La Trobe University, Bendigo
Division of Information Technology
INT20CN Computer Networks
Assignment 3, 2001
New questions may appear on this assignment sheet without
notice.
Answer ONE ONLY of the
following questions. The list of question topics is not exhaustive --
you may, with the express prior approval of the
lecturer, examine a different topic of your own choice.
- Commercial Web servers are nowadays subject to almost continuous
security attacks, many highly destructive -- often leading to (so
called) Website defacing. New, successful, attacks are usually well
documented on the many "industry" Web sites. Investigate some
(maybe one or two) of the more recent attacks on commercial
Websites, describe how they were carried out, mention which
platforms and servers are susceptible to the particular attack, and
discuss possible defences against such attacks.
- Your task in this question is to investigate some
practical aspects of public-key cryptosystems. You should look at
software such as PGPi (the international version
of Phil Zimmerman's Pretty Good Privacy package),
the GNU Privacy Guard stuff, and whatever else you
may discover in the way of freely-available software. As part of
your assessment, you should create a personal public/private key
pair and then send, in a secure way, an email message to your
lecturer, such that no one except your lecturer can read
it. You must then provide your public key to the lecturer in such a
way that the lecturer is certain of the origin of the
message -- you'll also have to ensure that your lecturer has access
to suitable software (and versions) to read your message. The email
message should consist of a report which covers what you did, why
you did it, and a brief discussion of the current legal, political
and commercial status of public key cryptopgraphy. Bendigo students: try
finger pscott@ironbark
to discover your
lecturer's public key.
- This is a more "report-oriented" (I hesitate to use the word
"theoretical") question on public-key cryptography. One of the big
issues in the widespread commercial adoption of this technology is
the need for a suitable Public Key Infrastructure,
or PKI. Investigate the issues involved in a
robust and trusted PKI, especially in regard to the Australian
experience. One good place to start looking for information is the
Australian branch of the Internet Society.
- Use
tkined
to build a network management system for
the Bendigo campus, monitoring most of the interesting pieces of
equipment in the campus network. You should submit the
.tki
file for your system, along with a brief
description of what it does, and how it does it, so that we can run
it and check its operation. Obviously this question is only
relevant to people who are taking the subject on campus, although
if you're located somewhere with an interesting network perhaps you
could set up tkined
and use it there. Or perhaps you
could use one of the other many SNMP packages available, see below.
- Build a useful "Network Operations Console" using the freely
available
nocol
software which is installed on
our Unix systems. Extra information as for previous question.
- The best (free) SNMP package for Unix is
tkined
. There are many other SNMP-based network
monitoring packages in existence, particularly for Windows systems,
although there are a few for Macs as well. Discover one (or more)
such packages, install them and report on their usefulness.
- Investigate SOCKS. This software is frequently
used as a circuit-level firewall, and is something that you could
come across in the Real World(tm). Tell me how it works, how you
configure it, and what it can do for you. Incidentally, it might be
easiest if you stick with SOCKS V.4 - the V.5 version is somewhat
more complicated.
- Investigate steganography, and in particular how
it relates to encryption and the Internet. This is a fun topic,
because you should discover lots of interesting software and
applications. Try some of them, and examine the results! One
absolutely fascinating aspect of this topic which has appeard in
recent months has been the use of "pattern analysis" to discover
whether a stego message exists in an object, by looking for the
characteristic signs generated by the common stego packages.
- Write a (brief) report on SNMPv3, the newest
version of SNMP.
You should expect to write something between 1500 and 3000 words on the
topic of your choice, although this is not mandatory. You can submit
your assignment using either traditional hard copy (paper) form, or as
an email attachment of MIME type
text/html
sent to
cnsubmit@ironbark.bendigo.latrobe.edu.au
, as for the first
assignment. Your choice of submission format will not affect the mark
gained for your assignment. Submissions must, as usual, adhere to the
requirements of the La Trobe University, Bendigo Assignment Guide.
This assignment carries 20% of your mark for Computer Networks.
Due Date:End of semester 1, 2001
Lecturer: Phil Scott, 5444 7277,
p.scott@latrobe.edu.au.
[Computer Networks Home]
[Lectures]
[Assignments]
[News]
Copyright © 2001 by
Phil Scott,
La Trobe University.