Whatever happened to the IPv4 address crisis?
Unallocated IPv4 address blocks are gone forever. However, carriers still have IPv4 addresses available for allocation, so IPv4 addresses will remain in use for some time to come. And though there may be no immediate crisis for service providers, businesses, or customers, there is steady pressure to enable IPv6 in every segment of the network ecosystem as the best way to address IPv4 address scarcity.
A few clarifications/tips related to Assignment 1.
Runtime.exec(String[] cmdarray, String[] envp). If the standard environmental variables, such as HOME is missing from the parameter envp, the perl script will not run properly. The script expects that HOME to be set to the user’s home directory. The symptoms of this bug is that todo.pl tries to create a folder /a1/data, which it does not have permission to.readline(). It returns only after it encounters a new line character. Note that neither HTTP request or response BODY guarantees that it ends with a new line character. If you use readline(), you may have to wait forever for it to return.vim. You can copy my .vimrc from ~ooiwt/.vimrc on cs2105-z, which maps the keys properly, to resolve this issue.We will start the discussion of Problem Set 4 after the recess week. Download the PDF version of Problem Set 4 here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Here is your second DIY exercise. This is an ungraded exercise, but completing the exercise should help you understand the materials covered in class. You are encouraged to ask questions and discuss your results online on the blog. This exercise uses a tool called wireshark, which can be download from its homepage. A brief demo of wireshark is available.
Here is the PDF version of DIY Exercise 2. Have fun.
17 February, 2014.
“The Internet has Ran Out of IPv4 Addresses. These Hacks, Used to Keep the Internet Growing, Are Absolutely Brilliant.”
We now venture into the network layer and look at IP and the associated protocols (DHCP, ICMP, NAT) in more details.
Slides: PDF
Please read the following sections in the textbook. Reading:
Chapter 4 of KR.
Here are a bunch of links related to Question 3 and 4 in Problem Set 2.
Firesheep:
It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called “sidejacking”) is when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.
DNS Cache Poisoning:
Angry Birds developer Rovio has confirmed its website was briefly hijacked, most likely by hackers who managed to tamper with domain name system settings that ultimately control what server receives requests for a particular domain name.
According to Zscaler, attackers managed to force several DNS servers to resolve santander.com.br to an IP address under their control.
The spoofed page hosted on the rogue web server was very well crafted and looked identical to the real one.
Finally, a report from last month shows that many DNS servers remains insecure.
Just under half of the internet (47 percent) remains insecure insofar as many top level domains (TLDs) have failed to sign up to use domain name system security extensions (DNSSEC), including intensive internet using countries such as Italy (.it), Spain (.es) and South Africa (.za), leaving millions of internet users open to malicious redirect to fake websites, reports Ultra Electronics AEP.
Here is a “DVD” Extra” for Lecture 5 and the Excel sheet used.
http://web.mit.edu/newsoffice/2014/is-online-privacy-possible.html
There are two types of browser cookies: those that help sites to function, and those that enable ad tracking and monetization. When you browse the Internet normally, the first type of cookie is retained on websites so that when you visit the same website again, it remembers your preferences. The second type of cookie tells advertisers and other companies about your online behavior, what links you clicked on, which sites you visited, how you got there, and where you went next.
We received several FAQs about Assignment 1 last week. Please take note of them.
1. Can we use existing libraries that handle HTTP / CGI for this assignment?
NO. The purpose of this assignment is for you to learn about how HTTP and CGI work together, and demonstrate that to us by solving the assignment. If you use existing libraries or wrapper class (such as HttpURLConnection) you will not learn (and showed us that you know how) the internals of how HTTP/CGI works.
2. We want to implement delete/edit first, before we implement add. How can we manually create TODO entries for testing?
I have edited the file “TODO” and the files under the “data” directory so that they have three items in the list. You can copy them over to your own a1 directory.
cp ~sadm/a1/TODO $HOME/a1
cp -r ~sadm/a1/data $HOME/a1
3. Where can we find WebServer.java? How to run WebServer.java?
Somehow many of you missed this blog post. The code from Lecture 3 is posted there. As to how to run (or compile), please refer to . If you not as comfortable with command line as you should, you are free to use your favorite IDE (Eclipse, NetBeans, etc) to compile and run the server.
10 February, 2014.
“You Won’t Believe How Simple the UDP Protocol is. But The Complexity of TCP Will Make You Cry.”
We will continue our discussion of generic reliable protocols, finishing it off with Selective Repeat protocol.
We will then look at the two major transport protocols on the Internet, namely, UDP and TCP in more details.
Please read the following sections in the textbook. Reading:
Chapter 3 of KR.
Slides: PDF
We will discuss Problem Set 3 during the tutorial sessions of Week 5. Download the PDF version of Problem Set 3 here. Please attempt the questions before coming to class and be prepared to present your solutions.
Here is your first assignment. You may download the PDF version of Assignment 1 here. You have three weeks to complete this assignment in a team of two. The assignment is due on 21 February 2014. Some word of advice: