Answered step by step
Verified Expert Solution
Question
1 Approved Answer
4) [12 points) Assume you were able to verify that the observed packet fragmentation did not occur on the intermediate routers, but instead it likely
4) [12 points) Assume you were able to verify that the observed packet fragmentation did not occur on the intermediate routers, but instead it likely occurred on the originating network (i.e., network hosting the remote machine 74.125.236.132). With this fact in mind, would you be able to make some conclusions about the type of the remote host's LAN? Specifically, do you think it is possible to tell whether the remote host was 'connected to a WiFi network (in which case the remote host, in fact, could have been an outside device just roaming through the remote network) or an Ethernet network (in which case the remote host is more likely a device actually owned and administered by the remote network)? Justify your answer. 5) [16 points] Assume you were also able to confirm that: a) the remote host is a valid device owned and administered by the remote network; b) the remote network owner is a reputable company and its employees are trustworthy; and c) there was/is no malware running on the given remote host with IP=74.125.236.132. Hence, the probability that the observed attack was orchestrated by someone directly from the host with IP=74.125.236.132 is very low. In that case, what do you think instead happened during the observed incident? 6) [12 points] Finally, by simply examining the packets sent by the remote host, you should (in fact) be able to spot one very obvious vulnerability pertaining to the remote host's implementation of IP protocols. What is this vulnerability? 4) [12 points) Assume you were able to verify that the observed packet fragmentation did not occur on the intermediate routers, but instead it likely occurred on the originating network (i.e., network hosting the remote machine 74.125.236.132). With this fact in mind, would you be able to make some conclusions about the type of the remote host's LAN? Specifically, do you think it is possible to tell whether the remote host was 'connected to a WiFi network (in which case the remote host, in fact, could have been an outside device just roaming through the remote network) or an Ethernet network (in which case the remote host is more likely a device actually owned and administered by the remote network)? Justify your answer. 5) [16 points] Assume you were also able to confirm that: a) the remote host is a valid device owned and administered by the remote network; b) the remote network owner is a reputable company and its employees are trustworthy; and c) there was/is no malware running on the given remote host with IP=74.125.236.132. Hence, the probability that the observed attack was orchestrated by someone directly from the host with IP=74.125.236.132 is very low. In that case, what do you think instead happened during the observed incident? 6) [12 points] Finally, by simply examining the packets sent by the remote host, you should (in fact) be able to spot one very obvious vulnerability pertaining to the remote host's implementation of IP protocols. What is this vulnerability
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started