Chapter 7 Homework
4. Use the Internet to search for “live DVD security toolkit.” Read a few Web sites to learn about this class of tools and their capabilities. Write a brief description of a live DVD security toolkit.
a. They are designed to provide the administrator with a way to have tools to set up an open source network security. It’s a way to monitor, do maintenance, and control security.
5. Several online passphrase generators are available. Locate at least two on the Internet and try them. What did you observe?
a. A nice feature of passphrase generators is you can customize what your password characters include such as no spaces or special characters such as #, %, &, etc... The main feature of passphrases though is that they use a random 3 or so words as a password. Not as strong as random symbols and letters but much stronger than normal words for passwords.
1. Do you think Miller is out of options as he pursues his vendetta? If you think he could take additional actions in his effort to damage the SLS network, what are they?
a. I am sure there is another way for him to get into the network. However, at this time I am unable to figure out how.
2. Suppose a system administrator at SLS read the details for this case. What steps should he or she take to improve the company’s information security program?
a. Since the security in place stopped Miller before he even could get access there shouldn’t really be any changes needed. Other than maybe change the IP address for the SLS edge router since he had tried to use that to gain access.
3. Consider Miller’s hacking attempt in light of the intrusion kill chain described earlier and show in Figure 7-1. At which phase in the kill chain has SLS countered his vendetta?
a. He is being stopped by “deny” as was denied any access to the network.
Ethical Decision Making:
Its seems obvious that Miller is breaking at least a few laws in his attempt at revenge. Suppose that when his scanning efforts had been detected, SLS not only added his IP address to the list of sights banned from connecting to the SLS network, the system also triggered a response to seek out his computer and delete key files on it to disable his operating system.
1. Would such an action by SLS be ethical? Do you think the action would be legal?
a. No, I do not believe it would be ethical or legal for SLS to do this, because they then would be guilty of the same crime they are trying to prevent happening to them. It’s similar to fighting fire with fire.
Suppose instead that Miller had written a routine to constantly change his assigned IP address to other addresses used by his ISP. If the SLS intrusion system determined what Miller was doing and then added the entire range of ISP addresses to the banned list, thus stopping any user of the ISP from connecting to the SLS network.
2. Would SLS’s actions be ethical?
a. No, it would not because it would then block those that are allowed to use the network.
What if SLS were part of an industry consortium that shared IP addresses flagged by its IDPS, and all companies in the group blocked all of the ISP’s users for 10 minutes? These users would be blocked from accessing perhaps hundreds of company networks.
3. Would that be an ethical response by members of the consortium?
a. Still maybe not that ethical but for only 10 minutes it would be doable.
4. What if these users were blocked for 24 hours?
a. 24 hours would be way to long to block access and would create a huge negative impact, so it would not be ethical. It would be a huge upset in the access vs. security and weighing too heavily in the security category.