CS 450/650 Fundamentals of Integrated Computer Securit

Spring 2010

Homework 5 : Network Security

Due on Wednesday, May 4 at 11:00 am

1 :There was a recent issue with Amazon cloud system. What are the security implications of the problem.

The following problems are from the text book (Pfleeger, 4th edition):

Chapter 7:

10 : List the major security issues dealt with at each level of the OSI protocol stack.

19 : A port scanner is a tool useful to an attacker to identify possible vulnerabilities in a potential victim's system. Cite a situation in which someone who is not an attacker could use a port scanner for a nonmalicious purpose.

22 (partial) : How many 4-digit numeric PINs are there? Suppose a ban prohibits "obvious" PINs like 0000 and 1234. What would you define as "obvious," and how many PINs would that disallow?

24 : Suggest a countermeasure for traffic flow analysis.

27 : How can a web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the site's URL is shown on television during the broadcast of a popular sporting event. That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable?

54 : Do firewall rules have to be symmetric? That is, does a firewall have to block a particular traffic type both inbound (to the protected site) and outbound (from the site)? Why or why not?

63 : Can encrypted e-mail provide verification to a sender that a recipient has read an e-mail message? Why or why not?

What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy of the solutions) to be uploaded to WebCT.