Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ITM314

288 views

Published on

  • Be the first to comment

  • Be the first to like this

ITM314

  1. 1. ITM314 Network Security Management Assignment I Assignment Code: 2010ITM314A1 Last Date for Submission: 31st March 2010 Maximum Marks: 100 Attempt all the questions. All questions are compulsory and carry equal marks. Section A 1. Discuss major threats to network computer systems. Also, discuss the safeguard measures against such threats. 2. What is the role of cryptography to ensure the privacy of data? Discuss some cryptographic tools are used against unauthorized access of network.. Also discuss the security concerns at different levels of the Open System Interface protocol stack. 3. How do you define the term Network Security? Discuss the role of protocols in designing the Network Security Models. Also, discuss the hardware oriented and software oriented approaches to ensure network security. 4. Describe the following terms a. Secure socket layer b. Intrusion prevention methods c. Private key cryptography d. Risk Assessment Policy Section B Case Study Microsoft and the cult of the dead cow: Hacking into windows NT We reach, Nock in San Franscisco’s lower Height after dark. Once inside, our pupils madly dilate as we try to catch the dynamics of this small, dark Cenozoic cave trimmed in airplane fuselage and grunge-clad patronage. Most don’t take any notice, except a medusa like young man sporting the stubby remnants of the recently shorn dreadlocks who raises form a floor cushion and extends his hand for a shake. He is Sir Dystic, a hacker with whom I’d had only E-mail contact until now. “Cool place,” I offer. “yup.” He gives a wry smile. “Cyber-Flintstones”
  2. 2. Soon seven of us are slugging down room-temperature Guinness’s, which I’m buying. They all belong to the Cult of the Dead Cow, a 13 year old, in your face hacking group whose members are young, rebellious, brilliant, and fed up with mountain of perceived persecutions. They’re misunderstood “White hat” good guys. Clueless federal agents are dogging them for no good reason. Privacy. Free speech. You get the picture. But what they really hate is Microsoft Corporation, which in the past year, has become the greatest of hacking targets. “We bring all these huge, gaping holes to their attention, and they don’t listen,” bellows Deth Veggie, a mammoth 24-year-old with rock-star looks. Microsoft, they say, is more interest in marketing new systems than in securing them. Microsoft is breeding “dumbed-up” systems administrators who are so reliant on friendly, point-and-click interfaces that they fail to set basic security settings. Microsoft, they say, hasn’t learned from past mistakes made-and patched-in the Unix operating system. “When we find a hold, we share that exploit with rest of the world-and it takes Microsoft a long time to respond,” say 22-year-old Tweetfish. Hackers have posted the source code and techniques of myriad attacks against Microsoft products on World Wide Web sites and bulletin boards. They’ve got the tools to crack passwords on NT and Windows 95 operating systems, and the techniques to grab those passwords form LAN managers. Hackers know how to drop an Active X security level from high to none, essentially helping themselves to anything on the machine and the network it’s connected to. And the list goes on. Why Microsoft? Why NT? First, Microsoft is the biggest dog on the porch. Run, no less, by the richest guy on the planet. That’s irresistible to many hackers. Also, compared with Unix, which has been hacked and patched ad nauseam, NT makes for an exciting new playground. In addition, Windows NT is quickly infiltrating the enterprise. Microsoft is shipping more than 100,000 units of NT Version 4.0 every month. According to The Sentry Group, 85 percent of businesses and government agencies in the United States will use Windows NT as a desktop platform by next year. In NT 5.0, Microsoft will introduce a three-tiered security architecture. MIT- developed RCF Kerberos authentication will replace the LAN Manager setup that hackers find so inviting. In addition, crypto- key infrastructure will be included to support digital certificates that authenticate users who access the system remotely. Moreover, in NT 5.0, data encryption will be supported, and administrators will have a central point from which to issue certificates and access controls. Microsoft also maintains an electronic-mail address (secure@microsoft.com) to which anybody can send information about vulnerabilities. In addition, the company employees about 300 engineers who work only on security. And they listen to both hackers and customers, according to ED Muth, NT
  3. 3. product manager. “We have demanding customers like banks and defense agencies who are not shy about telling use their security desires,” he says. In any event, the bottom line is that they security problems most hackers ferret out aren’t having a serious effect on Microsoft’s ability to do business. Corporate America doesn’t seem to spooked about Microsoft security, given the speed at which they are deploying Windows NT. And that just keeps the hackers hacking away. Questions: 1. Why are hackers like the Cult of the Dead Cow hacking into Windows NT? 2. What is Microsoft doing about hacking and the security of Windows NT? 3. Is hacking by the Cult of the Dead Cow and other “white hat” hackers ethical? Why or why not?
  4. 4. ITM314 Network Security Management Assignment II Assignment Code: 2010ITM314A2 Last Date for Submission: 15th May 2010 Maximum marks: 100 Attempt all the questions. All questions are compulsory and carry equal marks. Section A 1. Explain the relation between encrypting and public key infrastructure? On what bases a public key infrastructure can invalidate certificates? Why the stopping of distribution of a certificate after it becomes invalid is not sufficient by public key infrastructure? 2. What are some of the downside issues relating to use of the Internet and web? How might you choose between subscribing to an online service and an Internet Service Provider? 3. Discuss the potential threats for the Internet Security? Discuss the various security measures with detailed explanation. 4. Describe the following terms 1. Asymmetric encryption 2. Public key encryption 3. Security Protocols 4. New Internet technologies Section B Case Study Students at The University of Birmingham will soon be able to roll out of bed and get onto the internet wherever they happen to have ended up on campus. The university is in the second phase of a wi-fi rollout that will see coverage extended to all corners of its main 250-hectare Edgbaston campus and 80-hectare Selly Oak site by the end of the year - or what will be the largest university wi-fi rollout in Europe.Currently students have wi-fi access in lecture theatres, libraries, some classrooms and social areas such as coffee shops. But wireless coverage is in the process of being extended to every square inch of both campuses - from walkways to sports pitches. The university's vision is that an all pervasive wi-fi network will not only be a vital aid for academic activity but also a springboard for new student services - enabling live pictures of sports events to be multicast to the online student portal, for instance, along with pitch-side commentary. John Turnbull,
  5. 5. head of networks in the university's IT services department, even has plans for an IPTV multicasting service to launch in September.Why wireless? Ease of access, says Turnbull: "We want the students to be able to access course material anywhere on site and at any time. And the wireless is very suitable for this type of access."But what the 30,000-odd students at Birmingham University don't get to see as they update their MySpace page over a late breakfast or browse course modules during lectures, is the network infrastructure that lies behind this moveable feast of web services. Birmingham's wi-fi network, which began life three years ago, is costing around a quarter of a million pounds - on top of a much more expensive core fibre network (in the region of £12m). The wi-fi network would have cost more but the university was able to make a saving of £87,000 by reusing fibre freed up when the core network was recently upgraded from 8MB to 10MB, said Turnbull. He explains: "When we upgraded to 10GB [from 8MB trunk link] through a single point, the 10GB upgrade link just uses one fibre as opposed to using eight trunked fibres so that released at least 35 fibres - pairs - across our campus." The university has chosen to run its wireless network in parallel with its wired network for security reasons, according to Turnbull: "All the access points are on a network that's separate from our campus network but then linked back in to our campus network via a firewall so that we've got full control of the security associated with the wireless network." This has the added advantage of meaning there is a back-up option if one network goes down. "If in a building the local wired network was down the wireless network would still be available because it's a parallel network," he explains. Turnbull said the large-scale of the campus wi-fi rollout meant ease of installation was a key consideration in designing the network. This was one of the reasons Birmingham chose to upgrade from existing access points from switching and routing vendor Foundry Networks to the company's IronPoint Mobility Series of access points. The new kit dispenses with the costly and time-consuming business of having to do detailed surveys of buildings to locate the best sites for wi-fi access points as it boosts wi-fi access by using a virtual cell architecture. Chris Lea, senior network specialist at the university, explains: "Instead of seeing a whole number of access points - potential connections for the client - [the client device] just see a single large, access point if you like or a single access point that covers a large area."This means the client no longer has to make a decision about which access point to connect to as the hardware chooses for them. Roaming decisions are also controlled by the hardware.And there are bandwidth benefits too, says Lea: "In a traditional [wi-fi network architecture] system all the clients will be contending against each other to gain the access point's availability so that they can transmit and receive traffic." In the new system the controller actually manages that and what it will do is assign a piece of time on the access point for each client and in a round robin fashion each client will very rapidly receive slices of time on the access point." Lea said the network infrastructure can support up to 10 times the number of users per access point compared to a system that does not use virtual cell technology. "We've certainly seen numbers like 35 clients on a single access point with no performance issues," he adds. The system also has built-in rogue access point detection. More than 300 IronPoint Mobility access points and two Foundry
  6. 6. Mobility Controllers have now been implemented - with a further 360 access points due to be installed to complete the campus-wide wi-fi rollout. Questions: a) Discuss the relevance of the university’s network setup. b) What can be the possible security threats for such kind of implementations? c) Discuss the feasibility study to implement such kind of network in your campus. d) What kind of security measures are required against hacking in this type of networking environment.

×