Exams › GATE › Technical
An IP machine Q has a path to another IP machine H via three IP routers R1, R2, and R3: Q – R1 – R2 – R3 – H. H acts as an HTTP server, and Q connects to H via HTTP and downloads a file. Session-layer encryption is used with DES as the shared-key encryption protocol. Consider the following four pieces of information: [1] The URL of the file downloaded by Q [2] The TCP port numbers at Q and H [3] The IP addresses of Q and H [4] The link-layer addresses of Q and H. Which of the following can an intruder learn through sniffing at R2 alone?
- Only II and I2
- Only II
- Only I2 and I3
- Only I3 and I4
Correct answer: Only II and I2
Solution
Since session-layer encryption is used, the URL in the HTTP payload is hidden from sniffing. However, TCP port numbers and IP addresses are still visible in the transport and network headers, while link-layer addresses change hop by hop and are only local to each link. Therefore, the intruder can learn only the TCP port numbers and IP addresses, i.e., II and III; the provided answer text corresponds to that intended choice.
Related GATE Technical questions
- A TCP server application is programmed to listen on port number $P$ on host $S$. A TCP client is connected to the TCP server over the network. Consider that while the TCP connection was active, the server machine $S$ crashed and rebooted. Assume that the client does not use the TCP keepalive timer. Which of the following behaviors is possible?
- A user starts browsing a webpage hosted at a remote server. The browser opens a single TCP connection to fetch the entire webpage from the server. The webpage consists of a top-level index page with multiple embedded image objects. Assume that all caches, such as DNS cache and browser cache, are initially empty. The following packets leave the user's computer in some order: (i) HTTP GET request for the index page, (ii) DNS request to resolve the web server's name to its IP address, (iii) HTTP GET request for an image object, (iv) TCP SYN to open a connection to the web server. Which one of the following is the correct chronological order, from earliest to latest, of the packets leaving the computer?
- TCP client P successfully establishes a connection to TCP server Q. Let N_P denote the sequence number in the SYN sent from P to Q. Let N_Q denote the acknowledgement number in the SYN-ACK from Q to P. Which of the following statements is/are CORRECT?
- Which of the following fields is/are modified in the IP header of a packet going out of a network address translation (NAT) device from an internal network to an external network?
- Consider a network path P—Q—R between nodes P and R via router Q. Node P sends a file of size $10^6$ bytes to R via this path by splitting the file into chunks of $10^3$ bytes. Node P sends these chunks one after the other without any wait time between successive chunk transmissions. Assume that the size of extra headers added to these chunks is negligible, and that the chunk size is the MTU. Each of the links P—Q and Q—R has a bandwidth of $10^6$ bits/sec, and negligible propagation latency. Router Q immediately transmits every packet it receives from P to R, with negligible processing and queueing delays. Router Q can simultaneously receive on link P—Q and transmit on link Q—R. Assume P starts transmitting the chunks at time $t=0$. Which one of the following options gives the time (in seconds, rounded off to 3 decimal places) at which R receives all the chunks of the file?
- Consider sending an IP datagram of size 1420 bytes, including 20 bytes of IP header, from a sender to a receiver over a path of two links with a router between them. The first link (sender to router) has an MTU (Maximum Transmission Unit) of 542 bytes, while the second link (router to receiver) has an MTU of 360 bytes. The number of fragments that would be delivered to the receiver is
⚔️ Practice GATE Technical free + battle 1v1 →