Assignment 4
Background
To complete this assignment, you will need to have completed reading through chapter 8 of the textbook and completed the slides/lectures up to and including Malicious Code.
Assignment Instructions
Reminder: All work turned in for this class must prepared in a form that I can open with Microsoft Word 2016. Do not copy the homework text into your answers; I already know what the questions are, and putting superfluous filler into your answers just makes more work for me.
For this assignment and any others that require research you must answer in your own words and cite your references correctly. A cut-and-paste answer will earn a zero for the entire assignment and may earn a course grade of F for plagiarism.
Part 1: Download and install the NMAP (Network MAPper) program; it is available from http://insecure.org/ for Windows, OS X and Linux. You may need to install a winpcap driver as well or a similar driver for your OS. You may also want to install a GUI front-end; I like Zenmap. You can do everything necessary from the command line, and without the GUI add-on.
Perform the following scan: nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 scanme.nmap.org
That is the default "intense scan" with Zenmap. You will be scanning the server "scanme.nmap.org." Do not perform the scan more than once. Do not scan anything else unless you own it!
Tell the following:
- What ports are open
- What is the best guess at the OS running on the server
- What is running on port 80?
Tell two other things NMAP found. Pick the two you deem most important.
Part 2: Explain why blocking ping (ICMP echo request) packets at an organization's edge router is not an effective defense against ping flood attacks where the attacker is trying to consume bandwidth. Describe an effective defense against such an attack. Your answer must have enough detail to show that you understand the concept.
Part 3: Network address translation (NAT) protects against unsolicited incoming packets, but not against other types other types of network activity, such as "drive-by downloads." Explain how NAT protects against unsolicited incoming packets. Explain why NAT does not protect against other types of attacks.
Part 4: Suppose you've found a USB drive in a classroom. It's not safe just to plug in the drive and see what happens. Which of the malicious software propagation techniques described in chapter 6 could use a USB drive for transport? What steps could you take to safely determine the contents of the drive?
Part 5: You download a free solitaire card game for your phone. It's a "play by yourself" game that doesn't interact with other players, etc. When you start to install it, you find that it wants permission to "Send SMS messages," and "Access your address book." What is likely going on? What would a malicious person have to gain by doing this?
Grading Rubric
This section describes how your assignment will be graded. Except in the case of plagiarism, cheating, or copying, you cannot lose more than 100 points.
This assignment is worth 100 points in the "Assignments" category of the course grading plan.
The Assignment as a Whole
Failure to follow instructions: Up to four points subtracted per part, 20 points for the entire assignment.
Grammar, spelling, and organization: Up to four points subtracted per part, 20 points for the entire assignment.
Incorrect citation or use of the works of others: Up to ten points subtracted per part, 50 points for the assignment as a whole. When you use the words or ideas of others, you need a citation in the text that ties to an entry in your "References" section. When you quote another's work, you need quotation marks. For an example, see An Example of Proper Writing in the "Required Reading" module.
Plagiarism, cheating, or copying another's work: A zero on the assignment and referral to the Student Conduct and Academic Integrity office for other penalties.
Late work: Late work will not be accepted by Desire2Learn and will be recorded as a zero.
The Assignment by Parts
| Part | Criteria | Points Available |
|---|---|---|
| 1 |
Answers to ports, operating system, and port 80 missing or incorrect: -5 each Answer to "two other things" absent, incorrect, or superficial: -5 total. |
20 |
| 2 | The answer is absent, incorrect, or superficial: up to -20 | 20 |
| 3 |
The explanation of how NAT protects against unsolicited incoming packets is absent, incorrect, or superficial: -15 The explanation of why NAT does not protect against other types of attacks is absent or incorrect: -5 |
20 |
| 4 |
The list of propagation technique(s) is absent or incorrect: -10 The description of a safe method to inspect the drive is absent, incorrect, or superficial: -10 |
20 |
| 5 |
The explanation of what the app is doing is absent, incorrect, or superficial: -10 The explanation of what a malicious person could gain from such an app is absent, incorrect, or superficial: -10 |
20 |