Homework 3 for CSC 474 Information Systems Security
(For topic 4)

You must solve this problem set individually without any assistance from anyone. Mastery of the predicate calculus, and the ability to convert from English to the predicate calculus, is essential for success in this course.

  1. (20 points) Harry is given a job as network administrator for a Microscape. His assignment is to setup a firewall for the company. He decides to use a simple packet filtering firewall.  Unfortunately Harry is not familiar with firewalls and needs some help setting up his system. The topology of his network is shown below. The Microscape network uses 10.1/16 addresses.

Rules for this Firewall are described using simple rules as shown in the table below. Both simple prefix matching (e.g. 128.32/16) and wildcards (*) are allowed. Packets that do not match any rule are discarded  by default.

The first rule prevents hosts in the 128.32/16 network from telnetting into the Microscape network and the second rule allows hosts in the Microscape network to send mail to hosts in the Internet. These rules may effectively allow or disallow other traffic as well.

a) (5 points) Write a simple rule(s) that allows Microscape employees to browse the Web. Make this rule(s) as restrictive as possible (i.e. it should not let other traffic into/out of Microscape if possible).

b) (5 points) Suppose there were two hosts (A and B) inside the Microscape network. Assuming just the rules you added in a), could an attacker in the Internet still perform a bandwidth denial of service attack that interferes with traffic between host A and B? Why or why not?

c) (5 points) Harry installs an HTTP caching proxy in the Microscape network. He wants to ensure that all clients in Microscape use this proxy to browse the Web. How should he modify his rules from a) (you may write out the new rule or explain the changes)?

d) (5 points) Assuming the resulting setup from c) and that the web proxy is not on of the links between host A and B, can transfers between A and B be affected by a denial of service attack?

  1. (10 points) Problem 7 on page 421.
  2. (5 points) Problem 1 on page 438.
  3. (5 points) Problem 4 on page 439.
  4. (10 points) Problem 5 on page 439.
  5. (10 points) Problem 7 on page 439.
  6. (10 points) Problem 1 on page 476.
  7. (10 points) Problem 3 on page 476. (Hints: Note this is to ask Trudy to be both Alice and Bob, not to pretend to be Alice to Bob.)
  8. (10 points) Problem 6 on page 476. (Hints: (1) Active attacker may pretend to be the initiator or the responder to perform the protocols with the actual responder or initiator. (2) Consider the questions for each of the variations individually.)
  9. (10 points) Problem 9 on page 476 .