From: "Saved by Windows Internet Explorer 7" Subject: COMP 150-CA Special Topics: Computer and Network Security Date: Sat, 16 Feb 2008 02:14:30 -0500 MIME-Version: 1.0 Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Content-Location: http://www.ccs.neu.edu/course/csg254/ProblemSet-I.htm X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16545 COMP 150-CA = Special Topics: Computer and Network Security

           &nbs= p;            = ;    =20         =20 Problem=20 Set - I           &nbs= p;            = ;            =  =20         =20 9/14/07

(Due at the = beginning of=20 class on 9/25/07)

 

CS = G254/U645=20 Network Security

This problem set = will be=20 graded out of 50 points. It will count for 8% of your final=20 grade.

 

1)     =20 Architecture=20

a)     =20 What is layering?=20 [2]

b)     =20 What is one advantage and one disadvantage of layering?=20 [2]

c)     =20 Describe briefly = and give=20 one example of each of the following layers - physical, data link, = network and=20 transport. [4]

d)     =20 State and explain = the=20 significance of the end-to-end principle? [2]

 

2)     =20 Internet =96 = transport=20 layer

a)     =20 What keeps packets = from=20 being passed along, router to router, indefinitely? = [2]

b)     =20 Which is better = for=20 transferring a large file =96 UDP or TCP and why? = [2]

c)     =20 What is an ICMP = echo-request=20 packet used for? [1]

d)     =20 Explain how = traceroute=20 works? [5]

 

3)     =20 Learning by doing = =96=20 IP/BGP/DNS

a)     =20 Go to http://www.arin.net/whois/. = Query for=20 =93Northeastern = University=94 (quotes not = included).=20 List the IP blocks that are registered to Northeastern using CIDR = notation.=20 [4]

b)     =20 Go to http://www.arin.net/whois/. = Query for =93a=20 Northeastern = University=94 (quotes not = included).=20 List the AS number(s) registered to Northeastern. List the emailid(s) of = the=20 tech contact for Northeastern=92s Autonomous = System(s).=20 [2]

c)     =20 Go to http://us= .mirror.menandmice.com/knowledgehub/tools/dig.=20 Leave the Name Server and Query Type field as is; query http://www.ccs.neu.edu/ in the = Domain Name=20 field. What is the IP address of http://www.ccs.neu.edu/?=20 [2]

d)     =20 Go to http://stat.qwest.net/l= ooking_glass.html.=20 Pick any location; query for type =93bgp=94 = the IP address=20 from part c). What is the AS number that CCIS=92 website lives in and = which=20 organization does this AS belong to? What is the AS number immediately = upstream=20 of the AS that CCIS=92 website lives in? Use http://www.arin.net/whois/ to = determine=20 the OrgName of the organization that = provides=20 connectivity to CCIS=92 website. [5]

e)     =20 Go to http://www.traceroute.org/. Run = a=20 traceroute from UC Berkeley to http://www.ccs.neu.edu/. List the = IP(s)=20 encountered in order. [4]

f)       =20 Go to any online = ping server=20 (e.g. http://www.tracert.com/cg= i-bin/ping.pl).=20 Run a ping to http://www.ccs.neu.edu/ and=20 to http://www.rsa.com/. What do you = see and=20 why? [3]

 

4)     =20 Consider the = following=20 code: =

 

#include <string.h>

#include <ctype.h>

 

int main(int argc, char *argv[]) {

 

       =20 char buf[512];

       =20 int i;

 

       =  setuid(0);

 

       =20 if (argc = > 1)=20 {

           &n= bsp;   =20 for (i=3D0; i<strlen(argv[1]); i++)

           &n= bsp;           =20 argv[1][i] =3D tolower(argv[1][i]);

           &n= bsp;   =20 strcpy(buf, argv[1]);

           &n= bsp;   =20 printf("%s\n", buf);

       =20 }

}

a)     =20 Describe what each = line of=20 the program does. [6]

b)     =20 Compile and run = the program=20 from the command line. Give it some short = string as=20 an input. What=20 does the program do? What is a major flaw in this program?=20 [2]

c)     =20 Read http://www.insecure.o= rg/stf/smashstack.txt.=20 Explain how this program could be utilized to gain root access. (In a = subsequent=20 assignment you will explore this issue in further detail.) = [2]