For each layout, indicate whether it would be a possible topology for a token ring based network, an Ethernet or both.
- complete routes to every machine in the Internet,
- the IP address of the every other router in the Internet,
- the first step in a route to every other sub-network of the Internet,
- the ethernet addresses of all of the machines on the networks to which the router is directly attached, or
- the IP address of a domain name server.
- Internet routers sometimes deliberately discard packets rather than forwarding them to their destinations.
- In a public key cryptography system it is possible for many individuals who do not trust one another to use the same key to encrypt messages.
- In an Ethernet, after sensing a collision a station will attempt to transmit again as soon as it detects that the network is idle.
- The Vigenere cipher is an example of a public key cryptosystem.
- Packet switching is more like message switching than circuit switching.
- The timeouts used in a retransmission scheme must be carefully adjusted to avoid causing network congestion.
- Modern cryptographic techniques have eliminated the security flaws that allowed Morris' Internet worm to gain unauthorized access to thousands of computers on the Internet.
- Parity bits are useful because they can detect the most commonly occurring errors on networks -- errors that damage only a single bit.
<FORM ACTION="http://www.cs.williams.edu/cgi-bin/select-year"> Please indicate your year: <UL> <INPUT TYPE=RADIO NAME=YEAR VALUE=senior > 99 </INPUT> <INPUT TYPE=RADIO NAME=YEAR VALUE=junior > 00 </INPUT> <INPUT TYPE=RADIO NAME=YEAR VALUE=sophomore > 01 </INPUT> <INPUT TYPE=RADIO NAME=YEAR VALUE=frosh > 02 </INPUT> </LI> <INPUT TYPE=SUBMIT> </FORM>
<TABLE> <TH>Season</TH><TH>Tourists</TH> <TR> <TD><FONT COLOR=00FF00><EM>Fall </FONT></EM> </TD> <TD> Peepers </TD> </TR> <TR> <TD><FONT COLOR=0000FF><EM>Spring </FONT></EM> </TD> <TD> Prospectives </TD> </TR> <TR> <TD><FONT COLOR=FF0000><EM>Summer </FONT></EM> </TD> <TD> Theater </TD> </TR> <TR> <TD><FONT COLOR=FFFFFF><EM>Winter </FONT></EM> </TD> <TD> Skiers </TD> </TR> </TABLE>
So that you don't get a bad impression of routers, I should have pointed out that routers can also play an important role in ensuring security and privacy for network users. The administrators of a router (e.g. the staff in Jesup) can configure a router to be rather picky about which messages it will forward. For example, a router might be told not to forward any message to or from a particular machine on a network that stores sensitive information (e.g. the campus router might be told not to forward messages to or from the machine holding student academic records) to protect that machines from unauthorized attempts to access the data it holds. When used in this way the router is called a packet filter or "Firewall."
While a router functioning as a firewall could look at any part of an IP packet passing through, to keep things simple most such routers limit the information they use to decide whether each packet gets routed in the normal manner or discarded as a "violation." In particular, it is typical to only look at standard fields from the headers of the packets processed including:
| - IP source and destination addresses | - packet length |
| - TCP source and destination port numbers | - TCP sequence numbers |
Assuming only these fields can be used to decide how to handle a packet, indicate whether it would be possible to enforce each of the following access restrictions using a firewall. In each case, the firewall should enforce no more than the given restriction. Otherwise, the problem would be trivial (you could enforce any restriction by discarding all packets).
If you think the restriction is enforceable, indicate which packet header fields the firewall would have to check. If not, BRIEFLY indicate why.
- Prevent any machine on the Amherst network from communicating with any machine on the Williams network through the Internet.
- Prevent a particular Williams student (Kate?) from sending email off campus.
- Prevent machines in public labs and student rooms from accessing an on-campus machine used to store academic records.
- Limit machines that are off campus from accessing some machine on the Williams campus (wso.williams.edu?) as anything but a web server (i.e. don't allow machines off campus to even try to log in to the machine using Telnet or send mail to the machine, etc.).
To clarify the issue of trust, I'd like you to indicate which of the following things we must "trust" the certifying authority to do if we want to be sure we can communicate privately with anyone who has registered with a certifying authority we "trust."
Recall that when an individual or organization registers with a certifying authority it provides the certifying authority with "personal information" establishing its identity and it public encryption key.
Answer "yes" or "no" to each question below. You may provide a brief explanation.
Must you trust the certifying authority to:
- Ensure that it keeps the "personal information" provided by those who have registered private?
- Keep the keys provided by those who register private?
- Keep its own encryption key private?
- Remain available on the network at all time so that it can be contacted when sites wish to begin communicating?
import java.awt.*;
import javaTools.*;
public class Pong extends AppletTemplate {
double x,y,xspeed,yspeed;
int paddleX;
public void begin() {
x = 100;
y = 5;
xspeed =2.5;
yspeed =4;
paddleX = 100;
}
public void mouseMove(int x, int y) {
paddleX = x;
}
public void mouseDown() {
y = 5;
yspeed = 4;
}
public void animate() {
pen.clearRect();
x = x + xspeed;
y = y + yspeed;
if (x > 200 ) { xspeed = - xspeed; }
if ( x < 0) { xspeed = - xspeed ; }
if (y < 0 ) { yspeed = -yspeed; }
if (y > 195) {
if (x > paddleX-10 && x < paddleX+10 ) {
yspeed = - yspeed;
} else {
y = 250;
yspeed = 0;
}
}
pen.fillOval(x,y,6,6);
pen.frameRect(paddleX-10,195,20,5);
}
}
- How (if at all) would the behavior of the applet change if
the line:
were deleted from the animate method. Be brief but precise in your description.if (y < 0 ) { yspeed = -yspeed; } - How (if at all) would the behavior of the applet change if
the last line of the animate method were replaced by the line:
pen.frameRect(x-10,195,20,5); - Suppose that to make the pong game a bit harder you decided that instead of having the ball's speed remain constant it should increase a little bit each time it hit the paddle. Show on the copy of the applet found on the preceding page how you would modify the applet so that the ball sped up by 5% each time it hit the paddle.
- Assume that
the following table represents a data value encoded
using a two dimensional parity code which has been damaged
by a transmission error that altered one bit of the message.
Determine which bit was damaged. (You may assume that the
original message contained 16 bits and that the 9 bits
in the last column and last row were added to ensure
that each row and column had odd parity.)
0 1 1 0 1 0 1 0 1 1 0 1 0 0 0 1 1 1 0 0 1 1 1 0 1 - If a single parity bit is used, any two-bit error will be undetectable. With two dimensional parity bits as in part (a), all two bit error are detectable (although you can't tell exactly which bit is damaged). Using a two-dimensional parity code, what is the smallest number of bits that must be damaged to produce an error that the code can not detect. Show an example to justify your answer.
In yet another homework problem, you considered the possibility of using sequence numbers that are only one bit long. In that assignment, you showed that it was not safe to have two packets outstanding at the same time if such a small range of sequence numbers is used. It turns out that it is a safe to communicate using only one bit sequence numbers if you never send the next message until the previous message has been acknowledged. This technique is called the "stop and wait" protocol and has actually been employed in widely used network software (have you ever heard of a file transfer program called "Kermit"). The "wait" part of this protocol refers to the fact that a computer has to wait until one message is acknowledged before sending the next message. This waiting reduces efficiency.
So, assume that S is the size of the messages begin sent, R the transmission rate (in bits per second, so S/R is the time required to transmit a message), A is the size of an acknowledgement in bits, and finally that T is the time it takes a message or acknowledgement to travel from the sender to the destination (or back again). Using these symbols, write a formula for the maximum efficiency with which messages can be sent from the sender to the receiver. Recall that we defined the efficiency as the time required to actually send the bits of a message divided by the total time devoted to the transmission of the message. In this case the total time will be the time from the beginning of the transmission of one message to the beginning of the transmission of the next message.
In your work, assume that no messages or acknowledgements actually ever get lost.