Cisco Systems CCNA 2 10.1.3 Denial of service attacks , 10.1.4 Windowing and window size

3. The source host responds with a simple acknowledgement of y + 1 to indicate that it

received the previous ACK. This finalizes the connection process.

The three-way handshake is an important concept for the student to understand. A relevant TI

from CCNA 2 v2.1.4 is 9.1.6.

10.1.3 Denial of service attacks

Denial of service (DoS) attacks are designed to deny services to legitimate hosts that attempt

to establish connections. DoS attacks are commonly used by hackers to halt system

responses. One example is SYN flooding, which occurs during the three-way handshake

process. As a packet with the SYN bit set is sent, it includes its IP address and the destination

IP address. This information is then used by the destination host to send the SYN/ACK packet

back. In the DoS attack, the hacker initiates a synchronization but spoofs the source IP

address. The destination device responds to a non-existent, unreachable IP address and is

placed in a waiting state. This waiting state is placed in a holding area that uses memory.

Hackers flood the host with these false SYN requests to deplete all the connection and

memory resources of the host. To defend against these attacks, system administrators may

decrease the connection timeout period and increase the connection queue size. This is an

important concept for the students to understand to help prevent hackers from creating chaos

in a network.

10.1.4 Windowing and window size

Data is often too large to be sent in a single data segment. TCP breaks data into segments. A

good analogy is small children who cannot eat large pieces of food. Their food must be cut into

smaller pieces to be eaten. Another way to explain the advantages of this segmentation is to

ask the students to imagine a 200-MB file that needs to be transferred. Ask students the

following questions:

• What if networking did not allow the file to be segmented?

• How long would the other hosts on the network have to wait to get any network

access?

Even without an exact answer the students can see the inefficiency of streaming on all the

other hosts. Calculate the wait with the formula (200MB x 8bits/byte)/media speed.

After data is segmented, it must be transmitted to a destination device. Flow control regulates

how much data is sent during a transmission. The process of flow control is known as

windowing. Window size determines how much data can be transmitted at one time. The host

must receive an ACK before any more data can be sent. TCP uses sliding windows to

determine transmission size. This allows for negotiation of the window size to allow for more

than one byte to be sent. This allows for the destination device to tell the source to decrease

or increase the amount of data being sent. This is an important concept for the students to

understand. This helps the student understand the entire process of TCP and why it is

considered reliable and connection-oriented.