For the following questions I would like you to discuss the particulars of each

Question

For the following questions I would like you to discuss the particulars of each attack scenario and how Kerberos defends against it.

You will need to consider various elements of the attack scenarios. Some attacks can be implemented between multiple Kerberos components. For example, a MITM attack could occur between various components at various times. State your assumptions about how the attack is occurring, then describe how Kerberos defends against it. Good answers will describe both the particulars of the attack and the Kerberos defenses.

Question 1.) A user gains access to a particular workstation and pretends to be another user from that workstation.

Question 2.) An eavesdropper obtains the IP address of an authenticated workstation and reconfigures another workstation to impersonate the authenticated workstation.

Question 3.) An eavesdropper captures messages and attempts a replay attack to access a server or cause damage.

Question 4.) An eavesdropper obtains the IP address of a server and reconfigures another machine to impersonate the server and capture user requests.

Question 5.) An attacker acts as the “man in the middle” between two computers (e.g. client and the server). The attacker spoofs each computer to “think” they have connected to the correct computer, when in fact the attacker is intercepting all transmissions. The attacker can then monitor or change any of the data before routing it on to the intended computer.

Please label each question, then write the answer. For example, Question 1), then write answer.

Thank You

Explanation / Answer

Question 1) Malignant client with access to a workstation puts on a show to be another client from a similar workstation

Trusted authentication benefit on the system

Question 2) Attacker could gain access to authenticated workstation and will transmit data using faked IP address of that workstation. In such case DoS attack is intended to the receiver end.

To avoid this attck can use digital signatures , which helps to ensure identification of the sender or can use certificates.

Question 3) This type of attack known as replay attack.

Replay attack is an attempt of attacker to legitimately record and replay already processed protected IP attacks. In repaly attack replayed IP attacks looks similar to previously processed packets. Without pevention of replay attack it will be harmful sometimes , as if the replayed packets contains some commands and if they executes there will be problems. Authentication header and Encapsulating Security payload security payload protocols used to prevent replay attacks. i.e. theses ate the anti replay protocols.

Sequencing the packets may lead to prevent replay attack. In this each of the packets has sequence number which is helpful in deciding packets are already processed or not.Based on 3 way handshake protocol. i.e. packets are carrying SYN, SYN ACK, ACK flags. It is a connection oriented protocol.

Question 4) Attacker could gain access to server and will transmit data using faked IP address of that workstation. In such case DoS attack is intended to the receiver end.

To avoid this attck can use digital signatures , which helps to ensure identification of the sender or can use certificates. Server must prove their identity to end users.

Question 5) In this type of attack attacker can intercept, manipulate, spoof, disrupt the communication between client and server. Need to implement security services on layers of OSI model.

Thank you.

Related Questions

Navigate

• Browse (All)
• Browse F
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.