Describe how each is countered bya particular feature of ssl

Assignment Help Computer Network Security

Reference no: EM131138295

Problem solving and/or short essays

Question 1. An early attempt to force users to use less-predictable passwords involved computer-supplied passwords. The passwords were eight characters long, taken fromthe character set consisting of lowercase letters and digits. They were created by apseudorandom number generator with 215 possible starting values. Using the technology of the day, the time required to search through all character strings of length 8from a 36-character alphabet was 112 years. Unfortunately, this is not a true reflection of the actual security of the system today. Why?

Explore and explain the problem in detail.

Question 2. Consider user accounts on a system with a Web server configured to provide access touser Web areas. In general, it uses a standard directory name, such as "public_html," in a user's home directory. This acts as their user Web area if it exists. However, toallow the Web server to access the pages in this directory, it must have at least search(execute) access to the user's home directory, read/execute access to the Web directory, and read access to any webpages in it. Consider the interaction of this requirement with the cases you discussed for the preceding problem. What are the consequences of this requirement? Note that a Web server typically executes as a specialuser and in a group that is not shared with most users on the system.

Are there somecircumstances when running such a Web service is simply not appropriate? Explain.

Question 3. A decentralized NIDS is operating with two nodes in the network, monitoring anomalous inflows of traffic. In addition, a central node is present to generate an alarm signal upon receiving input signals from the two distributed nodes. The signatures oftraffic inflow into the two IDS nodes follow one of four patterns: P1, P2, P3, or P4. Thethreat levels are classified by the central node based upon the observed traffic by the two NIDS at a given time, as outlinedin the following table.

Threat Level	Signature
Low	1 P1 + 1 P2
Medium	1 P3+ 1 P4
High	2 P4

If at least one distributed node generates an alarm signal P3at a given time instance, what is the probability that the observed traffic in the network will be classified atthreat level "Medium"?

Question 4. Assume we have an internal Webserver, used only for testing purposes, at IP address 5.6.7.8on our internal corporate network. The packet filter is situated at a chokepointbetween our internal network and the rest of the Internet.

Can such a packet filterblock all attempts by outside hosts to initiate a direct TCP connection to this internal Webserver? If yes, show a packet-filtering ruleset that provides this functionality; if no,explain why a (stateless) packet filter cannot do it.

Note: A ruleset is a list of rules, and the first matching rule determines the actiontaken. A rule is an action followed by a specification of which packets match, for example, droptcp 1.2.3.4:* -> *:25.

Question 5. The BLP model imposes the ss-property and the *-property on every element of b, but does not explicitly state that every entry in M must satisfy the ss-property and the*-property.

a. Explain why it is not strictly necessary to impose the two properties on M.
b. In practice, would you expect a secure design or implementation to impose the two properties on M? Explain.

Question 6. Consider the following threats to Web security, and describe how each is countered bya particular feature of SSL.

a. Man-in-the-middle attack: An attacker interposes during key exchange, acting asthe client to the server and as the server to the client.

b. Password sniffing: Passwords in HTTP or other application traffic are "eavesdropped."

c. IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data.

d. IP hijacking: An active, authenticated connection between two hosts is disrupted, so the attacker can take the place of one of the hosts.

e. SYN flooding: An attacker sends TCP SYN messages to request a connectionbut does not respond to the final message to establish the connection fully. Theattacked TCP module typically leaves the "half-open connection" around for afew minutes. Repeated SYN messages can clog the TCP module.

Question 7. Sensors, analyzers, and user interfaces are three important components of any intrusion detection system. Explain in detail what each component does, what approaches IDS typically use to analyze sensor data, what sensor data can be used for host-based intrusion detection, and what sensor data can be used for network-based intrusion detection.

Question 8. Firewalls play very important roles in computer and network security. Explore and explain in detail the functionalities of different types of firewalls, including those installed on your home computers and home networks (on the router you may have), as well as the protocols used on these firewalls.

Reference no: EM131138295

Questions Cloud

What sustaining technology or technologies it will replace : Describe the characteristics of an IT-dependent strategic initiative that will lead to a sustainable competitive advantage. Please review the attached PPT: "Strategic Information Systems: Summary" for information to assist in your response.

Which type of foundation provide in laterite soil : Which type of foundation provide in laterite soil based upon two storey residential building.

What is the actual wavelength and velocity of a near-infrare : What is the actual wavelength and velocity of a near-infrared beam (0.901um) of light modulated at a frequency of 330 MHz through an atmosphere with a dry bulb temperature,T, of 26 degrees celcius; a relative humidity, H, of 75%, and an atmospheri..

Determine the magnification of the final image formed : Two lenses, one converging with focal length 20.0 cm and one diverging with focal length -10.0 cm are placed 25.0 cm apart. An object is placed 60.0 cm in front of the converging lens.

Describe how each is countered bya particular feature of ssl : Describe how each is countered bya particular feature of SSL - In practice, would you expect a secure design or implementation to impose the two properties on M? Explain.

What achievements you accomplished in this module : Reflect on all the material covered (e.g. readings, learning activities, etc.) throughout this module. Explain your thoughts on which learning experiences influenced your perspectives on IT and why. Additionally, explain what achievements you acco..

Between-homicides data on normal probability plot : Kittlitz (1999) presents data on homicides in Waco, Texas, for the years 1980-1989 (data taken from the Waco Tribune-Herald, December 29, 1989). There were 29 homicides in 1989. The table gives the dates of the 1989 homicides and the number of days b..

Draw an edgeworth box depicting the feasible allocations : Draw an Edgeworth box depicting the feasible allocations of state 1 consumption of m and state 2 consumption.- Identify the ex ante Pareto efficient allocations 1.

How much heat must be absorbed by the cube : A .50kg sample of water is at 15.0C in a calorimeter. A 0.040 block of zinc at 115C is placed in the water. Find the final temperature of the system.

User Account

All Pages