Presentation is loading. Please wait.

Presentation is loading. Please wait.

EC310 12-week Review. Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of.

Published byFrancis Warner Modified over 9 years ago

Similar presentations

Presentation on theme: "EC310 12-week Review. Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of."— Presentation transcript:

1 EC310 12-week Review

2 Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of hand A team must answer the question within 5 seconds after buzzing in (must have answer at hand) If the answer is incorrect, the team will lose its turn and another team may buzz in. No score will be deducted. No negative scores. Maximum score is 100. Once reached, that team will stand down for others to participate. Teams will earn all points scored at the end of game. When selecting a question, Teams must only select questions of different value, unless there are no others, but may be from different categories. All team members will participate and will answer questions Only one round - No Daily Doubles, Double Jeopardy or Final Jeopardy … and no partial credits!

3 Jeopardy! TCP/IP Model EthernetInternet Protocol ARPRouting / MITM Privileges / Buffer Overflow 10 pts 20 pts 40 pts 60 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 10 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 20 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 40 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts 60 pts

4 Which TCP/IP layer is responsible for processes that provide services to HTTP or FTP? TCP/IP 10 pts Application Layer

5 How many bytes are in a physical address? Ethernet 10 pts 6 Bytes Example F2 : 45 : 17 : FF : 71 : A2

6 Which of the following is not a valid IP address? (a) 192.148.2.0 (b) 0.0.0.0 (c) 200.256.32.104 (d) 172.31.22.48 Internet Protocol 10 pts Maximum octet value = 255

7 Which two layers does the Address Resolution Protocol (ARP) involve? ARP 10 pts Layer 2 (Data Link) & Layer 3 (Network)

8 Routing tables are maintained on which of the following: (a) routers (b) host computers (c) both a & b (d) neither Routing Tables 10 pts

9 TRUE/FALSE: It is best to order the routing table by decreasing mask value. Routing/MITM 10 pts True! This is “longest mask matching” principle

10 What does the Linux command sudo do? Privileges/Buffer Overflow 10 pts Executes a single command as the root user!

11 The Transport layer is encapsulated by which layer? TCP/IP 20 pts Network Layer (Layer 3)

12 What is the purpose of the CRC field in an Ethernet frame? Ethernet 20 pts Used for Error Detection

13 What is the network address for the IP address 200.32.33.234 / 23 ? Internet Protocol 20 pts 200. 32.00100001.11101010 200. 32.00100000.00000000 (Host bits)(Network bits) Zero out the host bits to get… 200.32.32.0 (mask) (IP address) (Network ID) 255.255.11111110.00000000 (Mask)

14 An evil attacker launching an ARP-spoof attempts to associate his ___________ address with the victim’s ___________ address. Answer choices: hardware or IP ARP 20 pts hardware IP

15 Routing/MITM 20 pts If a router receives a packet with a destination IP address that does not match any of the networks on the routing table, what does the router do with it? The router sends it to the default router. This is often indicated in the routing table by: MaskNetworkAny or /00.0.0.0

16 Privileges/Buffer Overflow 20 pts What does setting the setuid permission on an executable program do? Whenever the program is executed it will behave as though it were being executed by the owner!

17 TCP/IP 40 pts What is the name of the collection of 1’s and 0’s at layers 5 through 2? Layer 5 – “Message” Layer 4 – “Segment” Layer 3 – “Packet or Datagram” Layer 2 – “Frame”

18 Calculate the bandwidth seen by user 3 if each network is connected via 10 Mbps Ethernet. Ethernet 40 pts 1 2 3 4 5 6 B1B2 10Mbps ÷ 3 = 3.33Mbps

19 How many addresses can be assigned to hosts on the network 138.43.29.128 / 26 ? Internet Protocol 40 pts 32 total bits – 26 network bits = 6 host bits 2 6 -2=62 addresses assignable to hosts. Account for the broadcast and network addresses.

20 What two types of ARP messages exist? What is the fundamental problem with ARP that allows an ARP-spoof to be possible? ARP 40 pts ARP Request & ARP Reply An ARP reply can be sent (and be accepted!) without an ARP request

21 Routing/MITM 40 pts Fill in the missing information in the routing table for R1.

22 Privileges/Buffer Overflow 40 pts What is the correct order for arranging the payload in a buffer overflow attack, and what are their purposes? Choices are given below: The exploit (shellcode) Repeated return addresses NOP sled NOP Sled – It is a series of “no operation” commands that lets the hacker be a bit off with the return address, so that the return address just has to point anywhere within the NOP sled. Otherwise, the return address would need to be the precise first address of the exploit. The exploit – This is the executable program. Repeated return addresses – The return address points towards the exploit as the next instruction (however, see the note regarding the NOP sled). It is repeated so that the hacker would have a number of chances to get the address correctly positioned in the Return Address field in the stack.

23 Suppose an application entity wants to send a 100 byte message to a peer entity. If each layer from 4-2 appends a 15 byte header, what percentage of the total frame size is actual application entity data? TCP/IP 60 pts [100 / (100+15+15+15) ] x100 = 69%

24 Ethernet 60 pts Assume the Network layer passes the Data Link layer 6030 bytes of information to transmit. How many Ethernet frames will be required? 6030÷1500 = 4.02 thus 5 Frames

25 What is the block of addresses assigned to the network 56.45.100.0 / 23 ? Internet Protocol 60 pts 56.45.01100100.00000000 56.45.01100101.11111111 (Network bits) (Host bits) = 56.45.100.0 (First Address) = 56.45.101.255 (Last Address) (mask)...

26 N1 : L1 N2 : L2 N3 : L3 N4 : L4 N5 : L5 You are user C in the network below. Design an ARP Spoofing attack on User D. What changes would you make to the ARP cache? ARP 60 pts L3

27 Routing/MITM 60 pts Design an MITM attack to divert traffic from the server Target’s Network 40.230.45.128 00101000111001100010110110000000 Target’s IP Address 40.230.45.161 00101000111001100010110110100001 Attacker’s Lie 40.230.45.160 00101000111001100010110110100000 40.230.45.161 Ans: 40.230.45.160 / 27 Other possible Answers: 40.230.45.160 / 28 40.230.45.160 / 29 40.230.45.160 / 30 40.230.45.160 / 31 Target’s Network 40.230.45.128 00101000111001100010110110000000 Target’s IP Address 40.230.45.161 001010001110011000101101 Attacker’s Lie

28 Name and describe two technical solutions to prevent a buffer overflow attack. Privileges/Buffer Overflow 60 pts The non-executable stack: The CPU will not execute any machine instructions located in the portion of main memory reserved for the stack. The stack canary: The CPU checks a known value in memory just prior to the location of the return address (to make sure it was not changed) before resetting the EIP. Address space layout randomization: The stack and the heap are placed in random memory locations, preventing the hacker from easily predicting return addresses’ location.

29 Score Card TeamTallyScore

Download ppt "EC310 12-week Review. Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of."

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Umut Girit 200535027.  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Address Resolution Protocol.

CISCO NETWORKING ACADEMY Chabot College ELEC Address Resolution Protocol.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
 As defined in RFC 826 ARP consists of the following messages ■ ARP Request ■ ARP Reply.

 As defined in RFC 826 ARP consists of the following messages ■ ARP Request ■ ARP Reply.
EC312 Review. Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of hand A team.

EC312 Review. Rules of Engagement Teams selected by instructor Host will read the entire questions. Only after, a team may “buzz” by raise of hand A team.
Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.

Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.
CS335 Principles of Multimedia Systems Multimedia Over IP Networks -- I Hao Jiang Computer Science Department Boston College Nov. 6, 2007.

CS335 Principles of Multimedia Systems Multimedia Over IP Networks -- I Hao Jiang Computer Science Department Boston College Nov. 6, 2007.
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
CS335 Networking & Network Administration Tuesday, May 11, 2010.

CS335 Networking & Network Administration Tuesday, May 11, 2010.
1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:
IP Routing: an Introduction. Quiz 0-31 32-63 64-95 96-127 128-159 160-191 192-223 224-255.

IP Routing: an Introduction. Quiz
Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.

Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.
Address Resolution Protocol (ARP). Mapping IP Address to Data-Link Address  How does a machine map an IP address to its Data- Link layer (hardware or.

Address Resolution Protocol (ARP). Mapping IP Address to Data-Link Address  How does a machine map an IP address to its Data- Link layer (hardware or.
IP Address 0 network host 10 network host 110 networkhost 1110 multicast address A B C D class 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255.

IP Address 0 network host 10 network host 110 networkhost 1110 multicast address A B C D class to to
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
CMPT 471 Networking II Address Resolution IPv6 Neighbor Discovery 1© Janice Regan, 2012.

CMPT 471 Networking II Address Resolution IPv6 Neighbor Discovery 1© Janice Regan, 2012.
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
CS 356 Systems Security Spring 2015 Dr. Indrajit Ray

CS 356 Systems Security Spring Dr. Indrajit Ray

Similar presentations

Ads by Google