hw1-s08-soln - 18-731Homework 1 Solutions12 February...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 18-731Homework 1 Solutions12 February 2008Due 21 February 2008 at the beginning of className:Andrew user id:Scores:Problem 1 (15 points):Problem 2 (20 points):Problem 3 (20 points):Problem 4 (20 points):Problem 5 (15 points):Problem 6 (10 points):Total:1Problem 1: TCP/IP attacks (5 + 4 + 6 = 15 points)1. We consider an entreprise network whose topology is depicted in Figure 1. Each subnetis associated with a specific IP prefix (e.g., subnet 1 may be 192.168.1.0/24). We assumethat all the routers run the Routing Information Protocol (RIP) version 1 to exchangerouting information. As we have seen in class, RIPv1 does not support authentication. Asa consequence, a malicious user (e.g., host 14) can create and send fake advertisements.As an example, it may send an advertisement for subnet 2 thus capturing all packets sentfrom any host from subnet 4 into any destination into subnet 2. Propose some detailedcounter-measures the operator responsible for this network can deploy on the routers tomitigate these threats.Figure 1: Entreprise network.Deploy filters on all the interfaces of the routers connected to hosts to discard all incomingRIP advertisements. Hosts should not originate RIP advertisements.Grading Note:Authentication (e.g., through IPsec) of the RIP messages and acceptance of ad-vertisements coming only from routers also address the problem. Partial credit wasawarded to those suggesting authentication without providing sufficient details sinceit was explicitely explained that RIPv1 does not support authentication, and adver-tisements from hosts should not be accepted.Filters preventing IP spoofing do not address the problem. If routers accept RIPadvertisements from hosts, hosts do not need to spoof the source IP address of theRIP advertisements to inject routes.One point was awarded to those suggesting replacing RIPv1 by static routes. Thisis because static routes do not offer the benefits of routing protocols such as main-taining routing in the event of failures.Inspecting the metric value of the RIP advertisements does not solve the issue, sincea host can specify any desired value.22. IPv4 supports some options for source routing (e.g., strict source route, loose sourceroute). Studies have highlighted potential attacks because of these options. As such, bestcurrent practices recommend to drop any IPv4 datagram with those options. Yet, in IPv6,the Routing extension header has been specified to perform source routing. As stated inRFC 2460, the Routing header is used by an IPv6 source to list one or more intermediatenodes to bevisitedon the way to a packets destination. Can an attacker launch the sameattacks using the IPv6 Routing header than with the IPv4 source route options? If so,provide a brief justification. If not, describe an attack that an attacker can launch in onecase but not the other case....
View Full Document

This note was uploaded on 04/19/2008 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 12

hw1-s08-soln - 18-731Homework 1 Solutions12 February...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online