IT 230 John Hanington

Fall 2010
Homework 4

Part 1)

1) B. is a separate device that can be installed between other network devices to monitor traffic.

2) C. A password is too long.

3) A. A default account

4) B. Denial of service

5) A. CSMA/CA

6) B. Intercepts legitimate communication and forges a fictitious response.

7) B. Replay attack makes a copy of the transmission before sending it to the recipient.

8) A. SMTP v.2

9) B. In the local host file.

10) D. Zone transfers.

11) D. DNSSEC.

12) A. ARP.

13) D. TCP/IP hijacking.

14) B. Beaconing.

15) A. Scatternet.

16) D. Blue snarfing.

17) A. Switch flooding.

18) C. Spam.

19) C. Zone transfer imaging (ZTI)

20) A. Change the entries in a DNS zone transfer table.

Part 2)

DNS poisoning is when the DNS server accepts fraudulent DNS entries from the attackers DNS
server. DNS poisoning can also be accomplished by changing the users host table in the
system32\drivers\ect\ folder. Attackers do this to get the user to go to a fraudulent look-a-like
website where they enter their information and is now in the hands of the criminals.

ARP is used to convert an IP address into a MAC address. A frame broadcasts to all hosts on a
local network containing an IP address. The host with that IP address in the frame replies with
his MAC address. An attacker could alter the MAC address in the ARP cache so that the
corresponding IP address would point to a different computer. The attacker then receives all of
those persons packets also know as a man in the middle attack.

ARP poisoning is when you intercept and analyze the data on a network and then obtain
usernames and passwords. DNS poisoning is when the user is tricked to thinking the website
they are on is legitimate and then enter their credentials on the attacker’s server. They both are
ways of obtaining the users information.

Part 3)

3a) Yes and no. I believe that websites like these should show unencrypted access points
for places such as coffee shops, libraries, hotels and municipal wifi. I do feel that they shouldn’t
display unencrypted wifi for private residences like a house or apartment because that could be a
potential security risk to their personal information.

3b)            I would feel obligated to tell them that they may be at many risks in not encrypting
but I would like to have a neighbor who didn’t encrypt there traffic in case my Mom ever took
my internet access away.

4) This attack could be avoided by using by a user changing his/her password every 2 weeks or
every month so that when the attacker tries changing the code to see if the server responds, the
password would have already been changed making the attackers captured data worthless. The
user can also use a VPN connection every time they connect to the internet to prevent the
attacker from ever getting this information.