Cisco Systems CCNA 2 manual Denial of service attacks, Windowing and window size

3.The source host responds with a simple acknowledgement of y + 1 to indicate that it received the previous ACK. This finalizes the connection process.

The three-way handshake is an important concept for the student to understand. A relevant TI from CCNA 2 v2.1.4 is 9.1.6.

10.1.3 Denial of service attacks

Denial of service (DoS) attacks are designed to deny services to legitimate hosts that attempt to establish connections. DoS attacks are commonly used by hackers to halt system responses. One example is SYN flooding, which occurs during the three-way handshake process. As a packet with the SYN bit set is sent, it includes its IP address and the destination IP address. This information is then used by the destination host to send the SYN/ACK packet back. In the DoS attack, the hacker initiates a synchronization but spoofs the source IP address. The destination device responds to a non-existent, unreachable IP address and is placed in a waiting state. This waiting state is placed in a holding area that uses memory. Hackers flood the host with these false SYN requests to deplete all the connection and memory resources of the host. To defend against these attacks, system administrators may decrease the connection timeout period and increase the connection queue size. This is an important concept for the students to understand to help prevent hackers from creating chaos in a network.

10.1.4 Windowing and window size

Data is often too large to be sent in a single data segment. TCP breaks data into segments. A good analogy is small children who cannot eat large pieces of food. Their food must be cut into smaller pieces to be eaten. Another way to explain the advantages of this segmentation is to ask the students to imagine a 200-MB file that needs to be transferred. Ask students the following questions:

•What if networking did not allow the file to be segmented?

•How long would the other hosts on the network have to wait to get any network access?

Even without an exact answer the students can see the inefficiency of streaming on all the other hosts. Calculate the wait with the formula (200MB x 8bits/byte)/media speed.

After data is segmented, it must be transmitted to a destination device. Flow control regulates how much data is sent during a transmission. The process of flow control is known as windowing. Window size determines how much data can be transmitted at one time. The host must receive an ACK before any more data can be sent. TCP uses sliding windows to determine transmission size. This allows for negotiation of the window size to allow for more than one byte to be sent. This allows for the destination device to tell the source to decrease or increase the amount of data being sent. This is an important concept for the students to understand. This helps the student understand the entire process of TCP and why it is considered reliable and connection-oriented.