Logout Open In App
Open In App
Warning: foreach() argument must be of type array|object, bool given in /var/www/html/web/app/themes/studypress-core-theme/template-parts/header/mobile-offcanvas.php on line 20

Chapter 5: Problem 1

If a UDP datagram is sent from host \(\mathrm{A}\), port \(\mathrm{P}\) to host \(\mathrm{B}\), port \(\mathrm{Q}\), but at host \(\mathrm{B}\) there is no process listening to port \(Q\), then \(B\) is to send back an ICMP Port Unreachable message to A. Like all ICMP messages, this is addressed to A as a whole, not to port \(\mathrm{P}\) on \(\mathrm{A}\). (a) Give an example of when an application might want to receive such ICMP messages. (b) Find out what an application has to do, on the operating system of your choice, to receive such messages. (c) Why might it not be a good idea to send such messages directly back to the originating port \(\mathrm{P}\) on \(\mathrm{A}\) ?

Short Answer

Expert verified
A network discovery tool might use ICMP messages. Applications use raw sockets to capture them. Sending messages to the originating port can cause confusion and security risks.

Step by step solution

01

Understanding ICMP Port Unreachable Message

An ICMP Port Unreachable message is sent when a datagram is received on a host but no application is listening on the specified port. This message informs the sender that the intended port cannot be accessed.
02

Example Usage of ICMP Messages

An application might want to receive ICMP Port Unreachable messages for network diagnostics. For example, a network discovery tool might use these messages to identify which ports are open or closed on a remote host.
03

Receiving ICMP Messages on a Specific Operating System

To receive ICMP messages, an application typically needs to access raw sockets and capture the ICMP packets. On a Unix-based system, this can be done using sockets of the type 'SOCK_RAW' and setting the appropriate protocol, usually IPPROTO_ICMP. Administrative privileges are usually required to create and manage raw sockets.
04

Reason for Not Sending Messages to the Originating Port

Sending ICMP Port Unreachable messages directly back to the originating port might not be a good idea because the originating port may not be configured to handle ICMP messages. This can cause confusion for the application and potential security risks as it could reveal the internal network structure.

Unlock Step-by-Step Solutions & Ace Your Exams!

  • Full Textbook Solutions

    Get detailed explanations and key concepts

  • Unlimited Al creation

    Al flashcards, explanations, exams and more...

  • Ads-free access

    To over 500 millions flashcards

  • Money-back guarantee

    We refund you if you fail your exam.

Start your free trial

Over 30 million students worldwide already upgrade their learning with Vaia!

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

network diagnostics
Network diagnostics is essential for maintaining the health and performance of a network. Tools and techniques used for diagnostics help identify, analyze, and resolve network issues.
ICMP messages, such as Port Unreachable, are particularly useful in network diagnostics. They help in pinpointing the exact nature of a problem. For instance, an application may send a UDP datagram to a specific port on a remote host. If no process is listening on that port, the host will return an ICMP Port Unreachable message. This informs the sender that the port is closed, helping diagnose connectivity issues.
Network discovery tools, like Nmap, commonly use ICMP to map out active and inactive hosts and determine which ports are open or closed. By analyzing these messages, network administrators can take corrective actions to ensure network stability and performance.
raw sockets
Raw sockets allow direct sending and receiving of IP packets without any transport layer protocol (such as TCP or UDP) handling the data. They provide a way to customize packet headers and payloads.
On Unix-based systems, creating a raw socket involves using the socket system call with the SOCK_RAW type and specifying the protocol as IPPROTO_ICMP. This is often necessary for applications to receive ICMP messages. Admin privileges are usually a requirement to create raw sockets because they bypass standard network protocols, potentially affecting the entire network.
Using raw sockets, applications can intercept and process ICMP messages directly, enabling functions like network monitoring, security auditing, and custom protocol testing. However, care must be exercised due to the potential for misuse or security vulnerabilities.
Unix-based system
Unix-based systems, such as Linux and macOS, are known for their robustness and flexibility, especially in networking. They offer extensive tools and libraries for handling network operations.
To receive ICMP messages on Unix-based systems, developers often leverage raw sockets and need to operate with elevated permissions. The typical process involves creating a socket with `socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)` and setting it up to listen for incoming ICMP packets.
Unix-based systems also come with built-in utilities like `ping` and `traceroute` that utilize ICMP messages to diagnose network issues. Advanced commands like `tcpdump` or `wireshark` can capture and analyze network traffic, including ICMP messages, providing insights into the network state and facilitating troubleshooting.
network security
Network security is crucial in protecting data integrity and preventing unauthorized access. Understanding and managing ICMP messages can have significant security implications.
For example, ICMP Port Unreachable messages can help diagnose issues but can also be exploited by attackers to map network structure and identify vulnerable points. To mitigate risks, security measures such as firewalls are configured to carefully control ICMP traffic.
Additionally, sending ICMP messages directly to the originating port may expose sensitive details about the internal network configuration or lead to inadvertent Denial of Service (DoS). Hence, security policies often recommend limiting ICMP responses and scrutinizing the conditions under which they are sent.
Thus, while ICMP messages are indispensable for network diagnostics and management, they must be handled with security considerations to prevent exploitation.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

Find out the generic format for TCP header options from Request for Comments \(793 .\) (a) Outline a strategy that would expand the space available for options beyond the current limit of 44 bytes. (b) Suggest an extension to TCP allowing the sender of an option a way of specifying what the receiver should do if the option is not understood. List several such receiver actions that might be useful, and try to give an example application of each.

Suppose a host wants to establish the reliability of a link by sending packets and measuring the percentage that are received; routers, for example, do this. Explain the difficulty of doing this over a TCP connection.

Suppose TCP operates over a 40-Gbps STS-768 link. (a) Assuming TCP could utilize the full bandwidth continuously, how long would it take the sequence numbers to wrap around completely? (b) Suppose an added 32-bit timestamp field increments 1000 times during the wraparound time you found above. How long would it take for the timestamp to wrap around?

This chapter explains three sequences of state transitions during TCP connection teardown. There is a fourth possible sequence, which traverses an additional arc (not shown in Figure 5.7) from FIN_WAIT_1 to TIME_WAIT and labelled FIN + ACK/ACK. Explain the circumstances that result in this fourth teardown sequence.

TCP's simultaneous open feature is seldom used. (a) Propose a change to TCP in which this is disallowed. Indicate what changes would be made in the state diagram (and if necessary in the undiagrammed event responses). (b) Could TCP reasonably disallow simultaneous close? (c) Propose a change to TCP in which simultaneous SYNs exchanged by two hosts lead to two separate connections. Indicate what state diagram changes this entails, and also what header changes become necessary. Note that this now means that more than one connection can exist over a given pair of \langlehost, port)s. (You might also look up the first "Discussion" item on page 87 of Request for Comments \(1122 .\) )
See all solutions

Recommended explanations on Computer Science Textbooks

Computer Systems

Read Explanation

Game Design in Computer Science

Read Explanation

Computer Programming

Read Explanation

Cloud Services

Read Explanation

Databases

Read Explanation

Blockchain Technology

Read Explanation
View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.

Sign-up for free