[cs615asa] HW4

Jan Schaumann jschauma at stevens.edu
Tue Apr 10 22:23:20 EDT 2018 

All,

I've just sent out grade for HW4.  If you have not received your grade,
please let me know asap.

A few notes about the homework, as usual:

As discussed in class, many of you need to get in the habit of providing
more details, of better describing what it is you're doing and _why_
you're doing it.

For any finding, ask yourself these questions:
Did you expect this result?  Does the result make sense to you?  If you
answered either question with "no", find an explanation.


As evident from HW5, it also pays to _ask questions_.  The assignments
in this class are not intended to trick you; they are intended to guide
you to finding the answers.  If anything is not clear or does not make
sense the right approach is to ask a follow-up question, not to shrug
and move on.

A more detailed analysis of the DNS queries was covered in class, but
I've also put together a write-up that I hope will be useful for you in
revisiting the assignment:
https://www.netmeister.org/blog/dns-tcpdump.html

Revisiting the lecture slides may also be a good idea to help you
confirm your understanding:
https://www.cs.stevens.edu/~jschauma/615/slides/lecture06.pdf

A few things not noted there:

When you run the HTTP request against Twitter, you will get a 404
response; this does not happen when you try to do this in the browser.
Was this expected?  Does this make sense?  Have you tried using e.g.
HTTP 1.1 instead of 1.0 and does that change the result?  If so, why?


Twitter's nameservers appear to be run by Amazon and/or a company called
Dyn (now owned by Oracle) -- is that expected?  You may have heard of
Dyn from a major internet outage two years go:
https://en.wikipedia.org/wiki/2016_Dyn_cyberattack
Does that mean Twitter should not use that service?  What kind of factor
would influence your decision as to whether to outsource a critical
service such as DNS?


The reverse lookup exercise appears to have been glossed over by many of
you, yet there are many really interesting aspects hidden in the tcpdump
data.  Please revisit the exercise and compare to what you've
(hopefully) learned regarding the ownership of netblocks in Lecture
05.  Take not of which netblocks are allocated to which organizations,
and how a privately run organization ("tastylime.net") can manage the IP
space used by a major open source project (the NetBSD project).  Not
everything is run by huge corporations; at the bottom of it all, there's
individual human beings making things work.


-Jan

More information about the cs615asa mailing list