CSC 290A – Network Security

Name:_______________________________

Final

Hofstra University – Spring 2006

 

Answer all three questions.



  1. You are working for a corporation that has a sizable internal network, but wants to offer a web product for the first time. They need Web (http) services, ftp and mail. In addition, they want to use H.263 video streaming for conferencing.
     
    Design a DMZ with firewalls and routers that provides the best possible protection. Explain which type(s) of firewall you are using and why. Specify all the firewall rules similar to Table 11.1, p.348. Give a general description of your design and explain any issues or problems. (25 Points)

  2. Here is a UNIX password file from /etc/passwd:

            bin:x:2:2::/usr/bin:
            sys:x:3:3::/:
       nobody:x:60001:60001:Nobody:/:
       areu:Oj6S06TnZ8kZk:2001:60001:Anthony Reurrio:/export/home/areu:/bin/ksh
       network:gjlOdWc3fixLI:2002:60001:Network Admin:/export/home/network:/bin/ksh
            classis:oD8Uu4rXLQUvM:2003:60001:Security Class:/export/home/class:/bin/ksh

    Recall, from the first few slides of Session 10, that the password for each login is encrypted, along with the salt, as the second field of each line (each line is a user). For the last three users in this file, there is a corresponding password as follows:
            <LOGIN1> = areu      <PASSWORD1> = ?
       <LOGIN    2> = network   <PASSWORD2> = ?
       <LOGIN    3> = classis   <PASSWORD3> = ?
    If you arrange these logins and passwords like this:
         <LOGIN1> <PASSWORD1> <LOGIN2> <PASSWORD2> <LOGIN3> <PASSWORD3>?
    you will get a crude, cryptic, but appropriate sentence. Determine the passwords and the sentence.
    (HINT: Use a password cracker, as we did in class, or brute force – your choice!)
    The passwd file is available here for download. (25 Points)

 

NOTE: This is due next class, May 15, 2006 – No late submissions!