SlideShare a Scribd company logo

A01 assignment-1

Download as DOC, PDF
Sandeep Ratnam
Sandeep Ratnam

Networking Assignment

Education
1 of 10
COIT20262 Assignment 1 Term 1, 2017 Need this or a similar Assignment Contact: qualityonewriters@gmail.com Whatsapp/Call: +91-9502220077 COIT20262 - Advanced Network Security, Term 1, 2017 Assignment 1 Due date: 5pm Friday 21 April 2017 (Week 6) ASSESSMENT Weighting: 40% 1Length: N/A Instructions Attempt all questions. Submit the following on Moodle: Answers: A Microsoft Word document containing answers to the questions. Files for Question 3: keypair.pem,pubkey.pem, commands.bash, signature.bin, key.txt, ciphertext.bin, secretkey.bin This is an individual assignment, and it is expected students answer the questions themselves. Discussion of approaches to solving questions is allowed (and encouraged), however each student should develop and write-up their own answers. See CQUniversity resources on Referencing and Plagiarism. Guidelines for this assignment include: Do not exchange files (reports, captures, diagrams) with other students. Complete tasks with virtnet yourself – do not use results from another student. Draw your own diagrams. Do not use diagrams from other sources (Internet, textbooks) or from other students. Write your own explanations. In some cases, students may arrive at the same numerical answer, however their explanation of the answer should always be their own. Do not copy text from websites or textbooks. During research you should read and understand what others have written, and then write in your own words.
Advanced Network Security Page 1 of 8
COIT20262 Assignment 1 Term 1, 2017 Question 1. Analysis of Protocols with Wireshark [14 marks] Objective: Gain a good understanding of common Internet protocols as well as using packet capture software (Wireshark) The file a01-assignment-1-question-1-capture.pcap on Moodle contains packets captured in an exchange between several computers. The capture was performed in an internet where all subnets used a /24 mask. The capture was performed on interface eth1 on a computer with the following details: network@node:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 08:00:27:cc:71:35 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fecc:7135/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:917 errors:0 dropped:0 overruns:0 frame:0 TX packets:831 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:299281 (299.2 KB) TX bytes:99008 (99.0 KB) network@node:~$ ifconfig eth2 eth2 Link encap:Ethernet HWaddr 08:00:27:1c:6d:33 inet addr:192.168.4.1 Bcast:192.168.4.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe1c:6d33/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:435 errors:0 dropped:0 overruns:0 frame:0 TX packets:412 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:40322 (40.3 KB) TX bytes:58580 (58.5 KB) network@node:~$ ifconfig eth3 eth3 Link encap:Ethernet HWaddr 08:00:27:61:fc:c4 inet addr:192.168.5.1 Bcast:192.168.5.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe61:fcc4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:411 errors:0 dropped:0 overruns:0 frame:0 TX packets:541 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:59508 (59.5 KB) TX bytes:243173 (243.1 KB) Use the file and the above information to answer the following sub-questions. Do not try to guess answers; use only the above information, the capture file and your knowledge of networking and security to find the answers. (a) Several applications were used on several different computers. Complete the table to summarise the applications in use in the network. The columns are: Application name or protocol, e.g. Web, SSH, ?, where ? means cannot determine from the capture. Transport protocol. TCP, UDP, ICMP or other. Client Port(s). Use a range, e.g. 1-10, if the client changes ports for each connection. Server Port, Client IP, Server IP. Time of use. The time when the application is in use. Round to the nearest second. Use a range, e.g. 0-4 seconds. The first row includes example values of selected columns. Complete (or edit) and add further rows as necessary. [4 marks] Advanced Network Security Page 2 of 8
COIT20262 Assignment 1 Term 1, 2017 Application Table App. Tra. Client Server Client Server Time Port(s) Port IP IP of use Web 48158- 0-4 48170 (b) Complete the address table below to show known address information of computers/interfaces in the network. Some information in the table may not be known (e.g. cannot be determined from the capture). Use a question mark “?“ in the table if the information is not known. Use only the information in the question and the capture file to determine the answers (do not guess). [2 marks] Address Table Computer Interface MAC IP 1 1 08:00:27:cc:71:35 192.168.1.1 1 2 08:00:27:1c:6d:33 192.168.4.1 1 3 08:00:27:61:fc:c4 192.168.5.1 2 (c) Some of the computers in the network have domain names as well as IP addresses. List the IP address and domain name of each computer with a domain name, and give the packet number where you found the domain name. [2 marks] (d) Consider the 1 st TCP connection in the capture (which starts at packet number 3 in the capture file). Draw a message sequence diagram that illustrates all packets in that TCP connection. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale. [2 marks] (e) Briefly explain how a TCP connection starts (or opens), and how it completes (or closes), using the 1 st TCP connection from the capture (and your message sequence diagram above) as an example. [2 marks] (f) Some of the computers in the network are running a web server. Choose one of the computers and then list which files exist on the web server, and which files do not exist on the web server. Explain how you know the files (that is, refer to the packet number(s) in the capture). [2 marks] (g) What is the password? [0 marks – this is challenge, but worth no marks. Don’t tell other students the answer if you find it.] Advanced Network Security Page 3 of 8
COIT20262 Assignment 1 Term 1, 2017 Marking Scheme (a) All connections are listed correctly: 4 marks. Minor mistakes in few connections: 3 marks. Missing few connections and/or multiple mistakes: 2 marks. Missing multiple connections and/or many mistakes: 1 marks. Most connections wrong: 0 marks. (b) 2 marks for service table; 2 marks for address table. All entries included: 2 marks. Some entries missing or wrong: 1 mark. Most entries missing or wrong: 0 marks. (c) All packets clearly shown: 2 marks: Minor mistakes: 1 mark. Multiple packets wrong and/or multiple mistakes: 0 marks. (d) All computers/domains listed: 2 marks. One mistake: 1 mark. More than one mistake: 0 marks. (e) Clear explanation of connection open and close: 2 marks. Mistakes or wrong explanation of one of the steps: 1 mark. Multiple mistakes or wrong explanation of both steps: 0 marks. (f) All files (both those that exist and those that don’t exist) listed with packet numbers referenced: 2 mark. Some minor mistakes or missing file: 1 mark. Multiple mistakes or multiple missing files: 0 marks. (g) This sub-question is worth 0 marks. It has no impact on your total marks. Advanced Network Security Page 4 of 8
COIT20262 Assignment 1 Term 1, 2017 Question 2. Web Application Attacks [8 marks] Objective: Understand how real web application attacks work, and methods for mitigating them. For this question you must use virtnet (as used in the workshops) to study web application attacks. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and performing the attack. Your task is to: Create topology 7 in virtnet Deploy the MyUni demo website on the nodes On node4, add a user to the grading web application with username set to your student ID, and password set to your first name. Perform an unvalidated redirect attack, such that the attacker steals your username/password. While performing the attack, take a screenshot of the window showing the stolen username/password. After performing and understanding the attack, answer the following sub-questions. (a) Give a short description of an unvalidated redirect attack, referring to the steps you performed in the attack and the vulnerability your attack exploited. [2 marks] (b) Assuming a website must use redirects, recommend a technique that can be used to minimise the impact of unvalidated redirect attacks. [1 mark] (c) In the attack you performed in virtnet, describe what methods the attacker used (other than an unvalidated redirect) and how the attacker benefits from the attack (that is, what do they gain and how?). [3 marks] (d) Include the screenshot of the stolen username/password obtained during the attack. [2 marks] Marking Scheme (a) Clear description, demonstrating understanding of the attack: 2 marks. Some mistakes or misunderstandings: 1 mark. Many mistakes and/or lack of understanding: 0 marks. (b) One relevant techniques clearly described: 1 mark. No relevant techniques or lack of understanding of techniques: 0 marks. (c) Clear description of methods and benefits: 3 marks. Minor mistakes or misunderstandings in description: 2 marks. Missing methods or benefits; major mistakes: 1 mark. Lack of understanding of both methods and benefits, or no relevant methods/benefits: 0 marks. (d) Screenshot showing relevant information: 2 marks. No screenshot or not showing relevant information: 0 marks. Advanced Network Security Page 5 of 8
COIT20262 Assignment 1 Term 1, 2017 Question 3. Cryptographic Operations with OpenSSL [9 marks] Objective: understand and apply different cryptographic primitives, use common encryption software (OpenSSL), and demonstrate secure procedures for key management. Your task is to use OpenSSL to perform a set of cryptographic operations. When performing cryptographic operations you must be very careful, as a small mistake (such as a typo) may mean the result is an insecure system. Read the instructions carefully, understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test it by decrypting it and comparing the original to the decrypted). Perform the following steps: (a) Generate your own RSA 4096-bit key pair. Use the public exponent of 65537. Save your key pair as keypair.pem. (b) Extract your public key and save it as pubkey.pem. (c) Create a Bash shell script that contains all OpenSSL commands you used on the terminal in the previous steps, as well as the following steps, and save them in a text file called commands.bash. You should copy-and-paste the actual commands you used from the terminal as they may be used to test your submission. As this script contains commands from steps (a), (b), (d), (e), (f) and (g), you should run those commands first and then put them in your script file, then do them again using the final script. (d) Sign your Bash shell script using SHA1, saving the signature as signature.bin. (e) Generate a 256 bit random value using OpenSSL. This value will be used as a secret key. Store the key as a 64 hex digit string in a file key.txt. (f) Encrypt your Bash shell script using AES-256-CBC and the key generated in step (e). Use and IV of all 0’s (that is, 32 0’s). Save the ciphertext as ciphertext.bin. (g) Encrypt your key.txt file using RSA so that only the Unit Coordinator can view the contents. Save the encrypted key as secretkey.bin. Multiple files are output from the above steps. You must submit the following on Moodle: keypair.pem pubkey.pem commands.bash signature.bin key.txt ciphertext.bin secretkey.bin The file names must be exactly as listed above. Use lowercase for all files and double-check the extensions (be careful that Windows doesn’t change the extension). Examples of the OpenSSL operations needed to complete this task, as well as a Bash script, are on Moodle. Advanced Network Security Page 6 of 8
COIT20262 Assignment 1 Term 1, 2017 Marking Scheme Once files are submitted, they will be decrypted/verified using the reverse operations of what you were expected to do. If your files successfully decrypt/verify, and the commands (commands.bash) submitted are correct, then you will receive 9 marks. If your files successfully decrypt/verify, but the commands contain errors, then you will receive between 6 and 8 marks, depending on the severity of the errors (e.g. small typo vs wrong command). If your files do NOT successfully decrypt/verify, then your commands will be reviewed to determine what mistakes you made. You will receive between 0 and 7 marks, depending on the severity of the errors. Up to 6 marks may be deducted for incorrect submissions (e.g. not all files submitted, additional files submitted, wrong files submitted, wrong filenames). Advanced Network Security Page 7 of 8
COIT20262 Assignment 1 Term 1, 2017 Question 4. Malware Research [9 marks] Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics: (a) What is ransomware? (b) What are examples of ransomware attacks? For example, names of malware, organisations attacked. (c) What are common methods of infection by ransomware? (d) What is the payload in ransomware? What cryptographic techniques are commonly used? (e) How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)? (f) What are the options for users once infected? (g) What countermeasures should users and organisations take to prevent ransomware attacks? The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed. There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks. You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware. At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles. Marking Scheme 1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained. 1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes. 1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks. Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources. Advanced Network Security Page 8 of 8
COIT20262 Assignment 1 Term 1, 2017 Question 4. Malware Research [9 marks] Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics: (a) What is ransomware? (b) What are examples of ransomware attacks? For example, names of malware, organisations attacked. (c) What are common methods of infection by ransomware? (d) What is the payload in ransomware? What cryptographic techniques are commonly used? (e) How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)? (f) What are the options for users once infected? (g) What countermeasures should users and organisations take to prevent ransomware attacks? The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed. There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks. You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware. At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles. Marking Scheme 1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained. 1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes. 1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks. Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources. Advanced Network Security Page 8 of 8

Recommended

GSP 125 Final Exam Guide
GSP 125 Final Exam GuideGSP 125 Final Exam Guide
GSP 125 Final Exam Guidecritter13
 
Gsp 125 final exam guide
Gsp 125 final exam guideGsp 125 final exam guide
Gsp 125 final exam guidewilliamsoncolling14
 
Oops Paper
Oops PaperOops Paper
Oops Paperprabhatjon
 
ECET 375 Invent Yourself/newtonhelp.com
ECET 375 Invent Yourself/newtonhelp.comECET 375 Invent Yourself/newtonhelp.com
ECET 375 Invent Yourself/newtonhelp.comlechenau125
 
Section b a
Section b aSection b a
Section b aprabhatjon
 
DAC CCAT GUESS PAPER Jun-Jul 2013
DAC CCAT GUESS PAPER Jun-Jul 2013 DAC CCAT GUESS PAPER Jun-Jul 2013
DAC CCAT GUESS PAPER Jun-Jul 2013 prabhatjon
 
Cryptography based chat system
Cryptography based chat systemCryptography based chat system
Cryptography based chat systemJagsir Singh
 
100 objective question eis
100 objective question eis100 objective question eis
100 objective question eisgajani121
 

Recommended

GSP 125 Final Exam Guide
GSP 125 Final Exam GuideGSP 125 Final Exam Guide
GSP 125 Final Exam Guidecritter13
 
Gsp 125 final exam guide
Gsp 125 final exam guideGsp 125 final exam guide
Gsp 125 final exam guidewilliamsoncolling14
 
Oops Paper
Oops PaperOops Paper
Oops Paperprabhatjon
 
ECET 375 Invent Yourself/newtonhelp.com
ECET 375 Invent Yourself/newtonhelp.comECET 375 Invent Yourself/newtonhelp.com
ECET 375 Invent Yourself/newtonhelp.comlechenau125
 
Section b a
Section b aSection b a
Section b aprabhatjon
 
DAC CCAT GUESS PAPER Jun-Jul 2013
DAC CCAT GUESS PAPER Jun-Jul 2013 DAC CCAT GUESS PAPER Jun-Jul 2013
DAC CCAT GUESS PAPER Jun-Jul 2013 prabhatjon
 
Cryptography based chat system
Cryptography based chat systemCryptography based chat system
Cryptography based chat systemJagsir Singh
 
100 objective question eis
100 objective question eis100 objective question eis
100 objective question eisgajani121
 
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docxCOIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docxclarebernice
 
Semester ii
Semester iiSemester ii
Semester iismumbahelp
 
Kota tinggi-scheme
Kota tinggi-schemeKota tinggi-scheme
Kota tinggi-schemeAyuMohamad
 
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docxLAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docxcroysierkathey
 
Higher Homework
Higher HomeworkHigher Homework
Higher Homeworkmrsmackenzie
 
It110 assignment-1 answer key
It110 assignment-1 answer keyIt110 assignment-1 answer key
It110 assignment-1 answer keyJVM_
 
Mis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.comMis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.comWilliamsTaylor44
 
Mis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.comMis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.comStephenson185
 
Cis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.comCis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.comGeorgeDixon96
 
Cis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.comCis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.comRobinson066
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentMegan Jones
 
A02 assignment-2
A02 assignment-2A02 assignment-2
A02 assignment-2Sandeep Ratnam
 
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docxCOIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docxmary772
 
NP-lab-manual.docx
NP-lab-manual.docxNP-lab-manual.docx
NP-lab-manual.docxRaviRajput416403
 
Name _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docxName _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docxrosemarybdodson23141
 
NP-lab-manual (1).pdf
NP-lab-manual (1).pdfNP-lab-manual (1).pdf
NP-lab-manual (1).pdfRaviRajput416403
 
NP-lab-manual.pdf
NP-lab-manual.pdfNP-lab-manual.pdf
NP-lab-manual.pdfRaviRajput416403
 
ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.com ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.comjonhson203
 
Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03Radu_Negulescu
 
Bsc it winter 2013 2nd sem
Bsc it winter 2013 2nd semBsc it winter 2013 2nd sem
Bsc it winter 2013 2nd semsmumbahelp
 
Req
ReqReq
ReqSandeep Ratnam
 
Network switching
Network switchingNetwork switching
Network switchingSandeep Ratnam
 

More Related Content

Similar to A01 assignment-1

COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docxCOIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docxclarebernice
 
Kota tinggi-scheme
Kota tinggi-schemeKota tinggi-scheme
Kota tinggi-schemeAyuMohamad
 
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docxLAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docxcroysierkathey
 
It110 assignment-1 answer key
It110 assignment-1 answer keyIt110 assignment-1 answer key
It110 assignment-1 answer keyJVM_
 
Mis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.comMis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.comWilliamsTaylor44
 
Mis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.comMis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.comStephenson185
 
Cis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.comCis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.comGeorgeDixon96
 
Cis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.comCis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.comRobinson066
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentMegan Jones
 
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docxCOIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docxmary772
 
Name _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docxName _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docxrosemarybdodson23141
 
ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.com ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.comjonhson203
 
Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03Radu_Negulescu
 
Bsc it winter 2013 2nd sem
Bsc it winter 2013 2nd semBsc it winter 2013 2nd sem
Bsc it winter 2013 2nd semsmumbahelp
 

Similar to A01 assignment-1 (20)

COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docxCOIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
COIT20262 Assignment 1 Term 1, 2018 Advanced Network Secur.docx
 
Semester ii
Semester iiSemester ii
Semester ii
 
Kota tinggi-scheme
Kota tinggi-schemeKota tinggi-scheme
Kota tinggi-scheme
 
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docxLAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
LAB3Lab 3 Answer Sheet(1).docxLiberty UniversityCSIS331La.docx
 
Higher Homework
Higher HomeworkHigher Homework
Higher Homework
 
It110 assignment-1 answer key
It110 assignment-1 answer keyIt110 assignment-1 answer key
It110 assignment-1 answer key
 
Mis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.comMis 589 Success Begins / snaptutorial.com
Mis 589 Success Begins / snaptutorial.com
 
Mis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.comMis 589 Massive Success / snaptutorial.com
Mis 589 Massive Success / snaptutorial.com
 
Cis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.comCis 175 Enthusiastic Study / snaptutorial.com
Cis 175 Enthusiastic Study / snaptutorial.com
 
Cis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.comCis 175 Success Begins / snaptutorial.com
Cis 175 Success Begins / snaptutorial.com
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based Assessment
 
A02 assignment-2
A02 assignment-2A02 assignment-2
A02 assignment-2
 
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docxCOIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
 
NP-lab-manual.docx
NP-lab-manual.docxNP-lab-manual.docx
NP-lab-manual.docx
 
Name _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docxName _______________________________ Class time __________.docx
Name _______________________________ Class time __________.docx
 
NP-lab-manual (1).pdf
NP-lab-manual (1).pdfNP-lab-manual (1).pdf
NP-lab-manual (1).pdf
 
NP-lab-manual.pdf
NP-lab-manual.pdfNP-lab-manual.pdf
NP-lab-manual.pdf
 
ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.com ECET 375 Effective Communication/tutorialrank.com
ECET 375 Effective Communication/tutorialrank.com
 
Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03Midterm Exam Solutions Fall03
Midterm Exam Solutions Fall03
 
Bsc it winter 2013 2nd sem
Bsc it winter 2013 2nd semBsc it winter 2013 2nd sem
Bsc it winter 2013 2nd sem
 

More from Sandeep Ratnam

Networ routingnswitching
Networ routingnswitchingNetwor routingnswitching
Networ routingnswitchingSandeep Ratnam
 
Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Sandeep Ratnam
 
Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Sandeep Ratnam
 
Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Sandeep Ratnam
 
Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Sandeep Ratnam
 
Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Sandeep Ratnam
 
Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Sandeep Ratnam
 
Itc548 system analysis
Itc548 system analysisItc548 system analysis
Itc548 system analysisSandeep Ratnam
 
Itc544 computer organization
Itc544 computer organizationItc544 computer organization
Itc544 computer organizationSandeep Ratnam
 
Itc508 objective modelling
Itc508 objective modellingItc508 objective modelling
Itc508 objective modellingSandeep Ratnam
 
Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Sandeep Ratnam
 
Coit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specCoit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specSandeep Ratnam
 
Coit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specCoit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specSandeep Ratnam
 
Coit20264 network design assignment 2
Coit20264 network design assignment 2Coit20264 network design assignment 2
Coit20264 network design assignment 2Sandeep Ratnam
 
Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Sandeep Ratnam
 
Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Sandeep Ratnam
 

More from Sandeep Ratnam (20)

Req
ReqReq
Req
 
Network switching
Network switchingNetwork switching
Network switching
 
Networ routingnswitching
Networ routingnswitchingNetwor routingnswitching
Networ routingnswitching
 
Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504Melbourne t1 2016-assignment_2_mn504
Melbourne t1 2016-assignment_2_mn504
 
Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017Itech 1006 assignment 2 sem1 2017
Itech 1006 assignment 2 sem1 2017
 
Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)Itech 1006 assignment 2 sem1 2017 (2)
Itech 1006 assignment 2 sem1 2017 (2)
 
Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)Itc597 201730 sm_i-28_january_2017-version_1 (1)
Itc597 201730 sm_i-28_january_2017-version_1 (1)
 
Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1Itc561 201730 sm_i-21_january_2017-version_1
Itc561 201730 sm_i-21_january_2017-version_1
 
Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1Itc560 201730 sm_i-14_january_2017-version_1
Itc560 201730 sm_i-14_january_2017-version_1
 
Itc548 system analysis
Itc548 system analysisItc548 system analysis
Itc548 system analysis
 
Itc544 computer organization
Itc544 computer organizationItc544 computer organization
Itc544 computer organization
 
Itc508 objective modelling
Itc508 objective modellingItc508 objective modelling
Itc508 objective modelling
 
Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1Itc504 201730 sm_i-25_january_2017-version_1
Itc504 201730 sm_i-25_january_2017-version_1
 
Dba2 spec
Dba2 specDba2 spec
Dba2 spec
 
Csce 5580 001_s17_pa2
Csce 5580 001_s17_pa2Csce 5580 001_s17_pa2
Csce 5580 001_s17_pa2
 
Coit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_specCoit20268 t1 17_port_prac2_spec
Coit20268 t1 17_port_prac2_spec
 
Coit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_specCoit20268 t1 17_port_prac1_spec
Coit20268 t1 17_port_prac1_spec
 
Coit20264 network design assignment 2
Coit20264 network design assignment 2Coit20264 network design assignment 2
Coit20264 network design assignment 2
 
Coit20263 information security management assignment 2
Coit20263 information security management assignment 2Coit20263 information security management assignment 2
Coit20263 information security management assignment 2
 
Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)Coit20263 information security management assignment 2 (2)
Coit20263 information security management assignment 2 (2)
 

Recently uploaded

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 

Recently uploaded (20)

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 

A01 assignment-1

  • 1. COIT20262 Assignment 1 Term 1, 2017 Need this or a similar Assignment Contact: qualityonewriters@gmail.com Whatsapp/Call: +91-9502220077 COIT20262 - Advanced Network Security, Term 1, 2017 Assignment 1 Due date: 5pm Friday 21 April 2017 (Week 6) ASSESSMENT Weighting: 40% 1Length: N/A Instructions Attempt all questions. Submit the following on Moodle: Answers: A Microsoft Word document containing answers to the questions. Files for Question 3: keypair.pem,pubkey.pem, commands.bash, signature.bin, key.txt, ciphertext.bin, secretkey.bin This is an individual assignment, and it is expected students answer the questions themselves. Discussion of approaches to solving questions is allowed (and encouraged), however each student should develop and write-up their own answers. See CQUniversity resources on Referencing and Plagiarism. Guidelines for this assignment include: Do not exchange files (reports, captures, diagrams) with other students. Complete tasks with virtnet yourself – do not use results from another student. Draw your own diagrams. Do not use diagrams from other sources (Internet, textbooks) or from other students. Write your own explanations. In some cases, students may arrive at the same numerical answer, however their explanation of the answer should always be their own. Do not copy text from websites or textbooks. During research you should read and understand what others have written, and then write in your own words.
  • 3. COIT20262 Assignment 1 Term 1, 2017 Question 1. Analysis of Protocols with Wireshark [14 marks] Objective: Gain a good understanding of common Internet protocols as well as using packet capture software (Wireshark) The file a01-assignment-1-question-1-capture.pcap on Moodle contains packets captured in an exchange between several computers. The capture was performed in an internet where all subnets used a /24 mask. The capture was performed on interface eth1 on a computer with the following details: network@node:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 08:00:27:cc:71:35 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fecc:7135/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:917 errors:0 dropped:0 overruns:0 frame:0 TX packets:831 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:299281 (299.2 KB) TX bytes:99008 (99.0 KB) network@node:~$ ifconfig eth2 eth2 Link encap:Ethernet HWaddr 08:00:27:1c:6d:33 inet addr:192.168.4.1 Bcast:192.168.4.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe1c:6d33/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:435 errors:0 dropped:0 overruns:0 frame:0 TX packets:412 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:40322 (40.3 KB) TX bytes:58580 (58.5 KB) network@node:~$ ifconfig eth3 eth3 Link encap:Ethernet HWaddr 08:00:27:61:fc:c4 inet addr:192.168.5.1 Bcast:192.168.5.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe61:fcc4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:411 errors:0 dropped:0 overruns:0 frame:0 TX packets:541 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:59508 (59.5 KB) TX bytes:243173 (243.1 KB) Use the file and the above information to answer the following sub-questions. Do not try to guess answers; use only the above information, the capture file and your knowledge of networking and security to find the answers. (a) Several applications were used on several different computers. Complete the table to summarise the applications in use in the network. The columns are: Application name or protocol, e.g. Web, SSH, ?, where ? means cannot determine from the capture. Transport protocol. TCP, UDP, ICMP or other. Client Port(s). Use a range, e.g. 1-10, if the client changes ports for each connection. Server Port, Client IP, Server IP. Time of use. The time when the application is in use. Round to the nearest second. Use a range, e.g. 0-4 seconds. The first row includes example values of selected columns. Complete (or edit) and add further rows as necessary. [4 marks] Advanced Network Security Page 2 of 8
  • 4. COIT20262 Assignment 1 Term 1, 2017 Application Table App. Tra. Client Server Client Server Time Port(s) Port IP IP of use Web 48158- 0-4 48170 (b) Complete the address table below to show known address information of computers/interfaces in the network. Some information in the table may not be known (e.g. cannot be determined from the capture). Use a question mark “?“ in the table if the information is not known. Use only the information in the question and the capture file to determine the answers (do not guess). [2 marks] Address Table Computer Interface MAC IP 1 1 08:00:27:cc:71:35 192.168.1.1 1 2 08:00:27:1c:6d:33 192.168.4.1 1 3 08:00:27:61:fc:c4 192.168.5.1 2 (c) Some of the computers in the network have domain names as well as IP addresses. List the IP address and domain name of each computer with a domain name, and give the packet number where you found the domain name. [2 marks] (d) Consider the 1 st TCP connection in the capture (which starts at packet number 3 in the capture file). Draw a message sequence diagram that illustrates all packets in that TCP connection. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale. [2 marks] (e) Briefly explain how a TCP connection starts (or opens), and how it completes (or closes), using the 1 st TCP connection from the capture (and your message sequence diagram above) as an example. [2 marks] (f) Some of the computers in the network are running a web server. Choose one of the computers and then list which files exist on the web server, and which files do not exist on the web server. Explain how you know the files (that is, refer to the packet number(s) in the capture). [2 marks] (g) What is the password? [0 marks – this is challenge, but worth no marks. Don’t tell other students the answer if you find it.] Advanced Network Security Page 3 of 8
  • 5. COIT20262 Assignment 1 Term 1, 2017 Marking Scheme (a) All connections are listed correctly: 4 marks. Minor mistakes in few connections: 3 marks. Missing few connections and/or multiple mistakes: 2 marks. Missing multiple connections and/or many mistakes: 1 marks. Most connections wrong: 0 marks. (b) 2 marks for service table; 2 marks for address table. All entries included: 2 marks. Some entries missing or wrong: 1 mark. Most entries missing or wrong: 0 marks. (c) All packets clearly shown: 2 marks: Minor mistakes: 1 mark. Multiple packets wrong and/or multiple mistakes: 0 marks. (d) All computers/domains listed: 2 marks. One mistake: 1 mark. More than one mistake: 0 marks. (e) Clear explanation of connection open and close: 2 marks. Mistakes or wrong explanation of one of the steps: 1 mark. Multiple mistakes or wrong explanation of both steps: 0 marks. (f) All files (both those that exist and those that don’t exist) listed with packet numbers referenced: 2 mark. Some minor mistakes or missing file: 1 mark. Multiple mistakes or multiple missing files: 0 marks. (g) This sub-question is worth 0 marks. It has no impact on your total marks. Advanced Network Security Page 4 of 8
  • 6. COIT20262 Assignment 1 Term 1, 2017 Question 2. Web Application Attacks [8 marks] Objective: Understand how real web application attacks work, and methods for mitigating them. For this question you must use virtnet (as used in the workshops) to study web application attacks. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and performing the attack. Your task is to: Create topology 7 in virtnet Deploy the MyUni demo website on the nodes On node4, add a user to the grading web application with username set to your student ID, and password set to your first name. Perform an unvalidated redirect attack, such that the attacker steals your username/password. While performing the attack, take a screenshot of the window showing the stolen username/password. After performing and understanding the attack, answer the following sub-questions. (a) Give a short description of an unvalidated redirect attack, referring to the steps you performed in the attack and the vulnerability your attack exploited. [2 marks] (b) Assuming a website must use redirects, recommend a technique that can be used to minimise the impact of unvalidated redirect attacks. [1 mark] (c) In the attack you performed in virtnet, describe what methods the attacker used (other than an unvalidated redirect) and how the attacker benefits from the attack (that is, what do they gain and how?). [3 marks] (d) Include the screenshot of the stolen username/password obtained during the attack. [2 marks] Marking Scheme (a) Clear description, demonstrating understanding of the attack: 2 marks. Some mistakes or misunderstandings: 1 mark. Many mistakes and/or lack of understanding: 0 marks. (b) One relevant techniques clearly described: 1 mark. No relevant techniques or lack of understanding of techniques: 0 marks. (c) Clear description of methods and benefits: 3 marks. Minor mistakes or misunderstandings in description: 2 marks. Missing methods or benefits; major mistakes: 1 mark. Lack of understanding of both methods and benefits, or no relevant methods/benefits: 0 marks. (d) Screenshot showing relevant information: 2 marks. No screenshot or not showing relevant information: 0 marks. Advanced Network Security Page 5 of 8
  • 7. COIT20262 Assignment 1 Term 1, 2017 Question 3. Cryptographic Operations with OpenSSL [9 marks] Objective: understand and apply different cryptographic primitives, use common encryption software (OpenSSL), and demonstrate secure procedures for key management. Your task is to use OpenSSL to perform a set of cryptographic operations. When performing cryptographic operations you must be very careful, as a small mistake (such as a typo) may mean the result is an insecure system. Read the instructions carefully, understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test it by decrypting it and comparing the original to the decrypted). Perform the following steps: (a) Generate your own RSA 4096-bit key pair. Use the public exponent of 65537. Save your key pair as keypair.pem. (b) Extract your public key and save it as pubkey.pem. (c) Create a Bash shell script that contains all OpenSSL commands you used on the terminal in the previous steps, as well as the following steps, and save them in a text file called commands.bash. You should copy-and-paste the actual commands you used from the terminal as they may be used to test your submission. As this script contains commands from steps (a), (b), (d), (e), (f) and (g), you should run those commands first and then put them in your script file, then do them again using the final script. (d) Sign your Bash shell script using SHA1, saving the signature as signature.bin. (e) Generate a 256 bit random value using OpenSSL. This value will be used as a secret key. Store the key as a 64 hex digit string in a file key.txt. (f) Encrypt your Bash shell script using AES-256-CBC and the key generated in step (e). Use and IV of all 0’s (that is, 32 0’s). Save the ciphertext as ciphertext.bin. (g) Encrypt your key.txt file using RSA so that only the Unit Coordinator can view the contents. Save the encrypted key as secretkey.bin. Multiple files are output from the above steps. You must submit the following on Moodle: keypair.pem pubkey.pem commands.bash signature.bin key.txt ciphertext.bin secretkey.bin The file names must be exactly as listed above. Use lowercase for all files and double-check the extensions (be careful that Windows doesn’t change the extension). Examples of the OpenSSL operations needed to complete this task, as well as a Bash script, are on Moodle. Advanced Network Security Page 6 of 8
  • 8. COIT20262 Assignment 1 Term 1, 2017 Marking Scheme Once files are submitted, they will be decrypted/verified using the reverse operations of what you were expected to do. If your files successfully decrypt/verify, and the commands (commands.bash) submitted are correct, then you will receive 9 marks. If your files successfully decrypt/verify, but the commands contain errors, then you will receive between 6 and 8 marks, depending on the severity of the errors (e.g. small typo vs wrong command). If your files do NOT successfully decrypt/verify, then your commands will be reviewed to determine what mistakes you made. You will receive between 0 and 7 marks, depending on the severity of the errors. Up to 6 marks may be deducted for incorrect submissions (e.g. not all files submitted, additional files submitted, wrong files submitted, wrong filenames). Advanced Network Security Page 7 of 8
  • 9. COIT20262 Assignment 1 Term 1, 2017 Question 4. Malware Research [9 marks] Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics: (a) What is ransomware? (b) What are examples of ransomware attacks? For example, names of malware, organisations attacked. (c) What are common methods of infection by ransomware? (d) What is the payload in ransomware? What cryptographic techniques are commonly used? (e) How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)? (f) What are the options for users once infected? (g) What countermeasures should users and organisations take to prevent ransomware attacks? The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed. There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks. You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware. At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles. Marking Scheme 1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained. 1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes. 1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks. Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources. Advanced Network Security Page 8 of 8
  • 10. COIT20262 Assignment 1 Term 1, 2017 Question 4. Malware Research [9 marks] Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics: (a) What is ransomware? (b) What are examples of ransomware attacks? For example, names of malware, organisations attacked. (c) What are common methods of infection by ransomware? (d) What is the payload in ransomware? What cryptographic techniques are commonly used? (e) How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)? (f) What are the options for users once infected? (g) What countermeasures should users and organisations take to prevent ransomware attacks? The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed. There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks. You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware. At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles. Marking Scheme 1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained. 1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes. 1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks. Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources. Advanced Network Security Page 8 of 8