4) [12 points) Assume you were able to verify that the observed packet fragmentation did not occur on the intermediate routers, but instead it likely occurred on the originating network (i.e., network hosting the remote machine 74.125.236.132). With this fact in mind, would you be able to make some conclusions about the type of the remote host's LAN? Specifically, do you think it is possible to tell whether the remote host was 'connected to a WiFi network (in which case the remote host, in fact, could have been an outside device just roaming through the remote network) or an Ethernet network (in which case the remote host is more likely a device actually owned and administered by the remote network)? Justify your answer. 5) [16 points] Assume you were also able to confirm that: a) the remote host is a valid device owned and administered by the remote network; b) the remote network owner is a reputable company and its employees are trustworthy; and c) there was/is no malware running on the given remote host with IP=74.125.236.132. Hence, the probability that the observed attack was orchestrated by someone directly from the host with IP=74.125.236.132 is very low. In that case, what do you think instead happened during the observed incident? 6) [12 points] Finally, by simply examining the packets sent by the remote host, you should (in fact) be able to spot one very obvious vulnerability pertaining to the remote host's implementation of IP protocols. What is this vulnerability? 4) [12 points) Assume you were able to verify that the observed packet fragmentation did not occur on the intermediate routers, but instead it likely occurred on the originating network (i.e., network hosting the remote machine 74.125.236.132). With this fact in mind, would you be able to make some conclusions about the type of the remote host's LAN? Specifically, do you think it is possible to tell whether the remote host was 'connected to a WiFi network (in which case the remote host, in fact, could have been an outside device just roaming through the remote network) or an Ethernet network (in which case the remote host is more likely a device actually owned and administered by the remote network)? Justify your answer. 5) [16 points] Assume you were also able to confirm that: a) the remote host is a valid device owned and administered by the remote network; b) the remote network owner is a reputable company and its employees are trustworthy; and c) there was/is no malware running on the given remote host with IP=74.125.236.132. Hence, the probability that the observed attack was orchestrated by someone directly from the host with IP=74.125.236.132 is very low. In that case, what do you think instead happened during the observed incident? 6) [12 points] Finally, by simply examining the packets sent by the remote host, you should (in fact) be able to spot one very obvious vulnerability pertaining to the remote host's implementation of IP protocols. What is this vulnerability