Assignment 1 - Is there a Security Problem in Computing?
Hands-on Activity
(DUE January 17, 2003 by midnight EST) One of the most astounding side-effects of the Internet is how readily accessible information is about individuals, organizations, and computer systems. This assignment is designed to give you some experience in obtaining this information.
- Use NSLookup to determine the IP address of jaring.nmhu.edu and cs.ColumbusState.edu
- Determine who administers these computers and any other information readily available. You may use any websites or tools like ARIN, Neotrace, Whois, or other open source public information. Describe how you found the information. You now have all kinds of information that would allow you to take advantage of vulnerabilities at that site.
- Web servers are notorious for containing large numbers of vulnerabilities. Download NetBrute to determine the following:
What computers in the class C range of IP addresses found above are running web servers (check for port 80)? Describe what you found and how you found it.
Discussion Questions
- (DUE January 15, 2003 by midnight EST) Select one of the following questions to discuss in detail through the threaded discussion.
- Describe a vulnerability that exists in a computer system that you have used or are currently using. Describe threats that exist which would exploit this vulnerability. Discuss who would want to take advantage of this vulnerability. Describe controls that could be implemented to either minimize the vulnerability or the threats to the computer system.
- Discuss any of the following questions in detail: 11, 16, 17, 18, 19, or20 on page 33 of the text.
- Research and find examples of computer security failures. Describe how the reported failure exemplifies one (or more) of the principles listed in chapter 1: easiest penetration, adequate protection, effectiveness, and/or weakest link.
- (DUE January 20, 2003 by midnight EST) Select a discussion from one or more of your classmates and respond to their comments.
Webliography Assignment
(DUE January 20, 2003 by midnight EST) Submit to the class Webliography 5 annotated links related to general security problems. These could discuss security threats, vulnerabilities and / or controls. These will be added to our Information Assurance E-library (http://csc.ColumbusState.edu/summers/e-library/security.html) You will receive 1 point if just a new link; 1 point if annotation for one of my links; or 2 points if a new annotated link.