Complete the following short answer questions1. How do the virus.pdf
- 1. Complete the following short answer questions: 1. How do the viruses propagate between computers? 2. What is social engineering? 3. How will an SPI firewall handle a packet containing a TCP segment which is an acknowledgement? 4. Revise the access control list (ACL) in Figure 3-23 (page 119 in the textbook) to permit access to an FTP server with IP address 10.32.67.112. 5. How will the ACL in Figure 3-23 (page 119 in the textbook) handle a packet that attempts to open a connection to an FTP server? Explain. 6. For each of the following passwords, first state the kind of attack that would be necessary to crack it. Justify your answer. Then say whether or not it is an adequate password, again giving specific reasons. a) password b) Winter1 c) SpringBreaK d) 2!T*d (00-10) e) 9g&8tY7#?s+445=232+ Solution Answers: 1)How do the viruses propagate between computers? -> The browsers gain more features and functions more methods for virus propagation appear directly to a computer across the network. Web pages : ->Either via a download, web code, or a cross-site scripting (CSS) attack, web pages can be a source of viral infection. As browsers gain more features and functions more methods for virus propagation appear. Messages: -> E-mail messages as well as IM or chat messages can be a vector for viral infection. -> Whether the virus is spread through links, embedded code, or an attachment depends on the type of message and the client software. Infected programs or Trojans : -> Running an infected program that you copied from a CD or other media (or downloaded) is a means of infection. Sometimes the virus is a Trojan, where it appears to be a useful program, but
- 2. is in fact a virus. 2. What is social engineering? -> Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. -> Social engineering is the art of manipulating people so they give up confidential information. -> A social engineer runs what used to be called a "con game. Popular types of social engineering attacks : 1)Phishing: -> Phishing is when a malicious party sends a fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. 2) Pretexting: ->Pretexting is another form of social engineering where attackers focus on creating a good pretext, or a fabricated scenario, that they can use to try and steal their victims’ personal information. 3. How will an SPI firewall handle a packet containing a TCP segment which is an acknowledgement? -->Process it through the Access Control List (ACL) -> Stateful Packet Inspection: Connections have distinct states or stages. ->Different states are subject to different attacks. Stateful firewalls use different filtering rules for different states. Different because it uses filter rules in order to accept or deny traffic. ->An example would be windows firewall. 4. Revise the access control list (ACL) in Figure 3-23 (page 119 in the textbook) to permit access to an FTP server with IP address 10.32.67.112.? -> An access control list (ACL) is a table that tells a computer operating system which accessrights each user has to a particular system object, such as a file directory or individual file. -> ACLs are a network filter utilized by routers and some switches to permit and restrict data flows into and out of network interfaces. -> When an ACL is configured on an interface, the network device analyzes data passing through the interface. -> The list has an entry for each system user with access privileges. -> The most common privileges include the ability to read a file, to write to the file or files, and to execute the file. -> Microsoft Windows NT/2000, Novell'sNetWare, Digital's OpenVMS, and UNIX-based systems are among the operating systems that use access control lists. -> More advanced lists have more distinct control, but the general guidelines are as follows: a) A sequence number or term name for each entry.
- 3. b)A statement of permission or denial for that entry. c) the network protocol and associated function or ports. -> Examples include IP, IPX, ICMP, TCP, UDP, NETBIOS and many others. 5. How will the ACL in Figure 3-23 (page 119 in the textbook) handle a packet that attempts to open a connection to an FTP server? Explain. ACL will apply it's three rules. 1. Allows all connections to port 25. 2. Allow single internal host on port 80. 3. Drops and logs other opening packets.