Warning: foreach() argument must be of type array|object, bool given in /var/www/html/web/app/themes/studypress-core-theme/template-parts/header/mobile-offcanvas.php on line 20

If a UDP datagram is sent from host A, port P to host B, port Q, but at host B there is no process listening to port Q, then B is to send back an ICMP Port Unreachable message to A. Like all ICMP messages, this is addressed to A as a whole, not to port P on A. (a) Give an example of when an application might want to receive such ICMP messages. (b) Find out what an application has to do, on the operating system of your choice, to receive such messages. (c) Why might it not be a good idea to send such messages directly back to the originating port P on A ?

Short Answer

Expert verified
A network discovery tool might use ICMP messages. Applications use raw sockets to capture them. Sending messages to the originating port can cause confusion and security risks.

Step by step solution

01

Understanding ICMP Port Unreachable Message

An ICMP Port Unreachable message is sent when a datagram is received on a host but no application is listening on the specified port. This message informs the sender that the intended port cannot be accessed.
02

Example Usage of ICMP Messages

An application might want to receive ICMP Port Unreachable messages for network diagnostics. For example, a network discovery tool might use these messages to identify which ports are open or closed on a remote host.
03

Receiving ICMP Messages on a Specific Operating System

To receive ICMP messages, an application typically needs to access raw sockets and capture the ICMP packets. On a Unix-based system, this can be done using sockets of the type 'SOCK_RAW' and setting the appropriate protocol, usually IPPROTO_ICMP. Administrative privileges are usually required to create and manage raw sockets.
04

Reason for Not Sending Messages to the Originating Port

Sending ICMP Port Unreachable messages directly back to the originating port might not be a good idea because the originating port may not be configured to handle ICMP messages. This can cause confusion for the application and potential security risks as it could reveal the internal network structure.

Unlock Step-by-Step Solutions & Ace Your Exams!

  • Full Textbook Solutions

    Get detailed explanations and key concepts

  • Unlimited Al creation

    Al flashcards, explanations, exams and more...

  • Ads-free access

    To over 500 millions flashcards

  • Money-back guarantee

    We refund you if you fail your exam.

Over 30 million students worldwide already upgrade their learning with Vaia!

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

network diagnostics
Network diagnostics is essential for maintaining the health and performance of a network. Tools and techniques used for diagnostics help identify, analyze, and resolve network issues.
ICMP messages, such as Port Unreachable, are particularly useful in network diagnostics. They help in pinpointing the exact nature of a problem. For instance, an application may send a UDP datagram to a specific port on a remote host. If no process is listening on that port, the host will return an ICMP Port Unreachable message. This informs the sender that the port is closed, helping diagnose connectivity issues.
Network discovery tools, like Nmap, commonly use ICMP to map out active and inactive hosts and determine which ports are open or closed. By analyzing these messages, network administrators can take corrective actions to ensure network stability and performance.
raw sockets
Raw sockets allow direct sending and receiving of IP packets without any transport layer protocol (such as TCP or UDP) handling the data. They provide a way to customize packet headers and payloads.
On Unix-based systems, creating a raw socket involves using the socket system call with the SOCK_RAW type and specifying the protocol as IPPROTO_ICMP. This is often necessary for applications to receive ICMP messages. Admin privileges are usually a requirement to create raw sockets because they bypass standard network protocols, potentially affecting the entire network.
Using raw sockets, applications can intercept and process ICMP messages directly, enabling functions like network monitoring, security auditing, and custom protocol testing. However, care must be exercised due to the potential for misuse or security vulnerabilities.
Unix-based system
Unix-based systems, such as Linux and macOS, are known for their robustness and flexibility, especially in networking. They offer extensive tools and libraries for handling network operations.
To receive ICMP messages on Unix-based systems, developers often leverage raw sockets and need to operate with elevated permissions. The typical process involves creating a socket with `socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)` and setting it up to listen for incoming ICMP packets.
Unix-based systems also come with built-in utilities like `ping` and `traceroute` that utilize ICMP messages to diagnose network issues. Advanced commands like `tcpdump` or `wireshark` can capture and analyze network traffic, including ICMP messages, providing insights into the network state and facilitating troubleshooting.
network security
Network security is crucial in protecting data integrity and preventing unauthorized access. Understanding and managing ICMP messages can have significant security implications.
For example, ICMP Port Unreachable messages can help diagnose issues but can also be exploited by attackers to map network structure and identify vulnerable points. To mitigate risks, security measures such as firewalls are configured to carefully control ICMP traffic.
Additionally, sending ICMP messages directly to the originating port may expose sensitive details about the internal network configuration or lead to inadvertent Denial of Service (DoS). Hence, security policies often recommend limiting ICMP responses and scrutinizing the conditions under which they are sent.
Thus, while ICMP messages are indispensable for network diagnostics and management, they must be handled with security considerations to prevent exploitation.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

Suppose we were to implement remote file system mounting using an unreliable RPC protocol that offers zero-or-more semantics. If a message reply is received, this improves to at-least-once semantics. We define read() to return the specified Nth block, rather than the next block in sequence; this way reading once is the same as reading twice and at-least-once semantics is thus the same as exactly once. (a) For what other file system operations is there no difference between at- leastonce and exactly once semantics? Consider open, create, write, seek, opendir, readdir, mkdir, delete (aka unlink), and rmdir. (b) For the remaining operations, which can have their semantics altered to achieve equivalence of at-least-once and exactly once? What file system operations are irreconcilable with at-least-once semantics? (c) Suppose the semantics of the rmdir system call are now that the given directory is removed if it exists, and nothing is done otherwise. How could you write a program to delete directories that distinguishes between these two cases?

When TCP sends a SYN, SequenceNum =x or FIN, SequenceNum =x, the consequent ACK has Acknowledgment =x+1; that is, SYNs and FINs each take up one unit in sequence number space. Is this necessary? If so, give an example of an ambiguity that would arise if the corresponding Acknowledgment were x instead of x+1; if not, explain why.

If host A receives two SYN packets from the same port from remote host B, the second may be either a retransmission of the original or else, if B has crashed and rebooted, an entirely new connection request. (a) Describe the difference as seen by host A between these two cases. (b) Give an algorithmic description of what the TCP layer needs to do upon receiving a SYN packet. Consider the duplicate/new cases above, and the possibility that nothing is listening to the destination port.

Suppose TCP operates over a 1-Gbps link. (a) Assuming TCP could utilize the full bandwidth continuously, how long would it take the sequence numbers to wrap around completely? (b) Suppose an added 32-bit timestamp field increments 1000 times during the wraparound time you found above. How long would it take for the timestamp to wrap around?

Design a simple UDP-based protocol for retrieving files from a server. No authentication is to be provided. Stop-and-wait transmission of the data may be used. Your protocol should address the following issues: (a) Duplication of the first packet should not duplicate the "connection." (b) Loss of the final ACK should not necessarily leave the server in doubt as to whether the transfer succeeded. (c) A late-arriving packet from a past connection shouldn't be interpretable as part of a current connection.

See all solutions

Recommended explanations on Computer Science Textbooks

View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.

Sign-up for free