Logout Open In App
Open In App
Warning: foreach() argument must be of type array|object, bool given in /var/www/html/web/app/themes/studypress-core-theme/template-parts/header/mobile-offcanvas.php on line 20

Chapter 5: Problem 16

Suppose an idle TCP connection exists between sockets A and B. A third party has eavesdropped and knows the current sequence number at both ends. (a) Suppose the third party sends A a forged packet ostensibly from B and with 100 bytes of new data. What happens? Hint: Look up in Request for Comments 793 what TCP does when it receives an ACK that is not an "acceptable ACK." (b) Suppose the third party sends each end such a forged 100-byte data packet ostensibly from the other end. What happens now? What would happen if \(\mathrm{A}\) later sent 200 bytes of data to B?

Short Answer

Expert verified
Forged packets are discarded by TCP if sequence/ACK numbers are incorrect. Both A and B discard forged packets and correct sequence with ACKs, allowing future valid communication.

Step by step solution

01

Understanding the Problem

An idle TCP connection means there is an established connection, but no data is currently being transmitted. A third party has intercepted the sequence numbers used in this communication.
02

Analysis of Forged Packet Sent to A

When a forged packet is sent to A from the third party with 100 bytes of new data: - TCP at A receives the packet, checks the ACK number. - If the ACK number is out of the expected range or the sequence number does not match, TCP discards the packet and sends an ACK with the correct sequence number (Reference: RFC 793, Section 3.9).
03

Analysis of Forged Packet Sent to Both Ends (A and B)

When forged packets are sent to both ends: - Both A and B will independently check the sequence numbers and discover the packets are not in the expected sequence. - Both sides discard these packets and send ACKs to correct the sequence numbers.
04

Consequences of A Sending 200 Bytes to B

If A later sends 200 bytes of data to B: - The data packets from A will have the correct sequence number and acknowledgment number. B will correctly acknowledge the received data packets from A. - The previous forged packet is not considered in the sequence, and does not affect this valid communication.

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

TCP Sequence Numbers
In a TCP connection, sequence numbers play a critical role in ensuring data is delivered in an orderly manner. Each byte of data sent in a TCP stream is assigned a unique sequence number. When data is transmitted, the receiver acknowledges it by sending an acknowledgment (ACK) number, indicating the next expected byte. This mechanism allows TCP to handle out-of-order packets and detect packet loss efficiently.
Sequence numbers also act as a safeguard against issues like packet reordering and duplication. If a packet arrives with an unexpected sequence number, the receiver identifies it as out of sequence and discards it or stores it for reassembly later. Understanding this helps in grasping how TCP maintains reliable communication over potentially unreliable networks.
Forged Packets
A forged packet is one that appears to be sent from a legitimate source but has been crafted by an attacker. Forged packets can be used to disrupt communication or insert malicious data into a stream. In TCP, such packets can cause significant issues if they manage to deceive the receiving device into thinking they are valid.
For instance, if an attacker intercepts the sequence numbers of a TCP connection and sends a forged packet to a device (say, A) with 100 bytes of new data, TCP at A will check the packet's sequence number. If the number is out of the expected range, A will discard the packet and send an ACK with the correct sequence number to maintain the integrity of the communication. This is detailed in RFC 793, Section 3.9.
However, if such packets are sent to both ends of a TCP connection (A and B), both devices will react independently, discarding out-of-sequence packets and sending corrective ACKs. This indicates that TCP's inherent mechanisms provide robust protection against such attacks, ensuring no disruption occurs in the legitimate data flow.
TCP Acknowledgment
ACKs (acknowledgments) are a fundamental component of TCP’s reliability. When a device receives a segment, it sends an ACK back to the sender, indicating which byte it expects next (the ACK number). This feedback loop allows the sender to know which data has been successfully received and what needs retransmission in case of packet loss.
If a device receives a segment with an ACK number outside of the 'acceptable' range, it discards the segment. This process helps to identify and disregard forged packets. For instance, if device A receives a forged packet from a third party, it will verify the ACK number. If it doesn't match the expected range, the packet will be discarded and A will respond with an ACK bearing the correct sequence number.
This mechanism ensures the ongoing communication remains consistent and reliable, emphasizing the importance of sequence and acknowledgment numbers in maintaining the integrity of a TCP connection.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

Request for Comments 1122 states (of TCP): A host MAY implement a "half-duplex" TCP close sequence, so that an application that has called CLOSE cannot continue to read data from the connection. If such a host issues a CLOSE call while received data is still pending in TCP, or if new data is received after CLOSE is called, its TCP SHOULD send an RST to show that data was lost. Sketch a scenario involving the above in which data sent by (not to!) the closing host is lost. You may assume that the remote host, upon receiving an RST, discards all received data still unread in buffers.

Suppose a host wants to establish the reliability of a link by sending packets and measuring the percentage that are received; routers, for example, do this. Explain the difficulty of doing this over a TCP connection.

Suppose party A connects to the Internet via a dial-up IP server (e.g., using SLIP or PPP), has several open Telnet connections (using TCP), and is cut off. Party B then dials in and is assigned the same IP address that A had. Assuming B was able to guess to what host(s) A had been connected, describe a sequence of probes that could enable B to obtain sufficient state information to continue with A's connections.

When closing a TCP connection, why is the two-segment-lifetime timeout not necessary on the transition from LAST_ACK to CLOSED?

Find out the generic format for TCP header options from Request for Comments \(793 .\) (a) Outline a strategy that would expand the space available for options beyond the current limit of 44 bytes. (b) Suggest an extension to TCP allowing the sender of an option a way of specifying what the receiver should do if the option is not understood. List several such receiver actions that might be useful, and try to give an example application of each.
See all solutions

Recommended explanations on Computer Science Textbooks

Computer Systems

Read Explanation

Game Design in Computer Science

Read Explanation

Computer Network

Read Explanation

Problem Solving Techniques

Read Explanation

Functional Programming

Read Explanation

Data Structures

Read Explanation
View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.

Sign-up for free