CST311 - week 4

 

CST311 – Intro to Computer Networks 

We are halfway into this course, and the focus is on network security this week. As usual, the subject of network security covers a variety of fundamental concepts related to data security transmission and safe storage. Securing data communication aims to maintain confidentiality, data integrity, availability, and authentication. Several cryptographic techniques are used to achieve confidentiality by encrypting the transmitted message, making it impossible for the interceptor to decode it. The reliable transport and data link protocol is used for message integrity to ensure senders and recipients are communicating with each other with confidence. Message authentication codes (MACs) and digital signatures are two distinct methods that provide message integrity.

At a high level, the idea of cryptography is to mask the sender's original message to a recipient and reserve a method for the intended receiver(s) to recover the data. For example, a sender uses an encryption algorithm on a raw message called plaintext to produce ciphertext. On the other hand, a receiver will use decryption algorithm to recover the plaintext. One of the oldest techniques is the use of a symmetric key to encrypt and decrypt. However, sharing such a key poses logistics and even more security risk among participants. A public key partially solves these challenges by allowing senders to freely encrypt the message. A private key is only known to the recipients and must allow the decryption of the message. The RSA algorithm is a widely used public-key cryptographic algorithm, a mathematical concept built on modulus. Additionally, Cryptographic hash function and digital signatures secure email communication by authenticating users and warranting integrity.

CST311 - week 3

 

CST311 – Intro to Computer Networks 

We are reviewing the second layer of the top-down approach this week. The transport layer is responsible for communication between end systems. The layer is implemented entirely on the end systems, not the network routers. Messages of an application are sent in segments called packets before being passed to the network layer for encapsulation in the datagram. Application developers choose between distinct types of transport-layer protocols based on use cases. The UDP protocol provides unreliable, connectionless service, while the TCP protocol offers a reliable connection-oriented service. The transport-layer multiplexing and demultiplexing extend the end-to-end service delivery to running processes on the application TCP or UDP sockets. In UDP multiplexing and demultiplexing, the destination port determines which socket receives the segments, and the source port is used as a return address in an inversion manner. On the other hand, the connection-oriented TCP is identified by four tuples: source IP address, source port number, destination IP address, and destination port number.

We also reviewed the UDP checksum mechanism, which determines if the segment was modified during transmission. A UDP segment structure consists of the source port, destination port, segment length (header included), checksum, and application message. Additionally, we examined the TCP segment structure, which provides a reliable connection between hosts.

The sequence number and acknowledgment number are the fields in the TCP header used between sender and receiver to ensure service reliability. For example, the receiver host will drop segments that have already been transmitted once if the sequence number matches a previous one. Another scenario is dropping one of two retransmitted segments if an acknowledgment for the second segment in the original phase is received. Finally, we have looked into TCP connection management and congestion control.

 

 

 

CST311 - Week 2

 

CST311 – Intro to Computer Networks 

In the second week of the introduction to computer networks, we reviewed the application concept as the top layer. As we learned from week 1, routers and switches handle the packet transfers by forwarding and routing across the network. The core network deals with the lower layers; therefore, the creation of network applications does not require programming the network devices. We also reviewed the HTTP or the Hypertext Transfer Protocol by examining the request and response behavior. The two types of HTTP connections are non-persistent, where requests and responses are sent over separate TCP.  On the other hand, the persistent connection is developed to send the requests along with the corresponding responses on the one open TCP connection.

The Wireshark lab was very helpful and important in diving into the details of an HTTP GET and the HTTP response message with status code and phrase. Although HTTP messages are written in ASCII text, the examples provided in the labs require careful attention to examine header, request, and status lines.  

Another important application-layer protocol is the SMTP or the Simple Mail Transfer. TCP over port 25 provides reliable and error-checked delivery of messages between servers, which is necessary for ensuring that emails are delivered accurately. Internet Mail Access Protocol (IMAP) or POP3, and http provides users access to email via mail clients. Sending and receiving emails is implemented in the client-server model – the sender server is the client, and the receiver server is the server.

DNS or Domain Name System provides an essential service to network users and devices that allows the translation from IP addresses to names and vice versa. The protocol mainly uses UDP port 53 for sending and receiving and TCP for exceptional cases. DNS requests are queried using a distributed database hierarchy of different types of servers, such as Root DNS servers, Top-Level Domain servers, and Authoritative DNS servers.

Finally, we reviewed the difference between client-server and P2P architecture and briefly reviewed BitTorrent methods of distributing data among peers.

CST311 - Week 1

 

CST311 – Intro to Computer Networks 

In the first week of CST 311 Introduction to Computer Networks, we are introduced to fundamental concepts of network. The first module focuses on introducing the Internet as a network of networks illustrated with examples. We also discussed the Internet protocol stack layers: application layer, transport layer, network layer, link layer, and physical layer.

It was important to start by defining packets as the pre-packaged segment of data transmitted from a source to a destination. A packet is traversed over a route or path using packet switches like routers or link-layer switches. ISPs (Internet Service Providers) deliver the Internet to commercial and residential users using various types of access and physical infrastructure.

The sending and receiving of data packets rely on network protocols that determine the communication standards for network components. The main purpose of the network protocol is to format and arrange the order of data exchanged between devices or any network object for transmission or acknowledgment and receipt. Packet switches use store-and-forward to receive the entire packet first before forwarding any of the received bits to the link. Circuit switching is another method to move data over the link, however, this approach requires reserving the resources like the buffer, bandwidth, and path. Unlike packet switching, the communication network in circuit switching must reserve the transaction rate at a fixed link, making this approach less efficient. An advantage of Circuit switching is the guarantee of delivering data without loss of packets or delays. QoS and tight security make circuit switching more attractive, but it comes at a cost. In the past, many companies, including the ones I worked for, ran circuit-switching voice ISDN to host PBX. Today, fewer and fewer companies depend on circuit switching for their voice needs.

We also explored the delay, loss, and throughput concepts. These are important network constraints found between systems. The common types of network delays we encounter are nodal processing, queuing, transmission, and propagation delays. A processing delay consist of the time needed to inspect the packet header and correct any error if necessary. The queuing delay occurs when the packet waits for the full transmission of other packets in the router. The transmission delay is the time required for a packet to be transmitted expressed in L/R where L is the packet bits, and R is the link transmission rate measured in bits per second. On the other hand, a propagation delay is the time needed for the bit propagation at the start of a link to the destination. The propagation delay is expressed by d/s, where d is the physical distance between the source and destination, and s is the propagation speed. An end-to-end delay is calculated as the sum of delays at each node. Throughput is a very important concept for capacity planning, troubleshooting, and initial network design – not the same as bandwidth (usually the ISP sold rate). It measures the real-time performance of a network by measuring the rate at which the data is transmitted. One item to watch for when designing a network is to choose the right hardware specification that handles the appropriate traffic in an enterprise environment.

Example of hardware datasheet that list hardware specification for branch office, Cisco Meraki MX67