La Trobe University, Bendigo

Division of Information Technology

INT20CN Computer Networks

Assignment 3, 2001

New questions may appear on this assignment sheet without notice.

Answer ONE ONLY of the following questions. The list of question topics is not exhaustive -- you may, with the express prior approval of the lecturer, examine a different topic of your own choice.

  1. Commercial Web servers are nowadays subject to almost continuous security attacks, many highly destructive -- often leading to (so called) Website defacing. New, successful, attacks are usually well documented on the many "industry" Web sites. Investigate some (maybe one or two) of the more recent attacks on commercial Websites, describe how they were carried out, mention which platforms and servers are susceptible to the particular attack, and discuss possible defences against such attacks.

  2. Your task in this question is to investigate some practical aspects of public-key cryptosystems. You should look at software such as PGPi (the international version of Phil Zimmerman's Pretty Good Privacy package), the GNU Privacy Guard stuff, and whatever else you may discover in the way of freely-available software. As part of your assessment, you should create a personal public/private key pair and then send, in a secure way, an email message to your lecturer, such that no one except your lecturer can read it. You must then provide your public key to the lecturer in such a way that the lecturer is certain of the origin of the message -- you'll also have to ensure that your lecturer has access to suitable software (and versions) to read your message. The email message should consist of a report which covers what you did, why you did it, and a brief discussion of the current legal, political and commercial status of public key cryptopgraphy. Bendigo students: try finger pscott@ironbark to discover your lecturer's public key.

  3. This is a more "report-oriented" (I hesitate to use the word "theoretical") question on public-key cryptography. One of the big issues in the widespread commercial adoption of this technology is the need for a suitable Public Key Infrastructure, or PKI. Investigate the issues involved in a robust and trusted PKI, especially in regard to the Australian experience. One good place to start looking for information is the Australian branch of the Internet Society.

  4. Use tkined to build a network management system for the Bendigo campus, monitoring most of the interesting pieces of equipment in the campus network. You should submit the .tki file for your system, along with a brief description of what it does, and how it does it, so that we can run it and check its operation. Obviously this question is only relevant to people who are taking the subject on campus, although if you're located somewhere with an interesting network perhaps you could set up tkined and use it there. Or perhaps you could use one of the other many SNMP packages available, see below.

  5. Build a useful "Network Operations Console" using the freely available nocol software which is installed on our Unix systems. Extra information as for previous question.

  6. The best (free) SNMP package for Unix is tkined. There are many other SNMP-based network monitoring packages in existence, particularly for Windows systems, although there are a few for Macs as well. Discover one (or more) such packages, install them and report on their usefulness.

  7. Investigate SOCKS. This software is frequently used as a circuit-level firewall, and is something that you could come across in the Real World(tm). Tell me how it works, how you configure it, and what it can do for you. Incidentally, it might be easiest if you stick with SOCKS V.4 - the V.5 version is somewhat more complicated.

  8. Investigate steganography, and in particular how it relates to encryption and the Internet. This is a fun topic, because you should discover lots of interesting software and applications. Try some of them, and examine the results! One absolutely fascinating aspect of this topic which has appeard in recent months has been the use of "pattern analysis" to discover whether a stego message exists in an object, by looking for the characteristic signs generated by the common stego packages.
  9. Write a (brief) report on SNMPv3, the newest version of SNMP.

You should expect to write something between 1500 and 3000 words on the topic of your choice, although this is not mandatory. You can submit your assignment using either traditional hard copy (paper) form, or as an email attachment of MIME type text/html sent to cnsubmit@ironbark.bendigo.latrobe.edu.au, as for the first assignment. Your choice of submission format will not affect the mark gained for your assignment. Submissions must, as usual, adhere to the requirements of the La Trobe University, Bendigo Assignment Guide.

This assignment carries 20% of your mark for Computer Networks.

Due Date:End of semester 1, 2001

Lecturer: Phil Scott, 5444 7277, p.scott@latrobe.edu.au.

[Computer Networks Home] [Lectures] [Assignments] [News] La Trobe Uni Logo
Copyright © 2001 by Phil Scott, La Trobe University.
Valid HTML 3.2!