Homework Sets

Additional Homework Policies and Clarification

Internet Foundations

Standards

  1. What is an RFC?
  2. What does ISO mean?
  3. If you wanted to be a part of the creation of IPv7, what group would you work with?
  4. What RFC(s) define SMTP?
  5. What are the advantages of ISO-8601 time coding?
  6. What are the disadvantages of ISO-8601 time coding?
  7. When was/is this: 030203?
  8. What is the difference between a Conforming and a Validating system?
    1. When would you want one over the other?

History

Spend time in the Internet Society's Internet pages, http://livinginternet.com and Hobbe's Internet Timeline.

  1. Who was the first person to be declared a munition? When and why?
  2. Where were/are the five main NAPs in the USA?
  3. Why did the ARPANET lock up on December 25, 1973?
  4. What happened on December 12, 1986?
  5. What year did the Internet backbone start getting OC48?

Character Sets/Encodings

All questions refer to the Universal Character Set unless otherwise noted. You may need to refer to Dr. Toal's character encoding page in order to complete this assignment. You also may have to use Google to search for information on the UCS and the US-ASCII character sets.

  1. What is a character?
  2. What is a repertoire?
  3. What is a code point?
  4. What is the code point of 'PLUS SIGN'?
  5. Using the utf-8 encoding method, how would the string 'Hello World' be encoded?
  6. How would the string 'Hello World' be encoded using the US-ASCII character set?
  7. Explain what would happen if a US-ASCII document were processed under the assumption that it was a utf-8 document?
  8. What is the difference between code points and encodings?
  9. How do a character and a glyph differ?
  10. Why is the UCS valuable, what benefits do we get from it that cannot be obtained using a collection of character sets such as the ISO-8859 series?

Unix

IP

  1. Research the following commands (hint: use the man program) ping, traceroute, route, dig, nslookup, host, arp, rarp, netstat, ifconfig and lsof. Experiment with each, but use care if doing so as root so that you do not trash your system.

    Turn in the output (either via script(1) or cut/paste from a terminal) of a non-trivial run of the following utilities. Annotate each with a description showing what each part of the output represents.

    1. ping
    2. traceroute
    3. netstat
    4. ifconfig

  2. Write a perl script to display the IP address and hostname of the machine it is running on. If you have never written a Perl script, now's your chance to learn the language!

  3. Draw a picture of two networks with three hosts, each connected by an IP router. One network uses 26 bits for the network part and the other uses 18. Label each host, router and network with sample IP addresses. Make sure the addresses are consistent. Use the slash notation. Give a routing table for one host.

  4. Explain why the subnetmask 255.255.255.254 is practically useless, or at least, why you would feel bad if your boss assigned you and your workstation to a subnet with that mask.

UDP

  1. What congestion-control and delivery-order strategies are used in UDP?
  2. Under what circumstances would UDP be better than TCP?
  3. Under what circumstances would UDP be worse than TCP?

ICMP

TCP

  1. Under what circumstances would TCP be better than UDP?
  2. Under what circumstances would TCP be worse than UDP?
  3. How does a host know that an IP packet belonging to a TCP connection has gone missing?

  4. Most client-server programs written in Java using the simple Socket API all look the same: the server waits in a loop, gets a connection and spawns that thread to talk with the client so that it can immediately return to waiting. Write a java class that takes care of all this "framework logic" so that anyone writing a client-server Java application need only supply specific service logic, while allowing the framework class to handle the details of waiting and spawning threads.

    Hint: A simple way to do this is to define a thread class that stores the socket returned from the server's accept() method; all specific services will extend this thread class.

    Pay attention to cleaning up resources (e.g. closing sockets)

    Extra credit: Explain why the hint above could be a bad Java based solution from an object orientation standpoint.

  5. Rewrite the Capitalization server from Dr. Toal's courseware to make use of your generic server class.

Ethernet

  1. What do switches do with Ethernet frames that have all binary 1's in the six bytes following the preamble?
  2. What is the smallest ethernet frame that may be transmitted on a 100MB link?

DNS

  1. Retrieve and turn in the SOA record for lmu.edu, annotate it to explain what each of the fields mean.

  2. Use dig (or a similar tool to find the following

    1. The IP Address of google.com
    2. The authority for the "in-addr.arpa" domain
    3. The authorities for ".biz", ".cx" and ".us" domain
    4. The names and IP addresses for all the world's root servers
    5. The domain names associated with 209.104.35.16
    6. The mail hosts for earthlink.net
    7. The refresh interval for the citysearch.com zone

  3. If your network administrator said that your organization should limit all of its domain names to three segments (as opposed to having no limits) so that all names would resolve faster, you'd rightly conclude your administrator doesn't understand DNS very well. Why is this comment stupid? What really determines how quickly names resolve?

Cryptography and Security

OpenPGP

  1. Select and install an OpenPGP compliant cryptography application. Alternately, you may make use of a system that already has one installed.
  2. Generate a public/private key pair for use in this class, set its expiration date for December 30, 2003.
  3. Download and import my public key available at http://www.technocage.com/~caskey/pubkey.txt
    How do you know that this is, in fact, my public key and not someone elses?
    ...are you really sure?
  4. If you are sure, would you be willing to bet your grade in the class on it? If you are not sure, what would it take for you to be sure that this is my key?
  5. Export your public key and email it to me.

Buffer Overflows

  1. Research the security advisory put out by Network Associates regarding Linux Blind TCP spoofing, that affected all Linux kernels up through 2.0.35. Make sure you understand it. Then write a short paper (3-4 pages) describing the problem. Include figures, at least one of which shows a successful exploit.

OpenSSL (++)

Using the OpenSSL tool suite, try and figure out the command to create a self-signed pkcs certificate.

  1. Turn in the certificate you generated as a single file containing the public, private and certificate portions of the key in ascii-armored format.
  2. Show the command(s) you used to generate this file. Bonus points will be awarded for turning in output from script(1) or similar terminal recording tool.

Internet Applications

Business Analysis

This problem must be answered for three different businesses or entities. Each answer is to be in the form of a one to two page report on that entity that reads as a proper, if brief research paper.

Extra credit will be awarded to students whose solution sets do not include any web sites.

Find organizations or applications that make use of the internet either wholly or partially, publicly or internally to help in their service to customers or users. Examples of businesses that use the internet wholly for their operations would be e-Bay and Amazon. Examples of applications would be ICQ and AIM and examples of businesses that use the internet internally would be LucasFilm which used the Internet to deliver digital ``dailies'' from production in New Zeland to their home office in California.

  1. Desribe the businesses/applications and briefly (2 paragraphs maximum) give a synopsis of what their purpose or business activity is.
  2. Describe in at least 1 paragraph how the internet is used by these organizations or applications to provide functionality to their users/customers, or reduce costs or add value. Also, if applicable, describe how their service appears to make use of the unique capabilities of the Internet that would not be possible using traditional corporate WAN technologies.
  3. For each of these applications, describe how, if at all, the service would be different if the Internet was not generally available. What other technologies or means could be used to provide the service.
  4. How would this business suffer from temporary outages of internet accessibility? (Temporary meaning an outage of several hours to several days.) Bonus points if you can identify different kinds of effects to their business

FTP

Perform a file transfer session by telnetting to port 21 on a machine with an ftp server. At least log in anonymously, transfer a text file, transfer a binary file, and list the contents of a directory. Show exactly the commands you entered and the responses you received.

SMTP

  1. Given the following message, where should bounces be sent to?

    Return-Path: <1@example.com>
Delivered-To: 2@example.edu
Received (qmail 20289 invoked by uid 501); 9 Jul 2143 06:16:38 -0000
Received: from unknown (HELO mx1.example.com) (10.3.1.5)
  by mx1.example.edu with SMTP; 9 Jul 2143 06:16:36 -0000
Mail-Followup-To: 3@example.com
Received:  from localhost (HELO localhost) (user@127.0.0.1)
  by localhost with SMTP; 9 Jul 2143 06:14:33 -0000
Date: Wed, 9 Jul 2143 08:14:31 +0200 (CEST)
From: Five <5@example.com>
Sender: 6@example.com
Reply-To: 7@example.com
To: 3@example.edu
Subject: Hello
Message-ID: <5128d6330150@mx1.example.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1

Hello world!

    Justify your answer with citations

  2. Write a Java application that takes an email address as a parameter and sends that mailbox a message from itself. It can be a simple command line application that takes the email address as an argument and uses a default subject and message text, or (better) a Swing application with textfields for the "victim" and subject, and a textarea for the message. Do a good job on constructing realistic message headers (including putting the current date in the right format).

HTML/XHTML

Home page

Design and create a home page which will be used specifically for this class. The page must clearly indicate the owner of the page and have sections for you to link to copies of the work you will do for this course.

The page must also contain a link to the course home page, as well as at least three other students in the class. Cliques are good and you may go out of your way to construct specific ones and identify them on the page, likewise partitions in the class web of pages will be frowned upon. Reciprocal links are not strictly necessary, but are encouraged.

Browsing Salesman

Bonus points will be awarded to the whole class if I am able to navigate from the course homepage (which will have a link to each of your pages), to a randomly selected student, through every student page and back again without having to return to the course home page. Those that can evidence to me that they worked to coordinate and ensure that this occured will also be rewarded for their resourcefulness.

Browsers

Write a single (brief) XHTML document and view it under any two web browsers that use different rendering engines and purport to support XHTML. Use as many different XHTML tags as you can, use the list of block and inline tags to find ones you may have missed. You should also use style sheets to set the border and margin properties of the elements.

  1. Does this document render similarly in the two web browsers? If dissimilar, would you characterize the difference as drastic, merely cosmetic, or something in between?
  2. Take screen shots of each browser and submit them along with the page that produced the output. Note on them where they differ.
  3. Try and produce, in as brief a format as possible, a single XHTML document that renders as wildly different in your two selected web browsers. Turn in screen shots of each along with a description of how you believe the browsers are misinterpreting your page.

XHTML Questions

Find and read the XHTML 1.0 standard.

  1. Why can't you say <li compact> in XHTML?

JavaScript (ECMAScript)

At your option you may do all of these problems on a single page, or have a separate page for each one.

  1. Modify the add.xhtml sample javascript page to add three more buttons, "-", "/" and "*". Use the onclick attribute to cause them to perform the indicated function and store it's value in input 'c'.
  2. Write a page with two input boxes and a button so that the user can type into each of them, and when the button is pressed, an alert box is brought up saying whether or not the first box has any characters in common with the second.
  3. Create a page like http://www.technocage.com/~caskey/lmu/examples/javascript/xhtml/rollovers.xhtml except with four different images that change when the user's pointer passes over them.
  4. Create a page with three buttons labeled red, green and blue. When each of these buttons is pressed, the background color of the page should change to the color specified.
  5. Create a page with four paragraphs which have the id's 'one', 'two', 'three' and 'four'. Make a button with the label 'switch' which takes the paragraphs and swaps each with the next higher named one. (one switches place with two, three with four)
  6. Copy your solution to the first problem, and add + and - buttons next to each field which increment and decrement the value in the field when clicked on.

JavaScript (ECMAScript) Part Deux!

Since some people are having trouble finding this documentation, don't forget to make use of the DOM2 info at the w3c! These documents describe what the functions and properties are that come built into the DOM objects.

  1. After making sure that your color solution above doesn't make use of document.bgColor, make a new version which starts out with four paragraphs, each with their own foreground/background color combination. Each of the first three paragraphs should have a button in it which when pressed changes the foreground and background colors of the fourth to match the one that the button was in.
  2. Create a web page with a text input box with a label that says 'color'. The text input should have a button next to it that, when clicked, sets the background of the paragraph to that color.
  3. Create a page with two buttons on it beneath which is a paragraph of text. One button, when clicked, should increase the size of the margins of the paragraph, the other should decrease them.
  4. Take the previous problem and modify it so that there are buttons that manipulate each border (top, left, bottom, right) growing and shrinking it independently of the others.
  5. Create a page with a text input and a button. When the user types into the text input and clicks the button, a new list-item should be added to a bulleted list below the input.
  6. Modify the previous one so that as each list item is added, it is followed by a button which, when clicked, removes that item from the bulleted list.
  7. Create a page with six input boxes and two buttons with the labels 'up' and 'down'. When 'up' is clicked on, the text in each box should move to the box above it, with the text in the first box moving to the bottom box. The down button works similarly, but in reverse. If done correctly, after six clicks, all the text should be back in its original box.
  8. Create a web page with a series of nested unordered lists like the ones below. Right after the page loads, only the first level (a,b,c,d) should be visible, but when clicked upon, the items inside of that list should appear. When clicked upon a second time, the list of items inside that item should be hidden from view.
    Original listList after page is first loadedList when 'a' has been clicked uponList when 'a' and 'd' have been clicked upon List after 'a' has been clicked again
    • a
      • a1
      • a2
    • b
      • b1
      • b2
    • c
      • c1
      • c2
    • d
      • d1
      • d2
    • a
    • b
    • c
    • d
    • a
      • a1
      • a2
    • b
    • c
    • d
    • a
      • a1
      • a2
    • b
    • c
    • d
      • d1
      • d2
    • a
    • b
    • c
    • d
      • d1
      • d2

URIs

RFC 2396

Find and read RFC2396.

  1. Why is it useful to have a definition for URIs separate from the one used to define URLs?
  2. Give three examples of a (well formed) URN and describe the semantics you intend it to be interpreted with.
  3. Why can you only unescape a URI once?
  4. On a web server, configured with /www as the webroot, /home as the personal directories and public_html/ as the web dir, where, according to RFC2396 might the web server interpret this file as being located? http://www.example.edu/~alice/path%2Fto%2Fdata%2Finfo.html
  5. For the URL in the previous question, try it on a web server you have access to.
  6. Write a command line application in POSIX C, called uriparse, that takes a single commandline argument, a uri and writes to standard output each of the URI components, decoded if necessary.

  7. Imagine a service called snurl which given a snurl server, a timestamp and a url, returns metadata about that URI as it existed at the time in the timestamp. Snurl servers are ordinary internet hosts running snurld.

    The URI in question is encoded as the path_segments part of the URI, the desired timestamp is encoded as an ISO-8601 timestamp as the query part of the uri and the scheme is, of course snurl

    Encode the first three URIs in the URI Practice section using this url format. You may use dates and times of your choosing.

  8. Devise a scheme by which you could enable different codesets to be used in HTTP URLs. The scheme must not break existing web browsers, nor may it allow 'garbage' requests to be sent when a URL is decoded improperly.

URI Practice

For each of the following, determine if they are well formed, and if not, specify exactly why. Some may have multiple well-formedness errors. Some may be strictly well formed but go against the recommendations for the structure of URIs, where applicable point this out and suggest a solution.

  1. http://www.google.com/search?q=URI
  2. http://straitstimes.asia1.com.sg/latest/story/0,4390,198682,00.html
  3. isbn:0-201-72152-X
  4. Subject: Hello world!
  5. c:/dos/mscdex.exe
  6. http:/%32%3F%42%92
  7. http://www.lmu.edu/#cmsi/dean
  8. http://www.lmu.edu/go?cs#dean
  9. http://12593815/images/12/
  10. "" (the empty string)

XML

XML - Reading DTDs

Take the DTD available at gedcom.dtd along with the biographical data at gedcom-sample.txt and produce an XML document that encodes all the data in the text file.

XML - Writing DTDs

Take the XML document at calendar.xml and produce a DTD that documents it. The existing document must pass a validating parser using your DTD. Feel free to extend the DTD to add more capabilities than are present in the sample. Extra points will be awarded for creativity.

DTD Project One

Go into PROWL and look up your unofficial transcript. Using it as a model (the content, not the HTML), devise your own XML markup to encode all of the student information that is contained in a transcript.

  1. After designing an XML document, write a DTD which describes that document.

    Don't forget to include all of the information that appears in the transcript, though be sure to replace your actual transcript information with made-up information.

  2. Now that you have a working DTD, write three short, valid documents with made-up content that use this DTD. These documents should demonstrate the variety of possible values that are allowed by your DTD.

You might want to make use of a validating parser to test your document against your DTD. This isn't strictly required, but may improve your grade by catching well-formedness and validity errors. Also, the XML textbook will be your best friend for this assignment. Read thoroughly the chapter on DTDs.

XML Advanced

Take one of the data sets and formats below, then design a DTD defining an XML document format to encode that data. You may, at your option, select an unlisted data set, however it must be non-trivial and have a documented format.

After designing your DTD, encode a meaningful amount of data using it. Meaningful means at least 20 records if they are of address-book or bibliography size. The sample records must demonstrate usage of all of the attributes and options defined in your DTD.

Bonus points will be awarded if you include a program to automatically convert a data set into your new XML format.

DOM

For each of the XML documents below, draw a UML Object Diagram that shows the DOM parse-tree of the document. In each Object's box, list the attributes that are specified, if any. Don't forget to appropriately label the objects that have ids.

  1. http://www.technocage.com/~caskey/lmu/examples/xml/xhtml/minimal.xhtml
  2. http://www.technocage.com/~caskey/lmu/examples/xml/xhtml/object.xhtml
  3. http://www.technocage.com/~caskey/lmu/examples/xml/xhtml/simple-document.xhtml
  4. http://www.technocage.com/~caskey/lmu/examples/javascript/xhtml/factorial2.xhtml
  5. http://www.technocage.com/~caskey/lmu/examples/javascript/xhtml/factorial.xhtml
    For this factorial.xhtml problem, draw two diagrams, one showing the DOM tree before the onload function is run, the second showing what it looks like afterward. This will require understanding how the javascript modifies the tree. View-Source will not show you the generated document.
  6. http://www.technocage.com/~caskey/lmu/CMSI361/syllabus.xhtml

WWW

HTTP

  1. Write an (annoying) web server in Java that answers every HTTP request with a random response code that is anything but 200. Keep the program down to around 20 lines of source code.

  2. Write a command line application in POSIX C, called httphead, that takes a single commandline argument, a uri whose protocol is http, and writes to standard output, the HTTP header that would be sent from a GET request of that uri. You may use your uriparse program as a starting point.

    Bonus points will be awarded if you modify uriparse so that it changes its behavior based upon the name that it is called with.

RSS/RDF

Starting points and important reading

RSS 0.9x

Take your personal page and make an RSS feed using any version 0.9x you like. The feed should include all of your homework assignments, including resubmissions. Don't forget to add in the RSS itself as the most recent entry.

RSS 1.0

Take the RSS created in the previous problem and make it into an RDF Site Summary.

UI Design

Controls

It's said by UI designers that the 3D button motif affords pushing. Think about the horizontal and vertical scroll bars used in GUIs nowdays. Does the scroll bar afford dragging or clicking? Can you think of a better design for a scroll bar that might afford interaction? Write a 1-2 page paper discussing the design of the scrollbar. You may take the position of defending its current appearance, or challenging it.

Bonus points will be awarded if you propose an alternative design and justify its use.

Site Design

As an LMU student you have had ample opportunities to interact with the registrar's PROWL system and experience its pros and cons. Write a 1-2 page paper analyzing the PROWL's gui, either broadly or take a specific aspect and analyze it in detail. Be sure to include an anlysis of the intended audience and at least one paragraph discussing the technological and social implications of the GUI design.

Does the university PROWL system enable handicapped members of the LMU community to register for classes? Do you suppose this is a design or implementation issue?

3 Column Layout

Do not forget: as mentioned in the syllabus, the Keck Computer Lab provides all the resources you need to complete these assignments. Working outside the lab is neither supported nor encouraged. You may do your work outside the lab, however you are responsible for any techical issues that may arise.

Using only CSS and XHTML (no tables), create a series of three column layouts with the following properties. Each of these should use the color scheme below to identify the different portions (if they have the given element). Place each page at a publicly accessible URL, each of these assignments should have in their 'navigation' section links to the other assignments. You will turn in ONLY a piece of paper with the URL of question number 1. Any particulars of the layout that are not listed here may perform any way you choose (e.g. resizing behavior).

  1. A 3 column layout with fixed 200 pixel sides and a 600 pixel center 'content' pane. When resized too narrow the layout need not continue to look correct, however when resized too wide the layout should stay on the left-side of the screen.
  2. The same layout as above, but which when resized too small, the content forces a horizontal scrollbar to appear.
  3. The same layout as above, but which when resized too large, the content is always centered on screen.
  4. The same layout as question 1, but with a header that is exactly the same width as the three columns.
  5. The same layout as question 3, but with a header and footer that is exactly the same width as the three columns.
  6. A two-column layout where the content area uses the full width of the screen.
  7. A three column layout where the left and right columns are 250 pixels wide, but the center content area uses up all remaining space on the screen. The columns should always be flush against the sides of the browser.
  8. Same as the previous question but with a header and footer that also stretch the full width of the screen.

main content
Place several paragraphs of placeholder content in the main content area. Be sure to include headings and subsections. Look to sites like Wikipedia if you need content to cut and paste.
left column
(If required,) Should always be narrower than the main content area on the page, place 5-20 li navigation elements implying other areas of the site that the user could navigate to. For clear identification, make the background of this element some shade of green. See Amazon for what left-navigation links should look like, but ignore their particular XHTML for creating the layout, they use tables.
right column
(If required,) Should always be narrower, place 3-10 supplimental content elements. Either site sponsor advertisements, or 'teasers' of additional content elsewhere on the site. For clear identification, make the background of this element some shade of blue. Again, Amazon makes heavy use of supplimental content boxes for cross-marketing if you need an example of how this looks in practice.
header bar
(If required,) Should be vertically thin and contain at least some form of site title. For clear identification, make the background of this element some shade of yellow.
footer bar
(If required,) Should be vertically thin and contain links to various meta-site content. Copyright notices, privacy policies, contact information, etc. For clear identification, make the background of this element some shade of purple.

Valid XHTML 1.0!