hw1-s08 - 18-731Homework 112 February 2008Due 21 February...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 18-731Homework 112 February 2008Due 21 February 2008 at the beginning of className:Andrew user id:Scores:Problem 1 (15 points):Problem 2 (20 points):Problem 3 (20 points):Problem 4 (15 points):Problem 5 (20 points):Problem 6 (10 points):Total:1Problem 1: TCP/IP attacks (5 + 4 + 6 = 15 points)1. We consider an entreprise network whose topology is depicted in Figure 1. Each subnetis associated with a specific IP prefix (e.g., subnet 1 may be We assumethat all the routers run the Routing Information Protocol (RIP) version 1 to exchangerouting information. As we have seen in class, RIPv1 does not support authentication. Asa consequence, a malicious user (e.g., host 14) can create and send fake advertisements.As an example, it may send an advertisement for subnet 2 thus capturing all packets sentfrom any host from subnet 4 into any destination into subnet 2. Propose some detailedcounter-measures the operator responsible for this network can deploy on the routers tomitigate these threats.Figure 1: Entreprise network.2. IPv4 supports some options for source routing (e.g., strict source route, loose sourceroute). Studies have highlighted potential attacks because of these options. As such, bestcurrent practices recommend to drop any IPv4 datagram with those options. Yet, in IPv6,the Routing extension header has been specified to perform source routing. As stated inRFC 2460, “the Routing header is used by an IPv6 source to list one or more intermediatenodes to bevisitedon the way to a packet’s destination.” Can an attacker launch the sameattacks using the IPv6 Routing header than with the IPv4 source route options? If so,provide a brief justification. If not, describe an attack that an attacker can launch in onecase but not the other case.3. Guessing or knowing the initial TCP sequence number (ISN) that a server will choose en-ables an attacker to establish a TCP connection with a server impersonating another node....
View Full Document

This note was uploaded on 04/19/2008 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 8

hw1-s08 - 18-731Homework 112 February 2008Due 21 February...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online