Network Protocol
Defines rules and conventions for communication between network devices.
● Ethernet● ARP● IP ● UDP● TCP● CAN● SSH
UDP Protocol Used to communicate (unreliable) between application programs in a network. UDP header.
Source port and destination port identifies the process that sends a receives the data in the UDP packet.
The IP protocol needs network address to send the data to the correct host in the network and needs a port number to send the data to the correct program application.
Well-known portsThere's a list of currently assigned ports to some services, so when you need to use a port number you must remember to avoid those numbers.
Port number Name
22 SSH
23 Telnet
88 Kerberos
80 HTTP
194 IRC
UDP Properties
Does not need acknowledge. It's not a reliable network protocol, that's why the messages can be:
● lost● arrive out of order● duplicated
Does not provide feedback to control the rate at which information flows between the machines.
TCP Protocol
TCP is a reliable connection oriented protocol, which means that:
● data it's received in the same order that was send.● detects duplicated data.● retransmits lost data.
TCP header
Ping response delay
Google facebook and wikipedia takes more time to ack a packet send than yahoo and twitter.Ps: test realized at 11 pm.
Planning practical implementation
Nachos already send packets in order but it's protocol is not reliable.
So with that in mind we propose build a protocol similar to TCP in top of the nachos one.
The program for testing the new protocol will be a ping or a chat.
Network Security
Confidence information and services available on a network cannot be accessed by unauthorized users. There's two fundamental techniques that form the basis for the internet security:
● Perimeter security● encryption
Perimeter security allows an organization to determine the services and networks it will make available to outsiders and the extend to which outsiders can use resources.
Aspects of information security
● Data Integrity● Data Availability● Privacy Or Confidentiality● Authorization● Autentication● Replay Avoidance
Internet Security
Source authentication (accepts requests from computers on a authorized list) is a weak security method. Stronger authentication requires encryption.
IPsec
Provides a set of security algorithms and a general framework that allows a security communication .
Firewall
Blocks all unauthorized communication between computers in the organization and computers outside the organization.
Monitoring:● a firewall notifies a manager whenever an incident occurs
(active monitoring).● a firewall logs a record of each incident in a file on disk
(passive monitoring).
Planning practical implementation
Some security in nachos programs execution and comunication:
● Implement a list of nachos machines authorized to communicate with.
● Implement a list of users (id's) authorized to execute useprog programs.
DHCP
The Dynamic Host Configuration Protocol (DHCP) service enables devices on a network to obtain IP addresses and other information from a DHCP server. This service automates the assignment of IP addresses, subnet masks, gateway and other IP networking parameters.
Static Assignment of Addresses
With a static assignment, the network administrator must manually configure the network information for a host, as shown in the figure. At a minimum, this includes entering the host IP address, subnet mask, and default gateway.
Dynamic Assignment of Addresses
DHCP enables the automatic assignment of addressing information such as IP address, subnet mask, default gateway, and other configuration information.