- What is MTU?
- How does TCP handshake work?
- How does SSL handshake work?
- What are the different phases in VPN establishment?
- How does DH (deffie helman) work?
- What is TCP window sizing?
- What is the difference between passive FTP and active FTP?
- What is the difference between socket and session?
- How does network management station work?
The Answers:
1. How does TCP handshake work? Transmission Control Protocol/Internet Protocol. There are 3 steps.
1. Local device sends sequence number and maximum segment size.
2. Destination device responds by sending its sequence number and maximum segment size back to local device.
3. Local device acknowledges receipt of the sequence number and segment size information.
2. How does SSL handshake work? Secure Sockets Layer. There are 4 steps.
1. Browser checks the certificate to make sure that the site you are connecting to is the real site and not someone intercepting.
2. Determine encryption types that the browser and web site server can both use to understand each other.
3. Browser and Server send each other unique codes to use when scrambling (or encrypting) the information that will be sent.
4. The browser and Server start talking using the encryption, the web browser shows the encrypting icon, and web pages are processed secured.
3. What is the difference between passive FTP and active FTP?
FTP is an unusual protocol in that it uses two ports, one for commands and the other for data. (This is one of the reasons it is superior to HTTP for transferring large files.) Active FTP was invented first. The client initiates a connection on the server’s command port. The server then initiates a connection with the client from its data port. In Passive FTP, the client initiates both connections with the server, which remains “passive”.
Active FTP may cause problems if your client is behind a firewall. From the firewall’s point of view, the FTP server that is trying to initiate a connection with your client looks like an intruder and is usually blocked. This is why many users have difficulty using FTP to download files from behind a firewall.
Passive FTP solves this problem, but creates other problems, notably where FTP server security is concerned. The server must listen on a large number of ports. This requires the firewall to let a lot of unqualified traffic through. Most firewall administrators do not like this.
As a rule, you do not need to be concerned about passive and active FTP unless you administer an FTP server or a firewall. If you experience difficulty using your FTP client from behind a firewall, this is likely the reason. Perhaps you should discuss the matter with your firewall administrator.
4. What is the difference between socket and session?
1. An SSL session is a mechanism through which connections can be established by re-using previously negotiated handshakes.
2. A socket is one endpoint of a two-way communication link between two programs running on the network. A socket is bound to a port number so that the TCP layer can identify the application that data is destined to be sent.
5. How does network management station work? Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, gateways, terminal servers, and the like, which have management agents responsible for performing the network management functions requested by the network management stations. The Simple Network Management Protocol (SNMP is used to communicate management information between the network management stations and the agents in the network elements. There are a few network management features that may be used to provide network monitoring for this advisory.
1. Device Availability Monitoring
2. SNMP MIB object monitoring
3. Cisco Service Assurance Agent (Cisco SAA)
4. RMON Alarm and Events
5. Event-MIB
6. CiscoWorks RME Network Show Commands and CLI scripting
6. What are the different phases in VPN establishment? Successful VPN establishment consists of two levels of SA’s known as phases. Phase 1 authentication establishes session keys. Using the Xauth feature, the client waits for a “username/password” challenge after the IKE Phase 1 SA has been established. When the end user responds to the challenge, the response is forwarded to the IPsec peers for an additional level of authentication completing Phase 2.
1. Phase 1 of a 2 phase VPN tunnel establishment process. Phase 1 negotiates the security parameter agreement.
2. Phase 2 of 2 phase VPN tunnel establishment process. Phase 2 uses the agreed parameters from Phase 1 to bring the tunnel up.
7. How does DH (deffie helman) work? Diffie-Hellman key agreement was invented in 1976 during a collaboration between Whitfield Diffie and Martin Hellman and was the first practical method for establishing a shared secret over an unprotected communications channel. Based on Ralph Merkle’s public key cryptosystem. Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically.
8. What is TCP window sizing? The window size is the maximum number of bytes of data that can be transmitted in one segment. Increasing the window size for a TCP-based file transfer would increase throughput until the slowest link in the path saturates. It would be preferable to have a window size appropriate to the size of the link. There would be less buffering, the ACKs would return more quickly and more of the bandwidth would be used. Ideally you are looking for a Window Size >= Bandwidth * RTT.
9. What is MTU? Maximum Transmission Unit. The greatest amount of data or “packet” size that can be transferred in one physical frame on a network. This packet also contains the header and trailer information, which are like addresses for each packet that are required by the routers on the network.