Assignment 1
Due: August 25, 2009, Midnight EST
Total: 40
a. Use NSLookup to determine the IP address of csc.columbusstate.edu and sail-1.colstate.edu
b. Determine who administers these computers and any other information readily available about the network. You may use any websites or tools like ARIN, Neotrace, Whois, or other open source public information. You now have all kinds of information that would allow you to take advantage of vulnerabilities at that site.
c. Repeat this process for your place of employment or the school where you obtained your undergraduate degree.
d. Write down the information that you received about Columbus State University and your place of employment. Discuss ways that an attacker could exploit this information.
Services |
Release of message content |
Traffic analysis |
Masquerade |
Replay |
Modification of messages |
Denial of service |
Peer entity authentication |
|
|
|
|
|
|
Data origin authentication |
|
|
|
|
|
|
Access control |
|
|
|
|
|
|
Confidentiality |
|
|
|
|
|
|
Traffic flow confidentiality |
|
|
|
|
|
|
Data integrity |
|
|
|
|
|
|
Non-repudiation |
|
|
|
|
|
|
Availability |
|
|
|
|
|
|
Mechanisms |
Release of message content |
Traffic analysis |
Masquerade |
Replay |
Modification of messages |
Denial of service |
Encipherment |
|
|
|
|
|
|
Digital signature |
|
|
|
|
|
|
Access control |
|
|
|
|
|
|
Data integrity |
|
|
|
|
|
|
Authentication exchange |
|
|
|
|
|
|
Traffic padding |
|
|
|
|
|
|
Routing control |
|
|
|
|
|
|
Notarization |
|
|
|
|
|
|
a. After getting the resultant string from B, how can A determine whether she has the same key as B? 5 pts
b. Does this scheme have any security flaw? In other words, can a third person achieve the key? 5 pts
0101
XOR 0011
= 0110