User Account

All Pages

Fms attack and chopchop attack

Assignment Help Computer Network Security
Reference no: EM13924087

Q1.

a. Unlike IP fragmentation (which can be done by intermediate devices), IP reassembly can be done only at the final destination. What problems do you see if IP reassembly is attempted in intermediate devices like routers?

b. Let's assume that Host A (receiver) receives a TCP segment from Host B (sender) with an out-of-order sequence number that is higher than expected as shown in the diagram. Then, what do Host A (receiver) and host B (sender) do?

2. Describe or propose a way to detect ARP spoofing attack. What could be a possible weakness in your proposed method? Please do not discuss any prevention method (e.g., port security is an example of a preventive method).

3. [Wireless LAN Security-WEP] What is the main difference between the FMS attack and Chopchop attack? Clearly explain your answer

4. A huge enterprise decides to use a symmetric encryption to protect routing update messages between its own routers (i.e. entire routing update messages are encrypted by a strong shared symmetric key). They think this will prevent routing table modification attacks. Do you think their decision is appropriate? Do you see any problems or issues with their decision?

5. An ACK scan does not provide information about whether a target machine's ports are open or closed, but rather whether or not access to those ports is being blocked by a firewall. If there is no response or an ICMP "destination unreachable" packet is received as a response, then the port is blocked by a firewall. If the scanned port replies with a RST packet, then ACK packet reached its intended host. So the target port is not being filtered by a firewall. Note, however, that port itself may be open or closed.

Describe at least 2 rules that could be used by Snort to detect an ACK scan. Cleary express your assumption and explain your rules. Do you think Bro can do a better job detecting an ACK scan? Explain your answer.

6. Explain the main difference between SQL injection and XSS attacks.

7. As shown in the above diagram, Kevin, the system admin, installed a text-message sender and a text-message receiver in a Multi-Level-Secure (MLS) environment. In the MLS environment, two security levels exist (i.e., Unclassified (Low) and Classified (High) levels). His goal is to enforce the Bell-La Padula (BLP) access control model in the network. In a nut shell, the BLP model defines two mandatory access control rules:

No Read Up Rule: a subject (Low) at a lower security level must not read an object (High) at a higher security level. Simply, a Low entity cannot have read-access to a High object.

No Write Down Rule: a subject (High) at a higher security level must not write to any object (Low) at a lower security level. Simply, a High entity cannot have a write-access to a Low object.

In this scenario, enforcing the BLP model means no confidential information flows from Classified LAN (High) to Unclassified LAN (Low). However, information can still flow from Unclassified LAN to Classified LAN.

To achieve his goal, he configured both text message sender and receiver as follows:
The text message sender is configured to send a text message to the text message receiver via TCP/IP protocol.
The text message receiver is configured to receive a simple text message from the sender via TCP/IP protocol.
The following IP/port is given to each machine:
Text message sender : 192.168.2.2 and port 9898 is open
Text message receiver: 192.168.3.3 and port 9999 is open
A text message is allowed to be sent only from port 9898 of 192.168.2.2 (sender) host to port 9999 of 192.168.3.3 (receiver) host.

Part A) As you can see from the diagram above, the text message sender and receiver have been compromised by the adversary and the Trojan, respectively. However, the router with Snort IDS installed (router/snort) is securely protected and can be fully trusted.
Write at least 2 efficient Snort rules and at least 5 access control lists which will be implemented on the router/snort to detect or block confidential information leakage from High to Low. Write your rationale for writing your rules and access control lists. For example, if the text message receiver (Trojan at High LAN) attempts to send a text message (confidential information) to the text message sender (the adversary at Low LAN), the attempt will be either blocked by your access control list(s) or detected by your snort rule(s).
At least one access control list must be included.

Hint: Access control lists are discussed in Module 10 and snort rules are covered in Module 7 as well as Lab2. To see more snort options, please refer to chapter 3 of Snort User Manual 2.9.1 by the Snort Project

(link: https://www.snort.org/assets/166/snort_manual.pdf)

Part B) Describe a way for the Trojan to covertly transmit 4 characters (e.g., A, B, C and D) to the adversary without being detected or blocked by your rules and access control lists provided in Part A.

8. [topic: IPsec VPN] What do you think are the advantages & disadvantages of using both AH and ESP protocols on the same end to end IPsec connection (transport mode)? In addition, it is recommended that the ESP protocol should be performed before the AH protocol. Why is this approach recommended rather than authentication (AH) before encryption (ESP)?

Reference no: EM13924087

Questions Cloud

Provide teenagers with unrestricted freedom : To provide teenagers with unrestricted freedom, they may easily go astray and fall prey to undesirable situation such as underage drug abuse, pregnancy or driving under peer pressure.
Determine cash flow statement : If a parent company has two wholly owned subsidiaries, how many legal and economic entities are there from the viewpoint of the shareholders of the parent company?
Ever-widening array of coworkers : Workplace trends within and outside health care require employees to connect with an ever-widening array of coworkers, consultants, off-site employees, and other resources. Sharing knowledge is critical to any organization's success, especially in..
Manufacturing overhead is allocated in the work : Explain how manufacturing overhead is allocated in the work-in-process (or goods-in-process) account. Why do we, as accountants, care.
Fms attack and chopchop attack : [Wireless LAN Security-WEP] What is the main difference between the FMS attack and Chopchop attack? Clearly explain your answer
Define significance of secular stories intended for audience : Discuss the significance of the secular stories for the intended audiences. What sorts of assumptions or biases might audiences who are not the target audiences draw from these stories (perhaps if they don't identify with the main characters of th..
The normal distribution curve : The normal distribution curve is always symmetric to its mean. If the variance from a data set is zero, then all the observations in this data set are identical.
Short-term care rehabilitation services : You are a manager of a large rehabilitation center that provides short-term care rehabilitation services on an inpatient and outpatient basis. Your center is proposing a new addition of long-term care services and, with this expansion, you must hi..
Are you in support of the current electoral college : Upon reading the two articles, write a response essay of at least 500 words. Your essay should address the Electoral College as it currently functions, as well as the proposed changes discussed in the two articles. Are you in support of the curren..

Reviews

Write a Review

Computer Network Security Questions & Answers

  Academic method to project management

Sunnyville Corporation is in the business of selling home appliances. Sunnyville Corporation  has over 50 sales agents across the country. The management at Sunnyville Corporation has decided to implement an online sales program.

  Design a security plan that describes counter-measures

Design a security plan that describes counter-measures that will manage the threats that put the organisation's information assets at risk. The security plan should cover a full range of protection measures

  Describe the merits and demerits of other uses of this

in recent years the fcc and other bodies around the world have been removing spectrum dedicated to analog tv

  Discuss some of the problems nats create for ipsec security

Discuss some of the problems NATs create for IPsec security. (See [Phifer 2000]). Can we solve these problems by using IPv6? Why deployment of IPv6 has been slow to date. What is needed to accelerate its deployment?

  Mobile computing has dramatically changed how information

mobile computing has dramatically changed how information is accessed and shared. wireless networking has been an

  Variation of rsa encryption and decryption

Why would a variation of RSA encryption/decryption where a single prime number is used the modolus insecure? How can someone recover a message x from the encrypted value.

  Decrypt the ciphertext message uw dm nk qb ek which was

decrypt the ciphertext message uw dm nk qb ek which was encrypted using the digraphic cipher that sends the plaintext

  Security management

Choose a topic from your major field of study. For example, if you pursuing a degree in education, your topic will come from the education field.

  Design the layout of users

The topology diagram for the different servers and locations and trust domains. For example, where is the firewalls, and where are the users located in the topology.

  Present a short summary of the arguments for and against

you have been asked to help decide whether to outsource security or keep the security function within the firm. search

  Discuss thoroughly vpns and how they are implemented

Discuss thoroughly VPNs and how they are implemented and Discuss both symmetric and asymmetric cryptographic algorithms. Also, explain cryptographic tools. Which should FDU consider

  Extract the password hashes from a machine

Extract the password hashes from a machine

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd