Register
Dark Mode

Routing

in Computer Networks
793 views
1 vote
1 vote
This is GATE 2014 set-2 question....

My question is what would be the ans if intruder is sniffing at Router 1 ??? then according to me ans should be option c and d

 

Q.27 An IP machine Q has a path to another IP machine H via three IP routers R1, R2, and R3.
Q—R1—R2—R3—H
H acts as an HTTP server, and Q connects to H via HTTP and downloads a file. Session layer
encryption is used, with DES as the shared key encryption protocol. Consider the following four
pieces of information:
[I1] The URL of the file downloaded by Q
[I2] The TCP port numbers at Q and H
[I3] The IP addresses of Q and H
[I4] The link layer addresses of Q and H
Which of I1, I2, I3, and I4 can an intruder learn through sniffing at R2 alone?
(A) Only I1 and I2
(B) Only I1
(C) Only I2 and I3
(D) Only I3 and I4
in Computer Networks
by
793 views

1 comment

by
0
0

1 Answer

2 votes
2 votes
Best answer
Yes, packet sniffing at R1 will have information about TCP port number for Q and H, IP address of Q and H, and the link layer address of Q only, since the DLL will only know the address of the immediately connected physical link (ie MAC address) and not aware of the DLL of the H node, which is, although on 'a logical' link with Q, but different physical link with R1.
selected by
by

2 Comments

by
@Utk can you please explain how the intruder will come to know about TCP port numbers because TCP port numbers are encapsulated in a segment and that too is wrapped by the IP packet so when any Router recieves the packet it can only know about the IP addresses as the router can only remove the headers of IP Layer but not TCP layer so TCP layer related information is still hidden how come intruder can know about TCP port numbers then?????
0
0
by
The intruder is able to extract information about the TCP port number and IP addresses since the header format is known. Also, there is no encryption provided by the IP protocol (ie network layer) so the data in the payload field of IP packet will have TCP head plus the payload from TCP. Now, the TCP payload is in encrypted form (courtesy of presentation layer) so, intruder is not able to extract information from TCP payload. Thus, you will not be able to know the URL of the file. Also, know that intruder is with malicious intend, and can 'sniff' data from the router and then process it to extract information.
1
1
← PreviousNext →
← Previous in categoryNext in category →

Related questions

Subscribe to GATE CSE 2024 Test Series

Subscribe to GO Classes for GATE CSE 2024

Quick search syntax
tags tag:apple
author user:martin
title title:apple
content content:apple
exclude -tag:apple
force match +apple
views views:100
score score:10
answers answers:2
is accepted isaccepted:true
is closed isclosed:true

Subjects

64.3k questions

77.9k answers

244k comments

80.0k users

Developed by Chun
Link Copied!