Network and Distributed Systems Security: Chapter 9

Questions and Answers

Which network communication medium is most susceptible to physical wiretapping?

• Satellite
• Cable (correct)
• Microwave
• Optical fiber

How does 'inductance' facilitate wiretapping in certain network transmission media?

• It creates a wide broadcast footprint that allows any antenna within range to obtain signals.
• It allows intruders to intercept signals radiating from wires without direct physical contact. (correct)
• It broadcasts signals through the air, making them accessible to outsiders.
• It enables attackers to precisely splice cables and receive a copy of the data.

Which of the following best describes a 'sequencing attack' on network communications?

• Manipulating the order of data packets to disrupt data integrity (correct)
• Replacing one piece of a data stream with another
• Inserting malicious code into a data stream
• Intercepting and reusing legitimate data without modification

Why is wireless communication inherently more vulnerable than wired communication?

The exposed signal in wireless communication is more vulnerable to interception. (A)

What is the primary purpose of a 'Key Distribution Center (KDC)' in the Kerberos authentication protocol?

To manage and distribute encryption keys for secure communication (D)

In the context of network security, what is a 'replay attack', and how can it be mitigated?

An attack where legitimate data is intercepted and reused; mitigated by timestamps. (B)

A company uses optical fiber for its network backbone. What is a potential vulnerability related to wiretapping that they should be aware of?

Wiretappers can tap into repeaters and splices within the fiber optic system. (C)

Which of the following is a key characteristic of a Distributed Denial of Service (DDoS) attack?

It involves multiple compromised machines attacking a single target simultaneously. (B)

How does a SYN flood attack lead to a denial-of-service?

By overwhelming the victim's SYN_RECV queue with incomplete connection requests (A)

What is the primary difference between 'link encryption' and 'end-to-end encryption' in network security?

Link encryption protects data only between two nodes, while end-to-end encryption protects data from source to destination. (C)

What is the significance of a MAC address in network communication, and how might it be exploited?

A MAC address uniquely identifies a network interface card; it can be exploited through MAC spoofing. (A)

An attacker replays an innocent image to security cameras, gaining unmonitored access to a bank vault. What type of attack is this?

Physical replay attack (C)

How does a 'Smurf attack' amplify the impact of a denial-of-service attack?

By spoofing the victim's address and sending ping packets in broadcast mode (C)

What are the two main concerns regarding authentication issues in a distributed system?

Ensuring the authenticity of communicating hosts and users (D)

What is the role of 'ports' in addressing and routing network traffic?

They are associated with application programs to monitor network services. (D)

What is the general definition of a network?

Any number of devices connected across a medium by hardware and software that allows for communication (A)

What is the purpose of Wireshark?

To examine packets as they go by in a Wi-Fi network. (D)

Which of the following statements best describes the concept of 'anonymity' as a network security issue?

The difficulty in identifying the source of network traffic. (C)

Which of the following is NOT a security function of Kerberos?

Denial of service protection (B)

A key feature of a network is that it always involves only a single server interacting with one client.

False (B)

In network communications, the vulnerability of data diminishes when transmitted wirelessly compared to using a physical wire.

False (B)

In cable networks, wires prevent signals from radiating, effectively eliminating the risk of eavesdropping.

False (B)

Optical fibers are highly vulnerable to tapping due to the electrical nature of their signal transmission.

False (B)

The footprint of a microwave broadcast is intentionally narrow in order to improve security.

False (B)

Data emanation is a key strength of wired networks, ensuring reliable signal transmission.

False (B)

Routing and addressing protocols are not typically considered vulnerabilities in network security.

False (B)

A network interface card (NIC) has a unique physical MAC address.

True (A)

In a sequencing attack, the attacker manipulates data values by inserting them into a stream.

False (B)

Eavesdropping and wiretapping on a network represent modification threats to communication.

False (B)

In a 'Smurf attack', the attacker hides their address when sending ping packets.

False (B)

In a SYN flood attack, the attacker aims to exhaust the victim's resources by overflowing a queue of complete connections.

False (B)

DDoS attacks are generally launched by a single machine to exploit software vulnerabilities in other systems.

False (B)

In WiFi networks, an SSID is used to uniquely identify a wireless access point.

True (A)

Network complexity decreases the likelyhood of potential security issues.

False (B)

End-to-end encryption secures data only on physical communication links.

False (B)

In link encryption, decryption occurs as the communication leaves the sending computer.

False (B)

Digital Distributed Authentication uses private keys to generate digital signatures, which can be verified using public keys.

True (A)

Kerberos is designed to be deployed in environments that employ purely asymmetric cryptographic systems.

False (B)

CORBA mandates the use of Kerberos for all authentication processes in distributed object interactions.

False (B)

Flashcards

What is a Network?

Two devices connected by hardware and software to complete communications.

What is packet sniffing?

Examining each packet as it goes by to analyze network traffic.

What is radiation interception?

Wires radiate signals that an intruder can read.

What is Cable Splicing?

An attacker cuts and splices a secondary cable to receive a copy of the data.

What is Microwave transmission?

Broadcast through the air, making them more accessible to outsiders.

What is a Protocol?

It uses a language or set of conventions for how two computers will interact.

What is addressing?

Every computer connected to a network has a NIC card with a unique physical address.

What is Routing?

Routers direct traffic on paths toward a destination.

What are Ports?

A number associated with an application program that serves or monitors for a network service.

What is Interception?

Illegitimate capture of data in transit.

What is Modification?

Data is altered during transmission.

What is Fabrication?

False or bogus data is inserted into a stream.

What is Interruption?

A network service becomes unavailable.

What is a SYN Flood?

An attack that overwhelms victims by filling their SYN_RECV queue which tracks incomplete connections.

What is Flooding?

Occurs from demand in excess of capacity, from malicious or natural causes.

What is Blocked Access?

The attacker may simply prevent a service from functioning.

What is a Smurf Attack?

An attack technique where the attacker sends a flood of pings after spoofing the victims address.

What are Botnets?

Networks of bots, are used for massive DoS attacks.

What is wiretapping?

Means to intercept communications.

What is Impersonation?

To pretend to be someone else to gain unauthorized access.

Optical Fiber Security Advantage

Optical networks must be carefully tuned; tapping is detectable.

IP Fragmentation (Teardrop)

Attackers send overlapping fragments that cannot be reassembled, crashing the system

Traffic Redirection Attack

Misleading routers to disrupt network communication by exploiting authentication weaknesses.

DNS Attack

Attacks targeting domain name servers to disrupt or take control of online services.

Scripted Denial-of-Service Attacks

DDoS attacks launched easily from pre-written scripts.

Inductance Interception

The process where an intruder can tap a wire without physical contact.

DDoS Attack

Using compromised computers (bots or zombies) to perform coordinated attacks.

Rent-a-Bot

Attackers make money by renting compromised systems for malicious activities.

Wi-Fi Frame

A Wi-Fi data unit.

Network Security Vulnerabilities

Weaknesses on a network.

Microwave Weakness

Signal is affected by weather and has to have a line of sight.

Wireless Network Weakness

Signal degrades over distance and is easily interceiptable.

Kerberos

Designed to withstand attacks.

Study Notes

### Introduction to Networks
- A network is defined as two devices connected by hardware and software facilitating communication.
- Normal networks encompass multiple clients interacting with multiple servers, not just a single client-server pair.

### Network Transmission Media
- Cable vulnerabilities involve packet sniffing using tools like Wireshark, radiation leading to signal interception via inductance, and physical cable splicing.

### Threats to Network Communications
- In sequencing attacks, packets arrive out of order (e.g., packet 2 before packet 1). Substitution attacks replace a piece of the data stream. Insertion attacks insert data values into the stream.

### Wireless Network Security
- The 802.11 protocol suite dictates device communication in the 2.4 GHz radio signal band for WiFi.

### Authentication Issues in Distributed System: Kerberos
- Kerberos was designed to withstand attacks in distributed environments by ensuring no password communication on the network, deploying cryptography for spoofing protection, and integrating timestamps to avoid replay attacks.