


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Computer Security 6, Exercises Solution- Computer Science - Prof. David Wagner.pdf, University of California (CA) - UCLA, United States of America (USA), Prof. David Wagner, Computer Science, Computer Security, Firewalls and Network Threats, Zero-Knowledge Proofs, Firewall Deployments
Typology: Exercises
1 / 4
This page cannot be seen from the preview
Don't miss anything!



List and explain three network threats that a firewall does not protect against. (If a threat only applies to certain types of firewalls, then explain why this is the case.)
Sample threats: (1) Attacks against open ports, such as buffer overrun attacks against unblocked services; (2) Malicious code or attacks carried in email or web traffic (many firewalls do not scan or examine email and web payloads); (3) Attacks on the firewall itself (e.g., trying to penetrate the firewall code by exploiting a buffer overflow in the firewall’s packet parsing code); (4) Internal attacks by malicious insiders; (5) Attacks from compromised internal machines against other internal machines (e.g., a laptop becomes infected with a worm, which tries to infect other inside hosts)—applies to perimeter firewalls; (6) Attacks from compromised machines which have a VPN or other tunnel through the firewall—applies to perimeter firewalls; (7) Denial of service attacks against the network link or the firewall itself.
Grading: 10 point per threat, broken down as 5 points for the threat and 5 points for the explanation.
Let (N, e) be Alice’s RSA public-key and (N, d) be her private key. Suppose that Bob claims to have a signed message from Alice: he claims to have s = m d^ mod N for some particular m mod N (which he reveals). Bob wishes to prove to Charlie that he has this signed message, without revealing any information about s. The following are the first two steps in a protocol by which Bob can provide a zero-knowledge proof of knowledge about s:
Explain the strengths and weaknesses of each of the following firewall deployment scenarios in defending servers, desktop machines, and laptops against network threats.
(a) A firewall at the network perimeter. Example strengths: (1) Mediates all incoming traffic from external hosts and can protect against many attacks by outsiders; (2) Easier to manage and to update policies, because of single central location; (3) Protects against some kinds of DoS attacks launched from the outside.
Example weaknesses: (1) No protection against malicious insiders; (2) No protection for mobile laptops while they are connected to other networks; (3) No protection if laptops get infected while travelling and then spread infection when they re-connect to our internal network.
Grading: 7 points total, broken down into 3 points for naming at least one valid strength, 4 points for at least one valid weakness.
(b) Firewalls on every end host machine.
Valid answer #1: Tygar should receive higher priority, to prevent the system load from being used as a covert channel (otherwise the speed at which Quake runs depends on Wagner’s behavior, which means that Wagner could leak secrets to Tygar).
Valid answer #2: Both receive a fixed percentage of system resources, to prevent the system load from being used as a covert channel. For example, Quake always receives exactly 50% of CPU time, whether or not Tygar is using the system at the time.
Grading: 10 points total, 5 points for a correct statement of who gets which priority, 5 points for explaining why (to prevent system load from being used as a covert channel).
(c) Why is it difficult to implement systems supporting covert channel prevention that perform well? Ex- plain your answer. Every resource that is shared among multiple users represents a possible covert channel. Pre-allocating such resources with a fixed schedule leads to a loss of performance; while trying to dynamically multiplex access to such resources on the fly in a way that leaks nothing is difficult. Also, there are many shared resources, and it is hard to identify them all.
Grading: 10 points for a full answer. Partial credit for several common answers.