ITE 384 test 2

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/28

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

29 Terms

1
New cards

ICMP Error Types

Type 0, type 3, type 8

2
New cards

Type 8

Echo request

3
New cards

Type 0

Echo reply

4
New cards

Type 3

Datagram couldn't get to where it needed to go

5
New cards

ICMP Encapsulation

ip-icmp-ip

takes the original IP header and 8 bytes of data from the original packet. then tacks on an ICMP datagram with the error code for that packet, then attaches a new IP header to send it back

6
New cards

What are the two things that ICMP does?

Queries, error reporting

7
New cards

Why do you not want to allow echo request and echo reply externally?

Allows intruder to probe your network ;)

8
New cards

ARP

Process for requesting physical address based on IP address

9
New cards

What does ARP do?

Takes IP address from layer 3 (source), does a broadcast to request MAC address of destination

10
New cards

TCP Datagram Flags (control field)

URG-Urgent- Sends message ahead in queue (to the middle)
ACK-Acknowledge- I acknowledge the data that you are sending to me
PSH-Push- sends message ahead in queue (to the front)
RST-Reset- Resets the connection
SYN-Synchronize- Synchronizes the sequence numbers
FIN-Finish- terminates the connection

11
New cards

How the TCP Window size works.

dynamically allocated. buffers data based on the sequence and acknowledgement number for validation and reassembly "multiplier field"

12
New cards

Sequence number for TCP datagram

part of segmentation. shows the order of a segment in a series of segments

13
New cards

Acknowledgement number

defines the byte number that the receiver of the segment is expecting to receive from the other party

14
New cards

HLEN

Header length field. "tells you the header length. is a multiplier field"
It can be between 20 and 60 bytes. Header length will always be between 5-15 (it's multiplied by 4)

15
New cards

Reserved field

6 bit field reserved for future use

16
New cards

Control field (flags)

6 different control bits (flags)

17
New cards

Windows Size

Defines the window size of the sending TCP in bytes. "multiplier field"

18
New cards

Urgent pointer

Only valid when URG flag is set. Defines value that must be added to sequence number to obtain the number of the last urgent byte in the data section of the segment

19
New cards

Options field

contains the window size multiplier

20
New cards

ARP tables

a series of corresponding physical and logical addresses

21
New cards

ARP poisoning

ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network. "You spoof it"

22
New cards

Port 80

Web protocol

23
New cards

Port 22

SSH

24
New cards

How can the server understand multiple connections at once

spawns new ports if the machines have the same IP. if they have different IPs, that is their unique identifier. If a server's port becomes exhausted, it will assign the communication a new IP. "spawns new connections AT THE SERVER LEVEL"

25
New cards

SA

Sync Acknowledgement Flag. Service is running on the port

26
New cards

RA

Reset Acknowledgement Flag. Service is not running on the port

27
New cards

RARP

Reverse ARP. Finds IP based on MAC address

28
New cards

What is the purpose of the three-way handshake?

Ensures reliability, start of segmentation

29
New cards

How can ICMP Type 8 and Type 0 be used to test network connectivity?

Type 8 (echo request) is sent to a client machine. If type 0 (echo reply) is sent back from said client, there is a connection. However, this is not a reliable method of testing connectivity, as the client router may be blocking ICMP for security purposes