What is the difference between TCP and UDP? Why would you use one over the other?
Need help with answering the questions on this Network Protocol Analysis (Part01) Document. Answers can be found from given links in file call Open theses links. I am also attaching my friends paper to look at as an example.
//////////
/////
COP 620
Professor: ////
Due Date: January 18, 2022
Part 1
Answer the following questions:
1. What is the difference between TCP and UDP? Why would you use one over the other?
Ans:
2. What are some advantages of IPv6 over IPv4? Why do you think it is taking so long for IPv6 to be adopted?
Ans:
3. Research the QUIC Protocol. What network layer does QUIC operate at? What use cases does QUIC seek to resolve?
Ans:
4. What is the difference between an open port and a filtered port? List five common ports that may be open on a corporate network. Why is this important to know from cybersecurity aspect?
Ans:
5. How is encapsulation used in network communications?
Ans:
6. Both Ethernet and IP are involved with delivering data. Compare and contrast these protocols; be sure to discuss what OSI layers they operate and describe specific cases for selecting one over the other.
Ans:
7. If you wanted to sniff internet-bound network traffic for multiple subnets on a corporate network, where could you set up a sniffer?
Ans:
Part 2
I've attached an incomplete network diagram for your analysis. Based on this diagram, please provide all of the following information:
1. Identify all ports and protocols used for each network service present on this diagram. Present these results as a table.
2. Where could we access traffic for analysis for the RDP server if we suspect a breach of this device? Assume switches support spanning
3. Assuming some users will require access to multiple servers and desktops in the network, describe best practices associated with username and password selection. What are the dangers of using the same user name and password to access the FTP server and to log into your Windows domain account?
4. The email server does not support TLS for PoP3 due to lack of knowledge by the admin. What risks are opened up by this misconfiguration?
5. Create a new network diagram with additional documentation to include:
· IP addresses (make up an address scheme),
· ports in use
· where one could/should insert security devices such as firewalls to limit exposure to threats
Note: There are multiple valid approaches to this deliverable, and you may use Microsoft PowerPoint, Microsoft Word, Microsoft Visio, or Apache OpenOffice to create your network diagram.
,
Computer Networks Introduction
Network Architectures
Subnetting
Network Security
Computer Network Diagnostic Tools
,
NETWORKING
DUE DATE: January 18, 2022
1. What is the difference between TCP and UDP? Why would you use one over the other?
Ans: Transmission Control Protocol (TCP): is connection-oriented, meaning once a connection has been established, data can be transmitted in two directions. TCP has built-in systems to check for errors and to guarantee data will be delivered in the order it was sent, making it the perfect protocol for transferring information like images, data files, and web pages. But while TCP is instinctively reliable, its feedback mechanisms also result in a larger overhead, translating to greater use of the available bandwidth on your network.
User Datagram Protocol (UDP): is a simpler, connectionless Internet protocol wherein error-checking and recovery services are not required. With UDP, there is no overhead for opening a connection, maintaining a connection, or terminating a connection; data is continuously sent to the recipient, whether they receive it or not. Although UDP isn’t ideal for sending an email, viewing a webpage, or downloading a file, it is largely preferred for real-time communications like broadcast or multitask network transmission.
A key difference between TCP and UDP is speed, as TCP is comparatively slower than UDP. Overall, UDP is a much faster, simpler, and efficient protocol, however, retransmission of lost data packets is only possible with TCP. Another notable discrepancy with TCP vs UDP is that TCP provides an ordered delivery of data from user to server (and vice versa), whereas UDP is not dedicated to end-to-end communications, nor does it check the readiness of the receiver (requiring fewer overheads and taking up less space). See table below for more if:
|
Features |
TCP |
UDP |
|
Status during connection |
Needs an established connection for data transfer and it should be closed after complete transmission |
It is a connectionless protocol and does not require termination or maintenance |
|
Sequencing of data |
Can sequence data |
Does not sequence data |
|
Data delivery |
Data delivery to destination router is guaranteed |
Data delivery to the destination is not guaranteed |
|
Packet retransmission |
It is possible to retransmit lost packets |
Lost packets cannot be retransmitted |
|
Checking of Error |
An extensive check is done for Errors |
Basic checking for errors |
|
Transfer method |
Data read as byte Stream |
The UDP packets are sent individually with defined boundaries |
|
Speed |
Slower compared to UDP |
Faster compared to TCP |
|
Broadcasting |
Broadcasting is not supported |
Broadcasting supported |
B) Personally, will prefer TCP because it is more reliable but even though it is slow. Really it depends on what I am using the protocol for to help me make that decision. UDP is faster and can be useful when dealing with more data heavy work like videos etc. UDP is faster, with an efficient protocol, and simpler (Naing, Khaing, & Maw 2019).
2. What are some advantages of IPv6 over IPv4? Why do you think it is taking so long for IPv6 to be adopted?
Ans: Pv4 address have roughly 4.3 billion addresses and overseen and appropriated by Internet Assigned Numbers Authority (IANA) to the Regional Internet Registries (RIRs) in blocks of around 16.8 million each. The Internet Protocol Version 4 (IPv4) depletion began in 2011 for the pool of unallocated addresses. This exhaustion prompted the innovative work to its next replacement which is the Internet Protocol Version 6(IPV6). Here are some of the advantages of IPv6:
A) IPV6 supports approximately 3.4×10^38 network addresses which translate to equivalent of 340 trillion on addresses in figures, that’s about 670 quadrillion addresses per square millimeter of the Earth’s surface clearly IP v6 has more addresses.
B) IPv6 networks provide autoconfiguration capabilities. They are simpler, flatter and more manageable for large installations.
C) Direct addressing is possible due to vast address space the need for network address translation devices is effectively eliminated.
D) IPSEC is built into the IPv6 protocol, usable with a suitable key infrastructure. Which means IPv6 was built with better security features in mind compared to IPv4.
E) IPv6 provides interoperability and mobility capabilities which are already widely embedded in network devices.
F) Given the numbers of addresses, scalability and flexibility of IPv6, its potential for triggering innovation and assisting collaboration is unbounded.
2B . There are several reasons why it’s taking long to adopt IPv6. One of the many reasons is that it is expensive. The internet is made up of millions of routers and switches that was initially design for IPv4 replacing or upgrading takes a lot of time and budget. Next is Network Address Translation (NAT) was already used all over the internet, extending the lifetime of the IPv4 protocol. NAT can be deployed incrementally on the internet at a low cost while also providing some basic security. During the plan of the IPv6 protocol, in reverse compatibility was not on the requirements list. As indicated by Leslie Daigle, Former Chief of Internet Technology Officer for the Internet Society, this absence of compatibility with the current IPv4 protocol was the single basic failure. Because of this, the transition towards IPv6 does not provide a single, standardized solution to communicate with devices and systems that still run IPv4.
3. Research the QUIC Protocol. What network layer does QUIC operate at? What use cases does QUIC seek to resolve?
ANS: QUIC (Quick UDP Internet Connection) is a new encrypted transport layer network protocol. QUIC was designed to make HTTP traffic more secure, efficient, and faster. QUIC has taken all the best qualities of TCP connections and TLS encryption and implemented it on UDP.
3B. What use cases does QUIC seek to resolve?
A) Reduced connection times. To establish TLS encryption, the client and the server need to perform a TLS handshake and exchange encryption keys. It’s a lengthy process in IT terms, as there are 4 round-trip requests involved. When the data is transferred over TCP, even more steps are added to this process, slowing down the connection even more. QUIC replaces all of this with a single handshake.
B) Better performance when data packets are lost. HTTP/2 on TCP can suffer from head-of-line blocking, a phenomenon where a line of data packets can be held up by the first packet. If one data packet is lost, the recipient must wait for it to be retrieved, which has a huge impact on connection performance. The QUIC protocol solves this problem by allowing streams of data to reach their destination independently. They no longer need to wait for the missing data packet to be repaired.
C) Stable connections when networks are changed. If you are connected to a web server via TCP and your network suddenly changes (from Wi-Fi to 4G, for example), each connection times out and needs to be reestablished. QUIC allows for a smoother transition by giving each connection to a web server a unique identifier. These can be reestablished by simply sending a packet rather than establishing a new connection, even if your IP changes.
D) Easier to improve and develop. TCP is implemented in operating system kernels, which means changing it is close to impossible. QUIC can be implemented on the application level, making it a more flexible protocol.
4. What is the difference between an open port and a filtered port? List five common ports that may be open on a corporate network. Why is this important to know from cybersecurity aspect?
ANS: Open port refers to an application on the target machine that listens for packets or even connections in the current port while filtered refers to a filter (Al-Hanjori, Shaath, & Abu-Naser 2017), firewall, or other network obstacles that block the port to ensure that Nmap is unable to differentiate whether it is closed or open.
B) ANS: 25 the simple email (routing protocol) transfer protocol
80 HTTP web traffic
443 web traffic
143 IMAP for the management of digital mail
21 FTP command control
C) From a cybersecurity perspective it is important to know about open ports in because it poses a security threat to your network. Also, allows security personnel to activate firewalls and ensure traffic is blocked for those other ports that may cause security breaches. Attackers can at times send attack traffic to a port like 3389 and exploit the vulnerabilities it has. Knowing when to open and close such ports ensures that attacks are minimized
5. How is encapsulation used in network communications?
ANS: Encapsulation refers to the design of modular communication protocols where functions separated by logic in each network are abstracted using information hiding or inclusion in higher-level objects. It takes the higher layer information and adds a header to it and treats it as data. Encapsulation enables the local area networking; the IP shows the global address of each computer and TCP chooses the process that identifies the service such as a web.
6. Both Ethernet and IP are involved with delivering data. Compare and contrast these protocols; be sure to discuss what OSI layers they operate and describe specific cases for selecting one over the other.
ANS: Both Ethernet and IP are involved in data delivery. Ethernet is a networking protocol that is physical while IP is an industrial communication protocol. Ethernet is operated in the link layer while the IP is operated in the application layer. Ethernet is widely used in several local area networks and internet applications while IP is designed to be used in industrial environments to enable process control and automation
7. If you wanted to sniff internet-bound network traffic for multiple subnets on a corporate network, where could you set up a sniffer?
ANS: The software installation because it will allow logging and viewing data collected by a device. This packet sniffer alters the configuration ensuring that all the subnets of a network pass the traffic up the stack (Al-Hanjori, Shaath, & Abu-Naser 2017). The configuration change is called the promiscuous mode which is when the sniffer functionality becomes reassembling, separating, and logging of the packets that pass through the interface.
Part 2
I've attached an incomplete network diagram for your analysis. Based on this diagram, please provide all the following information:
1. Identify all ports and protocols used for each network service present on this diagram. Present these results as a table.
ANS:
|
Port number |
Port use |
Network service |
|
20 and 21 |
File transfer protocol |
File transfer between a client and a server |
|
25 |
Simple mail transfer protocol |
For email usage |
|
53 |
Domain name system |
Matches the human-readable names of the domain to the IP addresses readable by the machine |
|
80 |
Hypertext transfer protocol |
Enables the world wide web |
|
443 |
HTTP secure |
An encrypted and secure HTTP version |
|
3389 |
Remote desktop protocol |
Enables remote connection of users to the desktops and other services |
2. Where could we access traffic for analysis for the RDP server if we suspect a
breach of this device? Assume switches support spanning.
ANS: If we suspect breach of the device using SPAN located in the switches creates a copy of packets passing through the RDP and sends them to a SPAN port which allows administrators to configure the data being monitored. Also using mirror port and network TAP to the established source of traffic causing the breach and making corrections.
3. Assuming some users will require access to multiple servers and desktops in the network, describe best practices associated with the username and password selection. What are the dangers of using the same username and password to access the FTP server and to log into your Windows domain account?
ANS: A) Make passwords and usernames that are complex but also easy to remember to ensure you do not forget and get locked out of the system
B) The passwords and usernames created are personal and yours alone do not reveal to anyone under any circumstance to prevent them from accessing the system using your credentials.
C) Use lengthy passwords because length trumps password complexity. A lengthy password is hard to guess compared to a complex one.
D) Use varying passwords for the different accounts to ensure that when one leaks the rest of the accounts are safe.
3B. Best practices associated with the username and password selection.
ANS: Anonymous authentication is a vulnerability (Rathore et al2017) in FTP that allows user login using an FTP username. Once this data has been used it is left unprotected in the server which could be used by any unauthorized person to cause harm
Directory traversal attack is an FTP vulnerability where the successful attack overwrites and creates files that are put outside the website root folder and thus the FTP owner becomes subject to the hacker's controls.
4. The email server does not support TLS for PoP3 due to a lack of knowledge by the admin. What risks are opened by this misconfiguration?
ANS: Lack of data integrity. TLS ensures tracking of all data to avoid loss lack of which will put the data at risk of being lost and in the hands of unauthorized users.
Lack of data reliability (Rathore et al2017). Failure to use TLS will make customers unable to trust the data they have and further any transactions. Poor security, lack of TLS use will leave the data prone to hacking and access by unauthorized personnel. Malware prevention. TLS will prevent malware from being brought in by mails and spam. This could lead to information being leaked over the network.
5. Create a new network diagram with additional documentation to include:
a. IP addresses (make up an address scheme),
b. ports in use
c. where one could/should insert security devices such as firewalls to limit exposure to threats
ANS:
A)
Internet
Smtp
A) Firewall
B
B)
Router A
Port FTP
Host A
Host b
· IP addresses (make up an addressing scheme)
|
Network |
10.10.0.0/24 |
|
Host A |
10.10.24.0/21 |
|
Host B |
10.11.4.0/24 |
|
Router A |
10.11.6.0/24 |
|
Router B |
10.11.3.0/24 |
|
Isp |
10.11.2.0/24 |
· Ports in Use
|
Port use and number |
Network service |
|
21 and 22 File transfer protocol |
File transfer between a client and a server |
|
25Simple mail transfer protocol |
For email usage |
|
53 Domain name system |
Matches the human-readable names of the domain to the IP addresses readable by the machine |
References
Naing, M. T., Khaing, T. T., & Maw, A. H. (2019, November). Evaluation of TCP and UDP Traffic over Software-Defined Networking. In 2019 International Conference on Advanced Information Technologies (ICAIT) (pp. 7-12). IEEE.
Rathore, S., Sharma, P. K., Loia, V., Jeong, Y. S., & Park, J. H. (2017). Social network security: Issues, challenges, threats, and solutions. Information sciences, 421, 43-69.
Al-Hanjori, M. M., Shaath, M. Z., & Abu-Naser, S. S. (2017). Learning computer networks using intelligent tutoring system.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
