hw1-s09 - 18-731Homework 15 February 2009Due 17 February...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 18-731Homework 15 February 2009Due 17 February 2009 at the beginning of className:Andrew user id:Scores:Problem 1 (15 points):Problem 2 (15 points):Problem 3 (20 points):Problem 4 (20 points):Problem 5 (20 points):Problem 6 (20 points):Total (110 points):1Problem 1: TCP/IP attacks (5 + 4 + 6 = 15 points)1. We consider an entreprise network whose topology is depicted in Figure??. Each subnetis associated with a specific IP prefix (e.g., subnet 1 may be 192.168.1.0/24). We assumethat all the routers run the Routing Information Protocol (RIP) version 1 to exchange rout-ing information. RIPv1 does not support authentication. As a consequence, a malicioususer (e.g., host 14) can create and send fake advertisements. As an example, it may sendan advertisement for subnet 2 thus capturing all packets sent from any host from subnet 4into any destination into subnet 2. Propose some detailed counter-measures the operatorresponsible for this network can deploy on the routers to mitigate these threats.Figure 1: Enterprise network.2. IPv4 supports some options for source routing (e.g., strict source route, loose sourceroute). Studies have highlighted potential attacks because of these options. As such, bestcurrent practices recommend to drop any IPv4 datagram with those options. Yet, in IPv6,the Routing extension header has been specified to perform source routing. As stated inRFC 2460, the Routing header is used by an IPv6 source to list one or more intermediatenodes to bevisitedon the way to a packets destination. Can an attacker launch the sameattacks using the IPv6 Routing header than with the IPv4 source route options? If so,provide a brief justification. If not, describe an attack that an attacker can launch in onecase but not the other case.3. Guessing or knowing the initial TCP sequence number (ISN) that a server will choose en-ables an attacker to establish a TCP connection with a server impersonating another node.What are the advantages and disadvantages of the following solutions with respect to mit-igating the attack? What modifications in the behavior of TCP result by implementingthe solution?Server computes ISN as follows: ISN=MD5(source IP address||destination IPaddress||source port number||destination port number||K), whereKis a secret2key stored locally and known to the server only.Server selects ISN at random.Server selects ISN as ISN = f(current time) where f is a linear function.3Problem 2: TCG (5 + 5 + 5 = 15 points)1. A hardware vendor builds computers with a TPM chip. The vendor argues that the eventlog used for remote attestations will become very long over time, and builds in a specialfeature that enables the operating system to reboot the TPM chip without rebooting theremainder of the system (rebooting will reset the PCR values to zero). This will allowremainder of the system (rebooting will reset the PCR values to zero)....
View Full Document

Page1 / 10

hw1-s09 - 18-731Homework 15 February 2009Due 17 February...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online