------------------ Term Test #1 - 20% - Answers ------------------ -Ian! D. Allen - idallen@idallen.ca CST8165 - Ian Allen - Fall 2006 -1- 50 minutes Test #1 - Points: 50 (20 of 20%) Read both sides! Closed book. No aids. No electronic devices. 1. [Points: 1] When two systems attempt simultaneous TCP connections with each other, they end up with one single TCP stream: TRUE 2. [Points: 1] The single 32-bit TCP header Acknowledgement number is not large enough to allow selective acknowledgement of packets, e.g. I got packets 1, 2, and 4 (but not 3): TRUE 3. [Points: 1] The IP packet header contains IP addresses and port numbers: FALSE 4. [Points: 1] When reading the ABNF rules given in RFC documents, quoted strings (e.g. "abc") are not case-sensitive: TRUE 5. [Points: 1] Correct this code: saddr.sin_port=portno; saddr.sin_port=htons(portno); 6. [Points: 1] What interior/internal routing protocol is replacing the old RIP protocol? OSPF 7. [Points: 1] What type of IP protocol does DNS use (most of the time)? UDP 8. [Points: 1] Why aren't the source and destination IP addresses given in the TCP/UDP header? The IP header already has them. 9. [Points: 1] In which file name does Unix/Linux keep a list that translates between TCP/UDP port names and numbers? /etc/services 10. [Points: 2] What are the arguments and purpose of the FD_ISSET() macro? FD_ISSET(fd,bitlist) used with select() to see if a file descriptor bit is set, indicating data waiting 11. [Points: 2] Which organization is delegated to register and manage IP addresses only in North America? Give the the full name: American Registry for Internet Numbers (ARIN) 12. [Points: 2] Give two reasons why IP packet fragmentation should be avoided. http://teaching.idallen.com/cst8165/06f/notes/week05notes.txt 13. [Points: 2] How and why does a SYN-flood attack work? http://teaching.idallen.com/cst8165/06f/notes/week04notes.txt - send many SYN packets with bogus source address - fills up connection queues with half-open connections - nobody else can connect until time-out 14. [Points: 2] Name two functions of ICMP on the Internet. http://www.freesoft.org/CIE/Topics/81.htm 15. [Points: 2] What is the content and purpose of the TCP and UDP "pseudo-header"? (Why is it necessary?) - contains IP source addr, dest addr, protocol, checksum - used by receiver to verify that received IP packet headers are still correct (match what sender used) 16. [Points: 3] What is the next sub-net address above: 10.1.1.128/25? 25 bits leaves 7 bits for host; bottom-most network bit is top bit of rightmost byte (128); adding one to this overflows into next quad: 10.1.2.0/25 17. [Points: 3] Outline the TCP flags used in the basic TCP three-way handshake. Clearly indicate which is server and which is client. cli sends SYN; server replies SYN+ACK; cli replies ACK 18. [Points: 3] Describe exactly how traceroute discovers the route a packet takes. - sets TTL to 1, sends packet; packet times out at first hop and returns an ICMP message telling where. Repeat for increasing TTL values to get next hops. 19. [Points: 4] Give any two of the three RFC1918 private address space blocks and masks. 10/8 172.16/12 192.168/16 20. [Points: 5] List in execution order the four major Unix/Linux network system call function names used in a TCP server (e.g. any of your servers): socket, bind, listen, accept 21. [Points: 5] Name and number the four TCP/IP network stack layers. http://teaching.idallen.com/cst8165/06f/notes/week04notes.txt 22. [Points: 6] TCP/UDP port numbers are divided into named ranges. Name each range and give the port start and end values of the range. http://www.iana.org/assignments/port-numbers