Information Technology Assignment Sample on Network Security

You can download the sample Information Technology essay on Network Security with the following question for free at the end of this page. For further assistance in Information Technology Assignment help, please check our offerings in Information Technology assignment solutions. Our subject-matter experts provide online assignment help to Information Technology students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.

(AssignmentEssayHelp does not recommend anyone to use this sample as their own work.)

Information Technology Assignment Question

Question 1         

In this part of the assignment you are to give a demonstration about how the Asymmetric RSA algorithm works. You can find information about the RSA algorithm in the Ciampa textbook 4^th edition p. 427, or in Chapter 8 of the Handbook of Applied Cryptography (Menezes et al., 1996) available at http://cacr.uwaterloo.ca/hac/. A summarised description of the algorithm follows.

1. Choose two large random and distinct prime numbers p and q
2. Compute the value of n as: n=p*q. In terms of RSA, n is called the modulus.
3. Compute f as: f =(p-1)*(q-1)
4. Select a random integer e, 1<e< f, such that the greatest common divisor (gcd) between e and f is 1. That is to say: gcd(e, f)=1. This implies that e is such that e and f have no common positive divisors other than 1. In terms of RSA, e is called the encryption exponent.
5. Choose d so that e*d º 1 (mod f), where º is known as the congruence operator and (mod f) is known as the integer module. This implies that e*d – 1 is evenly divisible by f. In other words if the integer module is k, then [e*d – 1]/ f should be k. In terms of RSA, d is called the decryption exponent.

The Public Key is the combination of (e,n), used to encrypt the message. The Private Key is the combination of (d,n) used to decrypt the ciphertext and reveal the original message.

Given a Message M, to encrypt into ciphertext C, we use the following formula:
C = M^e mod n.

Given a Ciphertext C, to decrypt into plaintext message M we use the following formula:
M = C^d mod n.

1. Based on the information given, illustrate the RSA algorithm using the information extracted from your student number to obtain the message M, and to choose p and q. To do that follow these steps:

1. Take your student number and add all the numbers in it. From the result, take the least significant digit. This will be the message to encrypt. For example if your student number is s0209593, then the addition of the numbers is: 0+2+0+9+5+9+3 = 28 with the least significant digit being 8. The message is then M=8.
2. Take the two least significant digits of your student number and from there choose p and q such that: p< two least significant digits <q. In our example, the two least significant digits of the student number are 9 and 3, therefore p<93<q.

Once you have chosen M, p and q, fill the following Table:

Student Number
M
p
q
n
f
e
d
C= Me mod n
M = Cd mod n

Do not forget to show your working. If you do not show your working then you will not have marks. To calculate C= M^e mod n and M = C^d mod n you may need to use the Modular Exponentiation algorithm. Information about this algorithm can be found in the web using a search engine like Google and searching for 'Modular Exponentiation') (2 marks)

1. Based on your illustration of RSA and your research in the field, write a 200 word essay that addresses the following questions: what are the weaknesses of the RSA algorithm? How close p and q should be. How big are they supposed to be? How is n supposed to be in terms of factoring? What happens when e is small? What are the optimum values for e and d? All your references should be cited using the Harvard or APA format (3 marks)

Question 2

You are a security specialist working for ABC Incorporated.  ABC use SNORT as their NIDS which protects their IP sub-network being in the range of 203.40.27.128 – 203.40.27.255.

A recent security vulnerability has been found in OpenSSH.  A junior staff member within the security team developed a new SNORT rule to detect this attack.  Your supervisor has asked you to check the work of the junior staff member to ensure there are no errors in the SNORT rule.

The security vulnerability is described as follows:

A buffer overflow has been detected in the OpenSSH server.  Exploits have been released and exhibit the following characteristics:

• A payload positioned 100 bytes from the start of the data with a string message 'You are mine'
• After the above payload, there is a variable field of 4 bytes specifying a return address.  These 4 bytes can be any value.
• Following the variable 4 bytes return address is the exploit code signature given in HEX as AB 8F 23 8A BC 92

The rule should:

• when triggered, drop and then log the packet only.
• detect attacks from inside and outside their private network.
• include a message with the log entry as 'OpenSSH exploit attempt'.
• include a reference to the CVE number CAN-2006-06-3318
• Have a classification of attempted-admin

The rule written by the junior staff member is as follows:

alert udp !203.40.27.0/24 any -> 203.40.27.128/24 23 (msg: 'OpenSSH exploit attempt'; cve:CAN-2006-06-3318; classtype: attempted-admin; content: 'You are mine'; depth: 12; offset:100; content: 'AB 8F 23 8A BC 92'; depth:6; offset:4;)

The rule above contains 10 syntax or logic errors.  Your task is to review the above rule and identify these errors which may prevent the rule from detecting legitimate attacks, or will cause false positives.  For all the mistakes, identify the error, explain why it is wrong, and then fix the error.

EXAMPLE:

Here is a sample rule with a mistake in it.

alert udp any 53 -> any 53 (msg: 'DNS attack'; content: 'XYZ';)

Here is an example of the solution format:

Error 1: alert udp any 53 ->

The source port is given as 53, however requests to a DNS server from a client will use ephemeral ports, and therefore should be given as any.  To correct this mistake, the rule should read:

Solution 1: alert udp any any -> any 53

Question 3: Workshop Projects

Provide evidence that you have completed the following projects from the workshops:

Workshop 7: Project 11-3 in the Ciampa (4^th edition, 2012) textbook, pages 441-443

Workshop 7: Project 11- 4 in the Ciampa (4^th edition, 2012) textbook, pages 443

Workshop 7: Project 12-1 in the Ciampa (4^th edition, 2012) textbook, pages 480-481

Workshop 10: Project 8-1 in the Ciampa (4^th edition, 2012) textbook, page 320-321

Workshop 10: Project 8-3 in the Ciampa (4^th edition, 2012) textbook, page 323-324

Information Technology Assignment Solution on Network security

Steps:

Student number is s0227801.

Addition of the numbers is: 0+2+2+7+8+0+1 = 20 with the least significant digit being 0. Hence the message is taken as the next least significant bit i.e. M=2.

Solution 1 b:

The inherent weaknesses of RSA Algorithm are that if the value of p & q and e are small then they are prone to attacks like man-in-the-middle attack, as the values can be easily guessed. Usually, the Key generation process in RSA operation is slow when compared to symmetric key operations. It is also vulnerable to impersonation if hacked.

Read more in the complete solution PDF document at the end of this page.

Solution 2:

The errors are highlighted and the explanation is provided below.

drop tcp any any -> 203.40.27.128/25 22 (msg: 'OpenSSH exploit attempt'; reference:cve,CAN-2006-06-3318; classtype: attempted-admin; content: 'You are mine'; offset:100; depth: 12;  content: '|AB 8F 23 8A BC 92|'; offset:116; depth:6;)

Workshop 7: Project 12-1 in the Ciampa (4th edition, 2012) textbook, pages 480-481

The significance of this project as a practice of Network Security helps us to understand the use of Digital Certificates as an important step for ensuring security through encryption.

Digital Certificates helps in safeguarding your private message or email from the risk of unauthorized disclosure. It uses a pair of files comparable to that of digital equivalent of handwritten signatures or sealed envelopes and is divided into two parts.

 

 

(Some parts of the solution has been blurred due to privacy protection policy)