readily available encryption standard. One major
drawback with DES is that it is subject to U. S. export control;
programs that deploy DES technology are generally not available
for export from the United States.
Elements of Networking Security:
Encryption, Authentication & Integrity


Rivest, Shamir, and Adleman (RSA) encryption is a public-key
encryption system, is patented technology in the United States, and
thus is not available without a license.
 the DES algorithm was published before the patent filing, and
RSA encryption may be used in Europe and Asia without a
royalty.
 growing in popularity
 considered quite secure from brute force attacks.
Emerging encryption mechanism is pretty good privacy (PGP)
 allows users to encrypt information stored on their system as
well as to send and receive encrypted e-mail
 provides tools and utilities for creating, certifying, and
managing keys
 PGP should not be confused with privacy enhanced mail
(PEM), a protocol standard.
Elements of Networking Security:
Encryption, Authentication & Integrity





Encryption mechanisms rely on keys or passwords
The longer the password, the more difficult the encryption is to break
DES relies on a 56-bit key length, and some mechanisms have keys
that are hundreds of bits long
There are two kinds of encryption mechanisms used - private key and
public key
 Private-key: the same key is used to encode and decode the data
 Public-key: one key is used to encode the data and another to
decode it
 Named after a unique property of this type of encryption
mechanism: one of the keys can be public without
compromising the privacy of the message or the other key.
 A trusted recipient, or a remote office network gateway, keeps
a private key to decode data as it comes from the main office
VPNs employ encryption to provide secure transmissions over public
networks such as the Internet.
Elements of Networking Security:
Encryption, Authentication & Integrity



Authentication is making sure users are who they say they are
Integrity is knowing that the data sent has not been altered along the
way
 Of course, a message modified in any way would be highly
suspect and should be completely discounted.
 Digital signatures used to maintain message integrity
 performs both an authentication and message integrity function
a block of data at the end of a message that verifies to the authenticity
of the file.
 If any change is made to the file, the signature will not verify
 Available in PGP and when using RSA encryption.
 Kerberos: an add-on system used with any existing network.
 validates a user through its authentication system and uses
DES when communicating sensitive information
Developing a Site Security Policy




Rule 1: that which is not expressly permitted is prohibited
A security policy should deny access to all network resources and then
add back access on a specific basis
Goal: define the organisation's expectations for proper computer &
network use & to define procedures to prevent and respond to security
incidents
Specific aspects of the organisation must be considered & agreed upon
by the policy-making group
 A military base may have very different security concerns from
those of a university
 Even departments within the same organisation will have different
requirements
Developing a Site Security Policy





Who will make the network site security policy???
 joint effort by a representative group of decision-makers, technical
personnel, and day-to-day users from different levels within the
organization.
 Decision-makers: power to enforce the policy
 Technical personnel: advise on the ramifications of the policy
 Day-to-day users: have a say in how usable the policy is.
A site security policy that is unusable, un-implementable, or unenforceable
is worthless.
Developing a security policy comprises
 identifying the organisational assets
 identifying the threats
 assessing the risk
 implementing the tools and technologies available to meet the risks
 developing a usage policy.
Auditing procedure: reviews network and server usage
Policy should be communicated to everyone who uses the computer
network.
Developing a Site Security
Policy:
Identifying organisational assets

Create a list of things to be protected, which is easily & regularly
updated:
 Hardware - CPUs, boards, keyboards, terminals, workstations,
personal computers, printers, disk drives, communication lines,
terminal servers, routers
 Software - source programs, object programs, utilities, diagnostic
programs, operating systems, communication programs
 Data - during execution, stored on-line, archived off-line, backups,
audit logs, databases, in transit over communication media
 Documentation - on programs, hardware, systems, and local
administrative procedures
Developing a Site Security
Policy:Assessing the risk




The loss from people within the organisation is significantly greater
than that from intruders.
Risk analysis: what must be protected, from what it must be protected,
and how to protect it. Possible risks to a network include the following:
 unauthorised access
 unavailable service, corruption of data, or a slowdown due to a
virus
 disclosure of sensitive information, especially that which gives
someone else a particular advantage, or theft of information such
as credit card information
Weight the risk against the importance of the resource
 allows site policy makers to determine how much effort should be
spent protecting the resource.
Security analysis tool for auditing networks (SATAN): a tool that
hackers use in order to find system weaknesses.
 Discover weaknesses before the fact, protective action
implemented to fend off certain attacks.
Developing a Site Security
Policy:
Auditing & review


To determine if there is a violation of a security policy:
 use tools that are included in computers and networks
 Most operating systems store numerous bits of information in log files:
 Examine log files on a regular basis
 Compare lists of currently logged in users and histories
 Users typically log in & out at the same time each day. An account logged
in outside the normal time may be being used by an intruder.
Accounting records can be used to determine usage patterns
 unusual accounting records
 UNIX "syslog" utility: checked for unusual error messages from system
software
 A large number of failed login attempts in a short period of time may
indicate someone trying to guess passwords.
 Operating system commands that list currently executing processes can be
used to detect users running programs they are not authorised to use, as
well as to detect unauthorized programs that have been started by an
intruder.
Violation Response



Planning responses for different violation scenarios
Define actions based on the type of violation and have solutions ready
based on the anticipated kind of user violating the computer security
policy.
Answers to the following questions should be a part of a company's
site security plan:
 What outside agencies should be contacted, by whom?
 Who may talk to the press?
 When to contact law enforcement and investigative agencies?
 If a connection is made from a remote site, is the system manager
authorised to contact that site?
 What are our responsibilities to our neighbours and other Internet
sites? Whenever a site suffers an incident that may compromise
computer security, the strategies for reacting may be influenced by
two opposing pressures.
Violation Response

There are two different strategies: Protect & Proceed or
Pursue & Prosecute.
 Protect & Proceed – used if a site is vulnerable
 Protects & preserves site facilities
 Provide normality to users as quickly as possible
 Attempt to interfere with intruder’s processes,
prevent further access & begin immediate damage
assessment & recovery.
 Shuts down facilities, closes off access to network.
 Unless intruders are identified, they can revisit the
site via a different path.
 Pursue & Prosecute - opposite philosophy
Violation Response:
Protect & proceed

if assets are not well protected

if continued penetration could result in great financial risk

if there is no possibility or willingness to prosecute

if user base is unknown

if users are unsophisticated and their work is vulnerable

if the site is vulnerable to lawsuits from users, e.g., if their resources
are undermined
Violation Response:
Pursue & prosecute








if assets and systems are well protected
if good backups are available
if the risk to the assets is outweighed by the disruption caused by
the present and potential future penetrations
if this is a concentrated attack occurring with great frequency and
intensity
if the site has a natural attraction to intruders and consequently
regularly attracts intruders
if the site is willing to incur the financial (or other) risk to assets by
allowing the perpetrator to continue
if intruder access can be controlled
if the monitoring tools are sufficiently well developed to make the
pursuit worthwhile
Violation Response:
Pursue & prosecute






if the support staff is sufficiently clever and knowledgeable about the
operating system, related utilities, and systems to make the pursuit
worthwhile
if management is willing to prosecute
if the system administrators know what kind of evidence would lead to
prosecution
if there is established contact with knowledgeable law enforcement
if there is a site representative versed in the relevant legal issues
if the site is prepared for possible legal action from its own users if
their data or systems become compromised during the pursuit
Violation Response:
Capturing lessons learned

Once you believe that a system has been restored to a safe
state:
 possibility that holes and even traps could be lurking
 system should be monitored for items that may have
been missed during the clean-up stage.
 It would be prudent to utilise some of the tools
previously mentioned
 These tools do not replace continual system monitoring
and good systems administration procedures
 A security log can be most valuable during this phase of
removing vulnerabilities.
Violation Response:
Capturing lessons learned


There are two considerations here, keep logs of:
 Procedures that have been used to make the system
secure again. This should include command procedures
(e.g., shell scripts) that can be run on a periodic basis to
recheck the security.
 Important system events. These can be referenced when
trying to determine the extent of the damage of a given
incident.
Write a report after an incident
 describing the incident
 method of discovery
 correction procedure
 monitoring procedure
 a summary of lessons learned
Other Security Resources


Books
 Chapman, D. Brent and Elizabeth D. Zwicky. Building Internet Firewalls.
O'Reilly and Associates, Inc., 1995.
 Garfinkel, Simson. PGP—Pretty Good Privacy. O'Reilly and Associates,
Inc., 1995.
 Garfinkel, Simson and Gene Spafford. Practical UNIX Security. O'Reilly
and Associates, Inc., 1991.
 Siyan, Karanjit and Chris Hare. Internet Firewalls and Network Security.
New Riders Publishing, 1995.
 Vacca, John. Internet Security Secrets. IDG Books, 1996.
Security newsgroups & mailing lists available on the USENET news system:
 comp.security.announce
 comp.security.misc
 comp.security.unix
alt.security
misc.security

Other Security Resources



The Bugtraq list discusses security holes & software bugs
 To subscribe, send e-mail to [email protected]. In the
body of the message include the following line: subscribe bugtraqlist firstname lastname.
Computer Emergency Response Team (CERT) is an organisation that
helps Internet users identify and rectify damage done to their system
by hackers and crackers.
 To subscribe to the CERT advisory mailing list, send e-mail to
[email protected] and put the following in the body of
the message: subscribe cert firstname lastname.
CERT also maintains a CERT–TOOLS list for the purpose of
exchanging information on tools and techniques that increase the
secure operation of Internet systems.
 To subscribe, send e-mail to [email protected]
and put the following in the body of the message: subscribe certtools firstname lastname.
Glossary












CERT: computer emergency response team
CPU: central processing unit
DES: digital encryption standard
DOD: U.S. Department of Defence
FTP: file transfer protocol
NIST: National Institute of Standards and Technology
OSS: operating system security
PEM: privacy enhanced mail
PGP: pretty good privacy
RFC: request for comment
SATAN: security analysis tool for auditing networks
VPN: virtual private network