Unformatted text preview: 3. Answer question 1 at the end of Chapter 6 in Bishop’s text. Part III: Malware 1. As a virus writer, giv e three techniques that you would use to make your virus more difficult to detect. Briefly explain each of the techniques. 2. Someone suggests a worm defense system that is based on the idea of throttling. With throttling, each machine in a network can connect to at most n other, different hosts (IP addresses) in t seconds (typical val-ues are n = 10 and t = 120 seconds). Connections to any other than the first n machines are blocked (dropped) during the period t. Name a legitimate application that is likely to be negatively affected by this system and briefly discuss your answer. 3. You are developing a worm that uses a random number generator to generate IP addresses of potential victims that the worm scans. What do you use to seed this random number generator once your worm has infected a new host?...
View Full Document
- Fall '09
- Computer Security, IP address, IP addresses, Computer insecurity