Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

COMP SCI 3308 Cybersecurity Fundamentals_ Assignment 4 Sample Answers

Rating
-
Sold
-
Pages
14
Grade
A
Uploaded on
02-04-2023
Written in
2022/2023

Assignment 4 Sample Answer 1. (3 points) DHCP Attack 1 1) What are the 4 packets (messages) that are communicated between the client seeking and IP address and the DHCP server? As per Wikipedia:th e 4 packets are: DISCOVERY, OFFER, REQUEST and ACKNOWLEDGE. 2) Are the 4 messages Layer 2 unicast or broadcast (be careful not to confuse between Layer 3 broadcast, which is sending to an IP broadcast address like 10.0.2.255, as opposed to Layer 2 broadcast which is sent to MAC address FF:FF:FF:FF:FF:FF). DISCOVERY and REQUEST are Layer 2 broadcasts, as the requesting client does not yet have an IP address, and does not know where the DHCP server is. OFFER and ACKNOWLEDGE in theory are Layer 2 unicasts, as the DHCP server know the physical (MAC) address of the requesting computer. 3) Therefore, in a switched network, which of the 4 messages in the DHCP negotiation would the attacker be able to observe? Even on a Layer 3 switched network, the attacker is able to observe DISCOVERY and REQUEST, unless DHCP snooping is enabled on the switch. 4) Briefly explain what DHCP spoofing and DHCP starvation attacks are executed, and how the two can be used in combination. DHCP spoofing is simply the attacker sending a forged (spoofed) DHCP ACKNOWLEDGE response with crafted options like DNS and default route that is useful for the attacker to perform man-in-the-middle attacks. DHCP starvation attack is a kind of a DoS attack performed against the DHCP server. The attacker sends many forged DISCOVERY/REQUEST packets with forged MAC addresses, quickly exhausting the DHCP server of available IP pool. It is often useful (for the attacker) to perform a DHCP starvation attack before DHCP spoofing, so that the real DHCP server will be unable to respond to requests. 5) For an adversary looking to perform MITM, which DHCP configuration option(s) would you try to manipulate? The 2 most useful options are DNS (to perform DNS spoofing) and default gateway IP address (to perform full MITM). 6) Briefly explain how "DHCP snooping" configuration in a switch work to prevent DHCP spoofing? DHCP Snooping is a configuration on a Layer 3 switch that specifies the MAC address of the trusted DHCP server and the physical switchport it's connected to, and drops any forged DHCP packets. In a network where DHCP snooping is enabled, the attacker's spoofed packets are simply dropped, as it is not connected to the trusted switchport. 2. (2 points) DHCP Attack 2 1. In your VirtualBox, change the Network setting to Promiscuous Mode = Allow Any on both Kali and DSL. 2. Run Wireshark on Kali (on eth0) and restart DSL 3. Capture the 4x DHCP messages between DSL and DHCP server (10.0.2.3) on Wireshark and take a screenshot. 4. Repeat while simulating a switched network (set Promiscuous Mode = Deny) and capture the 2x DHCP messages. You should not need to reboot Kali after changing the network settings, but you do need to reboot DSL to refresh DHCP. With Virtual Box's virtual DHCP server and, the same result is obtained. The attacker always see all 4 messages. 3. (3 points) DHCP Attack 3 1. Keep Wireshark running on Kali. 2. Use Ettercap's DHCP spoofing function to demonstrate how you can supply the victim (DSL) with a rogue DNS server, to make it easy for the attacker to spoof DNS replies. Try to perform DHCP spoofing to inject DNS server of 1.2.3.4. 3. Reboot DSL and confirm that DNS has been poisoned by looking at /etc/. Take a screenshot (do cat /etc/). 4. Go to Wireshark, and identify the REAL DHCP ACK (coming from the 10.0.2.3 MAC address) and FAKE DHCP ACK (from the Kali MAC address) being sent to DSL. Take a screenshot. Ettercap: Restarting DSL gives it fake DNS address in /etc/ Wireshark has recorded the real and fake ACK as follows. You can see that the fake one has beaten the legit one.

Show more Read less
Institution
COMP SCI 3308 Cybersecurity Fundamentals
Course
COMP SCI 3308 Cybersecurity Fundamentals









Whoops! We can’t load your doc right now. Try again or contact support.

Written for

Institution
COMP SCI 3308 Cybersecurity Fundamentals
Course
COMP SCI 3308 Cybersecurity Fundamentals

Document information

Uploaded on
April 2, 2023
Number of pages
14
Written in
2022/2023
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$6.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
AllAcademic Other
View profile
Follow You need to be logged in order to follow users or courses
Sold
67
Member since
6 year
Number of followers
39
Documents
548
Last sold
1 month ago
All the academic resources you need.

All the academic resources you need.

3.7

7 reviews

5
3
4
1
3
2
2
0
1
1

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions