Exam Review, Network Intro

Download Report

Transcript Exam Review, Network Intro 

CISC 210 - Class Today
• Going over the Exam Answers
• Intro Networking
March 2005
R. Smith - University of St Thomas - Minnesota
1
Question 1
• Assets: A, N
• Risks: D, E, K, M
• Policy: G, L
– Optional: B, H, I
• Defenses (optional): O, B, H, J
• Monitor: C, F, P
– Optional: O, J
• Recover (optional): I
March 2005
R. Smith - University of St Thomas - Minnesota
2
Questions 2-6
• Desktop: 1 – KNOW
• Desktop + Fingerprint Reader: 2 – KNOW, ARE
• ATM: 2 – HAVE, KNOW
• Web site: 1 – KNOW
• Charlie’s Angels: 1 – ARE
March 2005
R. Smith - University of St Thomas - Minnesota
3
Access Permissions
• Question 7 – YES
• Question 8:
–
–
–
–
–
–
Owner – Bob or Tina
Group – any name
Members – Bob and Tina
Owner Access – RW
Group Access – RW
World Access – --
March 2005
R. Smith - University of St Thomas - Minnesota
4
Web Browser Secret Keys
• 128-bit key with 88 bits published
• Question 9: 40 bits, 1012
• Question 10
– Doubles 8 times over 12 years
– Doubling = 1 bit, so size increases by 8 bits
– = 48 bits
• Question 11
– 40 bits in the browser secret + 16 bits = 56 bits in DES
• NOT 144 bits (128 + 16)
– If we double 8 times over 12 years, then 16 times over 24 years
– 1995 + 24 = 2019
March 2005
R. Smith - University of St Thomas - Minnesota
5
Question 12
• 1 bit broken in first ciphertext block
– Xored with encrypted IV = 1 bit broken in 1st plaintext block
• First ciphertext block is block encrypted
– Encrypted result is ALL GARBAGE
– Result XORed with second ciphertext block
– Second plaintext block = ALL GARBAGE
• Second ciphertext block is block encrypted
– Ciphertext is clean -> plaintext is undamaged
March 2005
R. Smith - University of St Thomas - Minnesota
6
Questions 13 and 14
• Question 13
– 32000 / (2 * .25) = 64,000
• Question 14
– Provide inputs from the ciphertext file
• Ciphertext AND Nonce
• Create the key with the one-way hash
– Mistakes
• Not showing the right source for the nonce
• Not showing all the functions
• Not giving all inputs to the functions
March 2005
R. Smith - University of St Thomas - Minnesota
7
Networking Intro for Security
• Types of network connections
March 2005
R. Smith - University of St Thomas - Minnesota
8
Types of network connections
– Point-to-point – a raw set of wires
• Connects point A to point B, and that’s all
• Classic phone system = sets of point to point wires
– Wired broadcast – like digital cable TV signals
• Everyone on the wire hears the signal
• Classic Ethernet was like this
• 10- 100- 1000-baseT uses ‘star’ hubs, switches to do this
– Wireless broadcast – everyone hears it
• Alohanet – the grandad of Ethernet
• Modern satellite TV is a digital broadcast
– Directed wireless “line of sight” transmission
• Classic microwave towers
• Satellite – to some extent
March 2005
R. Smith - University of St Thomas - Minnesota
9
Network Topologies
• Goal is “everyone talks to everyone”
• Here are the ‘real’ topologies
– Bus or “Star Hub”
• Everyone links on and hears everything
– Switched Star
• Everyone connects to everyone, linked through a switch
• Can’t eavesdrop as easily
– Daisy Chain or Ring
• Like a game of ‘hot potato’ = pass messages along
• Appears in some metropolitan optical networks
– Distributed Links
• Phone system, Internet = lots of ‘hops’ as data travels
March 2005
R. Smith - University of St Thomas - Minnesota
10
Connection implications
• Can attacker hear the messages?
– “Passive” attack
• Can attacker produce messages?
– “Active” attack
• If so, what must the attacker do to ‘hook up’?
– Consider each type of network connection
• Defense questions
– Can we shield our messages from eavesdropping?
– Can we block outsiders from joining our network?
– Can we detect/discard traffic from outsiders?
March 2005
R. Smith - University of St Thomas - Minnesota
11
Other technical nits
• Digital versus analog transmission
– Computers don’t ‘do’ analog by themselves
• Need D/A and A/D converters handle analog signals
– Modems – for systematic transmission over analog lines
• Converts digital to analog for transmission, then back again
• Synchronous vs Asynchronous
– “Synchronous” digital data is supposedly more efficient
• A bit or byte of data is sent EVERY time period
• Whether data is available or not
– A tradition from the days of IBM mainframe ‘terminals’
– Asynchronous is more flexible
• Start or stop according to data availability
March 2005
R. Smith - University of St Thomas - Minnesota
12
Local Nets and the Internet
• Local nets (LANs) connect machines with a
single technology, and one set of reachable
addresses
– Usually you can easily broadcast on your local net
– It’s a ‘wiring’ question to join your LAN
• The Internet allows us to ‘hop across’ LANs to
get from one computer to another
– Internet provides globally recognized addresses for computers
– Internet routers send packets between LANs
• Directs them to the right LAN to get closer to the
destination
March 2005
R. Smith - University of St Thomas - Minnesota
13
Networking and “Layers”
• Modern networking is built in layers
– Network software is called the “protocol stack”
– Different software layers for different levels of protocol
• The layers
– Application layer – programs and services like Web or e-mail
– Socket interface – between application and TCP/IP
– TCP/UDP – provides reliability or process addressing
• TCP = reliable, orderly data delivery to a specific process
• UDP = unverified data delivery to a specific process
– IP – provides addressing ACROSS local networks
– Link – provides addressing on a LAN
March 2005
R. Smith - University of St Thomas - Minnesota
14
Addressing and Connecting
• Modern computers connect at 4 levels
•
•
•
•
Physical – wireless or a wire
Node-node – connecting on a LAN
Host-host – Internet addressing
Socket-socket – applications and processes
March 2005
R. Smith - University of St Thomas - Minnesota
15
Creative Commons License
This work is licensed under the Creative
Commons Attribution-Share Alike 3.0 United
States License. To view a copy of this license,
visit http://creativecommons.org/licenses/bysa/3.0/us/ or send a letter to Creative
Commons, 171 Second Street, Suite 300, San
Francisco, California, 94105, USA.
March 2005
R. Smith - University of St Thomas - Minnesota
16