What is fragmentation?

- The fragmentation technique is implemented in the IP (internet protocol) for breaking down the datagrams into smaller pieces. 

- This is done so that it becomes easy for the data packets to be passed through the link with a datagram size smaller than that of the original MTU or the maximum transmission unit. 

- The procedure for the IP fragmentation along with the procedures for reassembling and transmitting the datagrams is given in the RFC 791. 

- For determining the optimal MTU path, the IPv6 hosts are needed so that the packets can be sent. 

- If in case the PDU i.e., the protocol data unit received by the router is larger than the MTU of the next hop, then there are two options are available if IPv4 transport is being used:

Ø Dropping the PDU and sending an ICMP (internet control message protocol) message indicating that the condition packet is quite big.

Ø  Fragmenting the IP packet and then transmitting it over the link whose MTU is smaller. Any IPv6 packet with a size less than or equal to 1280 bytes can be delivered without having the need for using the IPv6 fragmentation.

- If a fragmented IP packet is received by the recipient host, its job is to reassemble the datagram and then send it over to the protocols at the higher layers. 

- The purpose of reassembling is expected to take place at the recipient’s host side but for some practical reasons it might be done by some intermediate router. 

- For example, the fragments might be reassembled by the NAT (network address translation) for translating the data streams. 

- Excessive re-transmission can result as a consequence of the IP fragmentation whenever packet loss might be encountered by the fragments. 

- It is required for all the reliable protocols (example, TCP) for re-transmitting the fragments in their correct order for recovering from the single fragment loss. 

Thus, typically two approaches are used by the senders for determining datagrams of what size should be transmitted over the network:

1. First approach: The sender must transmit an IP datagram of size as same as that of the first hop’s MTU.
2. Second approach: Running the path MTU discovery algorithm.

- Fragmentation does leave an impact on the network forwarding. 

- When there are multiple parallel paths for the internet router the traffic is split by the technologies such as the CEF and LAG throughout the links via some hash algorithms. 

- The major goal of this algorithm is to make sure that all the packets with the same flow are transmitted out on the same path for the minimization of the not so required packet reordering. 

- If the TCP or UDP port numbers are used by the hash algorithm, the fragmented packets might be forwarded through different paths. 

- This is so because the layer 4 information is contained only in the first fragment of the packet. 

- As a result of this, usually the initial fragment arrives after the non-initial fragments. 

- This condition is often treated as an error by most of the security devices in the hosts.  

- Therefore, they drop these packets.

- The fragmentation mechanism differs in IPv4 and IPv6. 

- In the former, the fragmentation is performed by the router. 

- On the other hand, in IPv6 fragments that are larger than MTU are dropped by the routers.

- Also, in both the cases there is a variation in the header format. 

- Since fragmentation is carried out using analogous fields, therefore the algorithm can be used again and again for the purpose of fragmentation and reassembling. 

- A best effort should be made by the IPv4 hosts for reassembling the datagram fragments. 

What are the differences between bridges and repeaters?

Bridges and repeaters are both important devices in the field of telecommunications and computer networking. In this article we discuss about these two and differences between them. 

- The repeaters are deployed at the physical layer whereas one can find bridges at the MAC layer. 

- Thus, we called repeaters as the physical layer device. 

- Similarly, bridge is known as the MAC layer device. 

- Bridge is responsible for storing as well forwarding the data packets in an Ethernet.

- Firstly, it examines the header of the data frame, selects few of them and then forwards them to the destination address mentioned in the frame. 

- Bridge uses the CSMA/CD for accessing a segment whenever the data frame has to be forwarded to it.

- Another characteristic of a bridge is that its operation is transparent. 

- This means that the hosts in the network do not know that the bridge is also present in the network. 

- Bridges learn themselves; they do not have to be configured again and again. 

- They can be simply plugged in to the network. 

- Installing a bridge causes formation of LAN segments by breaking a LAN. 

- Packets are filtered with the help of bridges. 

- The frames that belong to one LAN segment are not sent to the other segments. 

- This implies separate collision domains are formed. 

The bridge maintains a bridge table consisting of the following entries:

1. LAN address of the node
2. Bridge interface
3. Time stamp
4. Stale table entries

- Bridges themselves learn that which interface can be used for reaching which host. 

- After receiving a frame, it looks for the location of the sending node and records it.

- It keeps the collision domains isolated from one another thus, giving the maximum throughput. 

- It is capable of connecting a number of nodes and offer limitless geographical coverage. 

- Even different types of Ethernet can be connected through it. 

- Even the repeaters are plug and play devices but they do not provide any traffic isolation. 

- Repeaters are used for the purpose of regenerating the incoming signals as they get attenuated with time and distance. 

- If physical media such as the wifi, Ethernet etc. is being used, the signals can travel only for a limited distance and after that their quality starts degrading. 

- The work of the repeaters is to increase the extent of the distance over which the signals can travel till they reach their destination. 

- Repeaters also provide strength to the signals so that their integrity can be maintained. 

- Active hubs are an example of the repeaters and they are often known as the multi-port repeaters. 

- Passive hubs do not serve as repeaters. 

- Another example of the repeaters are the access points in a wifi network. 

- But it is only in repeater mode that they function as repeaters. 

- Regenerating signals using repeaters is a way of overcoming the attenuation which occurs because of the cable loss or the electromagnetic field divergence. 

- For long distances, a series of repeaters is often used. 

- Also, the unwanted noise that gets added up with the signal is removed by the repeaters. 

- The repeaters can only perceive and restore the digital signals.

- This is not possible with the analog signals. 

- Signal can be amplified with the help of amplifiers but they have a disadvantage which is that on using the amplifiers, the noise is amplified as well. 

- Digital signals are more prone to dissipation when compared to analog signals since they are completely dependent up on the presence of the voltages. 

- This is why they have to be repeated again and again using repeaters. 

What are applications of flooding algorithm?

- Flooding algorithm and its many other variants are used as material distributing algorithm.

- This algorithm distributes the messages to all the hosts in the entire graph. 

- This algorithm since it acts like a flood and therefore has been named so. 

- In this simple yet useful distribution or routing algorithm, every packet that a node receives is transmitted to every other outgoing link. 

This algorithm is available in many variants but in every variant the following two things are common:

1. Each node acting as receiver and transmitter.

2. Each node responsible for forwarding received message to all its neighboring nodes except the one from which the message came. 

- Thus, the messages are eventually delivered to the hosts spread across the network. 

- Flooding algorithm might have been more useful if it would have been more complex. 

- Also, then it would have been possible to avoid the duplicate messages and infinite loops that occur because of them. 

Applications of Flooding Algorithm

In this article we list some of the application of the flooding algorithm.

1. Used in computer networking

2. Used in graphics

3. These algorithms are quite useful for solving numerous mathematical problems such as the maze problems.

4. Used for solving problems in the graph theory. 

5. Used in systems which make use of bridging. 

6. Used in systems like usenet.

7. Implemented in peer – to – peer file sharing

8. Flooding algorithms are often implemented as a part of some of the routing protocols as in OSPF, DVMRP and so on. 

9. It is also used in the protocols used in the ad hoc wireless networks.

10.There is a variant of flooding algorithm called the selective flooding which is capable on addressing various issues of flooding algorithm partially by allowing the packets to be sent only in the appropriate right direction. The packets are not sent on each and every line. 

11. Another variant of the flooding algorithm called the similarity algorithm is used graph matching algorithm. 

- This variant of the flooding algorithm is quite versatile and has got an application in the schema matching. 

- Matching the contents of the two data schemas has got an important role to play in many biochemical applications, e – business and other data warehousing applications etc. 

- The similarity flooding algorithm is based on a computation that is fixed and can be used across a number of scenarios. 

- Two graphs are passed to the algorithm as the input parameters. 

- These graphs might be of catalogs, schemas or even data structures etc. 

- The algorithm then produces a mapping between the corresponding nodes of the two graphs as output. 

- It depends on the goal of the matching what subset of the mapping has to be chosen using filters. 

- After the algorithm has been executed, a human tester is expected is expected to check and verify the results. 

- The results might be adjusted by the tester if required. 

- In this method, the accuracy of the algorithm is evaluated by number of the adjustments that are necessary.

- In some cases, an accuracy metric might be used for the estimation of the labor savings that could be obtained by the users by means of this similarity flooding algorithm for obtaining a first matching pair.

- Finally, this algorithm can be deployed as an operator of very high level in a test bed that has been implemented for the management of the output mappings and the information models. 

- There are different types of matching problems and thus each type requires following a different approach. 

- For example, the relational schemas can only be matched using SQL data types.

What are data gram sub-nets?

- A data gram is defined as the basic transfer unit used in the networks that operate with the help of packet switching network. 

- In such networks, the time of the arrival and delivery is not guaranteed. 

- Also, the network services do not guarantee that whether it will be an ordered delivery or not. 

- The first project to use the data grams was the CYCLADES which was again a packet switching network. 

- The hosts in this network were responsible for making a reliable delivery rather than relying on the network for doing so. 

- This they did using the data grams that were themselves so unreliable and by associating the mechanisms of the end to end protocols. 

- According to Louis Pouzin, there are two sources from which came the inspiration for the data grams namely the Donal Davie’s studies and simplicity of the things. 

- The concept of the data gram sub-net was eventually adopted for the formulation of the protocols such as apple talk, Xerox network systems and of course the internet protocol.

- Data grams are used at the first 4 layers of the OSI model. 

- Each layer has its own name for the data grams as we mention below:

1. Layer 1: chip (CDMA)
2. Layer 2: frames (IEEE 802.3 and IEEE 802.11), cell (ATM)
3. Layer 3: data packet
4. Layer 4: data segment

- A data gram is a data packet that is self-reliant. 

- This means it does not rely on any of the exchanges made earlier since the fixed connection between the two points of communication has no connection such as in a majority of the telephonic conversations. 

- Virtual circuits and data gram sub-nets are two equally opposite things. 

Data gram is defined as an independent and self-contained data entity by the RFC 1594 that carries sufficient information required for routing from one source to another without relying on the transporting network and the earlier exchanges between the two same hosts.

- The services offered by the data gram sub nets can be compared to the mail delivery services. 

- This is so because the user needs to mention only the destination address.

- However, this service does not give any guarantee of whether the data gram will be delivered or not and also does not provide any confirmation upon successful delivery of the packet. 

- These are of course two major disadvantages of the data gram sub nets. 

- In data gram sub nets, the data grams or the data packets are routed along a route that is created at the same time. 

- In data gram sub nets the routes are not predetermined. 

- This again has its disadvantages. 

- Also, the order in which the data grams have to be sent or received is not considered. 

- In some cases, a number of data grams having same destination might travel along various different routes.

- There are two components of every data gram namely the header and the data payload.

- The former consists of all the information that is enough for the routing purpose from source to the destination without being dependent on the exchanges that were made before between the network and the equipment. 

- The source as well the destination address might be included in the header as a kind of a field. 

- The data that is to be transmitted is stored in the latter part of the data gram. 

- In some cases the data payloads might be nested in to the tagged header. 

- This process is commonly known as the encapsulation. 

- There are various types of data grams for which various standards are defined by the internet protocol or IP. 

What are network layer design issues?

- The network layer i.e., the third layer of the OSI model is responsible for facilitating the exchange of the individual information or data pieces between hosts over the network. 

- This exchange only takes place between the end devices that are identified. 

- For accomplishing this task, 4 processes are used by the network layer and these are:

Ø  Addressing

Ø  Encapsulation

Ø  Routing

Ø  Decapsulation

In this article we focus up on the design issues of the network layer. 

- For accomplishing this task, the network layer also need s to have knowledge about the communication subnet’s topology and select the appropriate routes through it. 

- Another thing that the network layer needs to take care of is to select only those routers that do not overload the other routers and the communication lines while leaving the other lines and router in an idle state.

Below mentioned are some of the major issues with the network layer design:

1. Services provided to the layer 4 i.e., the transport layer.
2. Implementation of the services that are connection oriented.
3. Store – and  - forward packet switching
4. Implementation of the services that are not connection oriented.
5. Comparison of the data-gram sub-nets and the virtual circuits.

- The sender host sends the packet to the router that is nearest to it either over a point-to-point carrier link or LAN. 

- The packet is stored until its complete arrival for the verification of the check sum. 

- Once verified, the packet is then transmitted to the next intermediate router. 

- This process continues till the packet has reached its destination. 

- This mechanism is termed as the store and forward packet switching.

The services that are provided to the transport layer are designed based up on the following goals:

1. They should be independent of the router technology.
2. Shielding from the type, number and topology of the routers must be provided to the transport layer.
3. The network addresses that are provided to the transport layer must exhibit a uniform numbering plan irrespective of whether it’s a LAN or a WAN.

Now based up on the type of services that are offered, there is a possibility for two different organizations.

Offered service is Connection-less: 

- The packets are individually introduced in to the sub-net and the routing of the packets is done independently of each other. 

- It does not require any advance set up. 

- The sub-net is referred to as the data gram sub-net and the packets are called data-grams.

Offered service is connection-oriented: 

- In this case the router between the source and the destination must be established prior to the beginning of the transmission of the packets. 

- Here, the connection is termed as the virtual circuit and subnet as the “virtual circuit subnet” or simply VC subnet.

- Choosing a new router every time is a thing to be avoided and this is the basic idea behind the use of the virtual circuits. 

- Whenever we establish a connection, a route has to be selected from source to destination. 

- This is counted as a part of the connection setup only. 

- This route is saved in the routers tables that are managed by the routers and is then used by the flowing traffic. 

- On the release of connection, the VC is automatically terminated. 

- In case of the connection oriented service, an identifier is contained in each packet which tells the virtual circuit to which it belongs.

- In data-gram sub-net circuit setup is not required whereas it is required in the VC circuit. 

- The state info is not held by the routers in the data gram subnet whereas router table space is required for each VC for each connection. 

Explain CSMA with collision detection?

- CSMA with collision detection is abbreviated as CSMA/CD. 

- CSMA in itself makes use of the LBT technology i.e., listen or sense before talk. 

- But when incorporated with the ability of collision detection, it gets much better. 

- If the channel is sensed to be idle the data packets or frames are transmitted immediately but if not, the transmitter is bound to wait for some time before it can re-transmit. 

- Sensing the channels prior to transmission is absolutely necessary if the collisions are to be avoided. 

- Sensing the channel is the most effective way of avoiding the collisions. 

- There are two types of CSMA protocols namely persistent and the non-persistent CSMA.

- In CSMA/CD protocol all the hosts have freedom for transmitting and receiving the data frames on one and the same channel. 

- Also, the size of the packets is variable.

CSMA/CD comprises of two processes:

Carrier Sense: In this process the transmitter or the host checks if the channel or the line is not occupied before starting the transmission.

Collision Detection: CSMA/CD tries to detect the collisions in the shortest possible time. If it happens to detect a collision, it stops the transmission then and there and waits for a random amount of time which is equal to the binary exponential back-off. It then again senses the channel.

- For ensuring there occurs no collision during the transmission of a packet, a host must have the capability of detecting the collision before the transmission process is complete. 

- What happens is that the host A sensing the line to be idle starts transmitting a frame. 

- Just before the first unit of this frame reaches host B, it also senses the line to be idle and starts its transmission. 

- Now the host B receives data while its transmission is still in progress and so it detects that a collision is about to occur. 

- A collision occurs close to the host B. the host A also receives data in midst of its transmission and therefore detects the collision. 

- For making the hosts detect collision before transmission, a minimum length has to be decided for the packets that are transmitted via CSMA/CD networks. 

There are 3 states for a CSMA/ CD channel namely:

1. Contention
2. Transmission
3. Idle

- Ethernet is the most popular example of the CSMA/CD networks. 

- A minimum slot time is required for collision detection between the stations.

- This slot time must equal twice the maximum value of the propagation delay. - The host acquires the channel on the basis of the 1 – persistence. 

- Also, a jam signal is transmitted if a case of collision detection occurs. 

- CSMA/CD make use of the binary exponential back-off algorithm. 

- It is obvious that the idle time of the channel will be small if the load is heavy. 

- It normalizes all the packets with respect to the time of the packet transmission.

- CSMA/CD represents a very effective method for media access control. 

- There are different methods available for detecting the collisions. 

- Which method is to be followed depends largely on the transmission medium that exists between the two stations. 

- For example, if the two stations are connected via electrical buses, the collision can be detected by making comparison between the transmitted and the received data. 

- Some other way involves recognition of a signal of higher amplitude than the normal one. 

- The jam signal used in the CSMA/CD networks is constituted of 32 bit binary pattern.

Differentiate between persistent and non-persistent CSMA?

- CSMA or Carrier Sense Multiple Access makes use of LBT or listen before technique before making any transmission. 

- It senses the channel for its status and if found free or idle, the data frames are transmitted otherwise the transmission is deferred till the channel becomes idle again. 

- In simple words, we can say that CSMA is an analogy to human behavior of not interrupting others when busy. 

- There are number of protocols out which the persistent and the non – persistent are the major ones. 

- CSMA is based on the idea that if the state of the channel can be listened or sensed prior to transmitting a packet, better throughput can be achieved.

- Also, using this methodology a number of collisions can be avoided. 

- However, it is necessary to make the following assumptions in CSMA technology:

1. The length of the packets is constant.
2. The errors can only be caused by collisions except which there are no errors.
3. Capture effect is absent.
4. The transmissions made by all the other hosts can be sensed by each of the hosts.
5. The transmission time is always greater than the propagation delay.

About Persistent CSMA

- This protocol first senses the transmission channel and acts accordingly. 

- If the channel is found to be occupied by some other transmission, it keeps listening or sensing the channel and as soon as the channel becomes free or idle, starts its transmission. 

- On the other hand, if the channel is found empty, then it does not wait and starts transmitting immediately. 

- There are possibilities of collisions. 

- If one occurs, the transmitter must wait for random time duration and start again with the transmission. 

- It has a type called 1 – persistent protocol which makes transmission of probability 1 whenever the channel is idle. 

- In persistent CSMA there are possibilities of occurrence of collisions even if the propagation delay is 0. 

- However, collisions can only be avoided if the stations do not act so greedy. 

- We can say that this CSMA protocol is aggressive and selfish. 

- There is another type of this protocol called the P – persistent CSMA. 

- This is the most optimal strategy. 

- Here the channels are assumed to be slotted where one slot equals the period of contention i.e., 1 RTT delay. 

- The protocol has been named so because it transmits the packet with probability p if the channel is idle otherwise it waits for one slot and then transmits.

About Non–Persistent CSMA

- It is deferential and less aggressive when compared to its persistent counterpart. 

- It senses the channel and if it is busy it just waits and then again after sometime senses the channel unlike persistent CSMA which keeps on sensing the channel continuously. 

- As and when the channel is found free, the data packet is transmitted immediately. 

- If there occurs a collision it waits and starts again.

- In this protocol, even if the two stations become greedy in midst of transmission of some other station they do not collide probably whereas, in persistent CSMA they collide.

- Also, if only one of the stations become greedy in midst of some other transmission in progress, it has no choice but to wait. 

- In persistent CSMA this greedy stations takes over the channel up on completion of the current transmission.

- Using non – persistent CSMA can reduce the number of collisions whereas persistent CSMA only increases the risk. 

- But the non – persistent CSMA is less efficient when compared to the persistent CSMA.

- Efficiency lies in the ability of the protocols of detecting the collisions before starting the transmission. 

What is meant by DNS? What does it contain?

DNS or domain name system is a well known distributed system which is quite hierarchical in nature and is used for the following:

1. Computers
2. Services
3. Resources that are connected to some private network or internet and so on.

What does DNS contain?

- With the aid of DNS, the domain names with various participating entities contains various information. 

- A domain name system is also known as domain name service and has taken up the responsibility of resolving the queries for the above discussed domain names into the corresponding IP addresses. 

- The basic purpose of this whole process is spotting the location of devices and computer services on the World Wide Web.

- The domain name system had lately become quite an essential part of the functionality of the internet because of the world wide service it provides regarding the distributed key word based redirection. 

- To put it simply it acts as a phone book in disguise for the internet. 

- It serves as a phone book in the way that it translates the human friendly computer host names in to their corresponding IP addresses. 

For example,

The domain name: www. Abc. Com translates in to the following IP address (say): 192. 0 . 34 . 11 (IPv4) and 2630 : 0 : 2c0 : 201 : : 10 (IPv6) etc.

- Though DNS serves all the purposes of an ideal phone book in terms of the internet, it differs from the phone book in one respect which is that the DNS can be frequently updated and these updates in turn can be distributed but in phone book these tasks cannot be performed so.

- With the help of such a process the location of a particular service on a network can be easily changed without having any affect on the end users who keep on continuing with the same host name. 

-This advantage is further reaped by the users while they recite the meaningful e- mail addresses as well as the URLs (uniform resource locators) without even knowing the way via which the services are actually located by the computers. 

- With the help of domain name system, each and every domain in the network is assigned with an appropriate domain name and this domain name is mapped to corresponding IP addresses through the designation of the authoritative name servers for each and every domain. 

- These authoritative name servers hold the responsibility of their particular domains and also it helps in assigning the sub domains with their respective authoritative name servers.

- Such a mechanism has helped a lot in making the domain name system quite fault tolerant and distributed. 

- This mechanism in another way has eliminated the requirement of a single central register to be used continually for updating and consultation. 

- There is one more additional feature of the domain name system which is that the responsibility of the updating and maintenance of the master record of the domains is distributed among many domain name registrars.

- These domain name registrars are known for their competition for the domain owner’s and end user’s business. 

- The facility of moving the domains from one registrar to another has been very well provided in the domain name system.

- The technical functionality of the data base service as well as the DNS specification is also specified by the domain name system.

- This DNS protocol is a kind of detailed specification of the communication exchanges and data structures that are used in the domain name system which in turn forms a very important part of the whole internet protocol suite. 

What is meant by storm worm?

Storm worm? You may not recognize this worm at the first instance since you might be knowing it by one of the following other names:

1. Small. Dam
2. Trojan- downloader. Win 32. Small. Dam
3. F secure as dubbed by the finnish company.
4. W32/ Numwar@MM
5. Downloader BAI (McAfee’s specific variant)
6. Trojan. DL. Tibs. Gen! Pact13
7. Trojan. Peacomm (Symantec)
8. Win32/ Nuwar (ESET)
9. W32/ Zhelatin (kaspersky, F secure)
10. Trojan. Peed (Bit Defender)
11. Trojan. Tibs (Bit Defender)
12. Win32/ Nuwar. N@MM! CME- 711 (windows live one care)
13. TROJ_SMALL. EDW (trend micro)
14. Trojan. Downloader – 647
15. Loland Mal/ Dorf (sophos)
16. CME- 711 (mitre)

Evolution of Storm Worm

- It was recognized as a back door Trojan horse that had most of its impact on the computer systems that use the Microsoft operating systems or applications or extensions.

- This worm was first observed on the date of 17th January in the year of 2007.

- The storm worm first took its affect in the countries of the United States and Europe infecting millions of computer systems starting on the date of 19th January 2007.

- It was usually sent to the users as an e-mail message having the subject as a headline about the recent weather disaster like “230 dead as storm batters Europe”.

- At the starting of this cyber epidemic, there were around 6 waves of attack subsequently.

- At the end of the January 2007, the storm worm was said to account for 8 percent of all the world wide malware infections.

- According to the PC world, the history or origin of the storm worm can be traced back to a Russian business network.

- Mostly the European wind storm “kyrill” was used as the subject of the infected e- mails.

- This email usually had an attachment accompanying it which when opened, automatically installed this malware on to the system of the users.

Steps involved in installing the Malware

The malware was installed via the following steps:

1. Installation of the wincom32 service
2. Injection of payload
3. Passing of the packets to destinations as mentioned in the malware code.
4. Download and run the W32. Mixor. Q@mm worm and Trojan. Abwiz. F Trojan.

These downloaded Trojans then attached themselves to spam like flashcard.exe, postcard.exe and so on. Other changes regarding the original attack wave were made as the mutation of the attack carried on. Below mentioned are some other prominent spam attachments:
1. Ecard.exe
2. Fullstory.exe
3. Read more. Exe
4. Greeting postcard.exe
5. Read more.exe
6. Full news.exe
7. Arcade world.exe
8. Fullvideo.exe
9. Video.exe
10. Full clip.exe
11. More here.exe
12. Click here.exe
13. Nfl stat tracker.exe
14. Arcade world game.exe

Later the storm worm came to be spread by subjects regarding love such as “touched by love”, “love birds” and so on. These e- mails had the links referring to the malicious web sites containing virus like:

1. With love.exe
2. With_love.exe
3. From me to you.exe
4. Fck2008.exe
5. Fck2009.exe
6. Love.exe
7. Iheart you.exe

The storm worm has an exceptional ability to stay resilient. The affected machine or system used to become a part of botnet networks which was controlled through a central server. A botnet is seeded by the storm worm that acts as a P2P network without any control. The connected systems then act as a host and share the list of other hosts. One peculiarity was observed in the working of these machines which is that none of them shared the whole list of botnets.

What are different terminologies used in LoadRunner ?

Application performance testing requirements are divided into scenarios using LoadRunner.
- A scenario defines the events that occur during each testing sessions.
- A scenario defines and controls the number of users to emulate, the actions that they perform, and the machines on which they run their emulations.

Vusers
LoadRunner works by creating virtual users who take the place of real users operating client software. LoadRunner works by creating virtual users who take the place of real users operating client software. Vusers emulate the actions of human users working with your application. A scenario can contain tens, hundreds, or even thousands of
Vusers.

Vusers Scripts
The actions that a Vuser performs during the scenario are described in a
Vuser script. When you run a scenario, each Vuser executes a Vuser script. Vuser scripts include functions that measure and record the performance of the server during the scenario.

Transactions
Transactions are defined to measure the performance of the server. Transactions measure the time that it takes for the server to respond to tasks submitted by Vusers.

Rendezvous Points
Rendezvous points are inserted into Vuser scripts to emulate heavy user load on the server. Rendezvous points instruct multiple Vusers to perform tasks at exactly the same time.

Controller
LoadRunner Controller is used to manage and maintain your scenarios. Using the Controller, you control all the Vusers in a scenario from a single workstation.

Hosts
The LoadRunner Controller distributes each Vuser in the scenario to a host when the scenario is executed. The host is the machine that executes the Vuser script, enabling the Vuser to emulate the actions of a human user.

Performance Analysis
Vuser scripts include functions that measure and record system performance during load-testing sessions. During a scenario run, you can monitor the network and server resources. Following a scenario run, you can view performance analysis data in reports and graphs.