Last Articles

Most popular password

Fake ARP-server on the Internet

Why can not I log in as an administrator from any location?

Идентификаторы защиты (SID)

Can you trust a domain that is connected to the Internet?

Administrative boundaries: the forest or domain?

The basic principles of security

Protection system in Windows - Fact or Fiction

Chronology of the ARPANET - INTERNET

Network Information Security: Myths and Realities Omnipotence hackers

Network security model and resource sharing

Remote attacks on distributed computing systems

Characteristics and mechanisms of implementation of standard remote attacks

Administrative methods to protect against remote attacks on the Internet

Control of virtual connections in the distributed CS

Control over route messages to the distributed CS

Pros and cons of a distributed aircraft with dedicated channels

Mythical remote attacks on the Internet

Malfunction host on the network

Substitution of one of the subjects TCP-connections on the Internet

Control over route messages to the distributed CS

 As is known, each object distributed CS should have the address, unique identifying him. In order for a message from one object has been transferred to another facility of the system, it must pass through a chain of routers, whose task analyzing the destination address in the message, select the optimal route and, from him to forward the package or the next router or directly to the subscriber if it is directly connected to this site.

  Thus, the route to the object is a chain of nodes traversed by the message.

  This task, on the one hand, we can solve by introducing additional identification of messages on the other, higher-level OSI. Thus, addressing is carried out at the network level, and additional identification, such as transport. However, this solution is not to avoid the problem of control over the creation of connections, since the identification of additional subscribers will be possible only after the establishment of the connection.

  Therefore, the developers of the distributed CS can offer the following solutions to the problem.

  In the first case, the function checks the authenticity of the sender's address could be allocated to the router. It's easy to do, because the router can track where the packet came to him (from another router, or from the connected host of the subnets directly connected to this router).

  The router can verify that the sender address with the address of the appropriate subnet from which the message arrived. In the case that a message is sent on, and otherwise - is filtered out.

  This method allows the initial stage of drop packets with invalid sender addresses. Another variant of the solution may be to create a special packet header fields, where each router through which the packet enters the routing information (part of the address, for example).

  In this case, the first router, which received a package that captures information about the network class (A, B, C), where the packet came. Nevertheless, the introduction of the package addresses of all traversed the path of routers to be a suboptimal solution, since in this case is difficult to determine in advance the maximum size of the packet header.

  When the message reaches the final destination in the header will be fully marked traveled route. By this route, regardless of the specified package of network addresses of the sender, you can, firstly, to within a subnet to identify the authenticity of addresses and, secondly, to determine with accuracy the true subnet address. So, having received a similar message with the specified route network operating system analyzes the route and verifies the authenticity of the sender.

  In the event of the unreliability of the packet is discarded.

Top 5 most read

The basic rules of safe behavior on the Internet

What to do if you forget the BIOS password

How to crack passwords?

Social engineering as a way of committing crimes in the sphere of computer information

You forget your password. What should I do? Part 3

Copyright © 2010 BRV ISTCOM S.R.L.- раскрутка сайта