Please answer all parts (2-3 lines answer only) for Upvote. 1. a) What dangers w

Question

Please answer all parts (2-3 lines answer only) for Upvote.

1. a) What dangers will MAC address and IP address spoofing will causes problems for network forensics analysis?  

b)  What is a Private Network Address and what are its security advantages?

c) Private addresses are provides an advantage described as "Self-Containment". Describe the concept of Private Address Self Containment.  

d) Private addresses has a disadvantage described as "Isolation ". Describe the concept of Private Address Isolation

e) What is a Virtual Private Network (VPN) and how does it add security?

f) What is the function of L2TP/IPsec?

g) What is Open VPN?

h) What is the relationship between VPN and website tracking?

Explanation / Answer

(Ans- 1) (a) Spoofed Internet traffic is a persistent threat, and often the root cause of reflection Distributed Denial of
Service (DDoS) attacks. While technical solutions for blocking spoofed traffic exist they are only effective and
applicable close to the edge - computers and other end-devices connected to the net. This requires
deployment of anti-spoofing measures by a vast majority of networks on a global scale – something that is
not easy to achieve.
Unfortunately, right now there are few incentives, further aggravated by real costs and risks for implementing
anti-spoofing measures. There is also an imbalance between the ease and low cost of launching a DDoS
attack and the heavy economic and social impact that these attacks have.
The complexity, high visibility, and negative impacts of spoofing call for a comprehensive approach, including
technology measures, better information and awareness, and social and regulatory tactics. Unfortunately
little visible progress has been made in solving the problem. Demonstrating visible improvements (or at least
the way forward) could produce a significant impact in both technical and policy planes due to the high profile
of DDoS attacks.
In February 2015, the Internet Society convened a roundtable bringing together network operators,
vendors, leading security experts, and researchers in this area to discuss the problem of source IP
address spoofing with a goal to better understand the challenges of addressing it, various factors
that aggravate or help solve the problem, and to identify paths to improve the situation going
forward.
The objective was to identify elements of a comprehensive strategy and a roadmap for tackling this
issue. This paper represents the main takeaways from this discussion and articulates possible
elements of such a strategy.

(b)

The Internet Assigned Numbers Authority (IANA) reserves the following IP address blocks for use as private IP addresses:

The first set of IP addresses from above allow for over 16 million addresses, the second for over 1 million, and over 65,000 for the last range.

Another range of private IP addresses is 169.254.0.0 to 169.254.255.255 but is for Automatic Private IP Addressing (APIPA) use only.

In 2012, the IANA allocated 4 million addresses of 100.64.0.0/10 for use in carrier-grade NAT environments.

Security Advantages:-

The Internet is full of great content, but it also contains its fair share of malicious applications and users -- everything from Trojans and viruses to worms and hackers. The obvious advantage of a private network is that, by not being connected to external networks or the Internet at large, a private network is simply not exposed to these threats. With the average data breach costing an organization $6.6 million in lost business and repair costs, according to a study by the Ponemon Institute, the security of a private network can be a valuable advantage to a small business dealing with sensitive content.

(c)

Advantage: Self-Containment

By not being connected to external networks, a private network is also not vulnerable to technical difficulties outside the network. Problems like losses in Internet connectivity or external server outages do not affect the performance of a private network. Private networks depend only on the equipment that makes up the network to function. That means that any problem in the network, such as internally spread viruses or a malfunctioning server, can be addresses by servicing the network equipment, rather than waiting for a reply from an Internet provider or server operator.

(d) Disadvantage: Isolation

Not being connected to other networks is a double-edged sword. While the isolation of a private network guarantees increased security, it also makes it impossible for network IP addresses to go onto public networks to communicate with other computers. No information enters the network from other networks -- no email, outside data or digital software updates -- and no information can leave the network onto other networks without being physically moved. In the context of a small business office on a private network, your employees could send data to each other but neither send nor receive data from clients, suppliers or vendors.

(e)

A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources. To ensure safety, data travels through secure tunnels and VPN users must use authentication methods -- including passwords, tokens and other unique identification methods -- to gain access to the VPN.Not to be confused with a private IP network, where the IP address used by network computers actually does not allow them to access public networks, a virtual private network, or VPN, is a system whereby encrypted private data is transferred on a public network. A VPN is an attempt to achieve the security and privacy advantages of a private network while remaining connected to public networks and the Internet. As such, it is a method of securing public networks and not a private network in itself, but it offers increased functionality and an acceptable level of security for many small businesses

(f)The Layer 2 Tunneling Protocol (L2TP) is a standard protocol for tunneling L2 traffic over an IP network. Its ability to carry almost any L2 data format over IP or other L3 networks makes it particularly useful. But L2TP remains little-known outside of certain niches, perhaps because early versions of the specification were limited to carrying PPP -- a limitation that is now removed.

(g)OpenVPN is an open-source software application that implements virtual private network techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.

(h) People can still trace you with other methods. Just because your IP is different and your traffic is encrypted in a tunnel doesn't mean you can't be tracked. There are other ways people can track you. For example:

here are MANY more things that people can use to track you that will take too long to explain.

If you want to be safe, install an anti-virus, anti-malware, and firewall (if you don't wanna pay there are free versions, but remember you get what you pay for), don't mess with anyone (even if you don't suspect them to be a hacker), and don't act tough on the internet. I recommend you still use a VPN because it is another layer of security, but remember you can be tracked if you are their top priority and if they are smart.

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.