homework
Used to protect against IP spoofing and source routingUsed to provide security for general Internet servicesUsed for remote scanning of Unix and firewall systemsUsed to reduce system vulnerability to .rhosts attacksFeatures of the Client/Server authentication exchange:The client uses the session key from the credentials obtained for the server for a KRB_AP_REP The client and server share an encryption key that can be used by the applicationThe client verifies that the timestamp field matches that in the authenticator it sent to the serverBegins with a prefix followed by a colon and the rest of the nameConsists of components separated by periods
als sign with the components separated by slashesreservedHas no names assigned to it. Features of KRB_PRIV exchange:The client xmits the ciphertext to the recipient, after the user data and control info are encryptedThe recipient verifies that the operating system's report of the sender's address matches the sender's address in the messageThe application decrypts the ciphertext and processes the resultant plaintextFeatures of the inter-realm operation include the:exchange of keys btwn 2 realmsregistration of the clientFeatures of the Ticket Granting Service exchange:The client makes a request for the Ticket Granting Ticket for the destination realmThe encryption and decryption do not take place with the client's keyThe Kerberos database is queried to retrieve the record for the requested serverFeatures of the Authentication Service exchange:The processing of the KRB_AS_REQ message results in the creation of a ticket for the client to present to the serverThe client can specify a number of options in the KRB_AS_REQ request message, such as to check whether the ticket should be postdatedThe client sends its own identity and the identity of the server to the Key Distribution CenterThe client verifies the KRB_AS_REP message by comparing the cname and cream fields in the reply with the request ------------------------------------------------------------------------**Bibliography**. Steps used in the authentication process of Kerberos are sequenced as:A: The client sending a request to the Authentication Server for a ticketB: The TIcket Granting Ticket being supplied to the clientC: The client requesting a ticket from the Ticket Granting ServerD: A Ticket for the application server or the TIcket Granting Server being providedE: The Client transmitting the ticket containing the client's identityF: The session key shared by the client authenticating the client and the serverSteps involved in the search for network vulnerabilities by SATAN:Scanning the hosts within a proximity level away from the targetGenerating reports from the database with the search informationInitiating a search when informed about the target. 1 Local users gain read access to files on the local system2 Local users gain execute access to nonroot-owned files3 Local users gain write access to root-owned files4 Remote users gain read access to files on the system5 Remote users gain execute access to nonroot-owned files8 Remote users across a firewall gain write access to filesMethod involved in the phase of obtaining access to a system during a network attack:Exploiting existing holes on a UNIX systemSolution to the Kerberos workstation authentication problem is:requesting an rcmd.
Common topics in this essay:
SATAN Scanning,
Features KRB_PRIV,
Features Client/Server,
Authentication Service,
,
Granting Ticket,
Granting Server,
X500 Contains,
Distribution Center,
Solution Kerberos,
ticket granting,
users gain,
exchange client,
access files,
local users,
remote users,
local users gain,
client server,
server ticket,
gain execute access,
session key,
granting ticket,
users gain execute,
ticket granting ticket,
ticket granting server,
|
Acceptance Essays
