Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1 Consider the routing environment within your Relief Agency during the cyber at

ID: 3907199 • Letter: 1

Question

1 Consider the routing environment within your Relief Agency during the cyber attack; all traffic leaving its AS is encrypted using a variety of techniques including SSL, encrypted ZIP files and VPN end-points. There are two ISPs providing connectivity across the Internet and no private network links are used The cyber-attack on your Agency is significantly reducing your ability to conduct relief activities a) List and describe the networking protocols that are likely to be most effective at reducing the impact of the cyber-attack; describe the network layers at which they operate and fully describe why your proposed solution would be effective [5 marks] b) List and describe any architectural weaknesses in inter-AS and intra-AS communication that are unavoidable and fully describe why they are unavoidable, describe the layer in which the weakness occurs and suitable mitigations to reduce or eliminate the weaknesses [5 marks] c) If VolP traffic is dropped by one ISP, list and describe the steps required to have the second ISP carry the traffic without packet loss. Assume that there are no pre-existing peering agreements relating to the carriage of VolP traffic with the second ISP [5 marks] d) Describe the networking architecture components that would indicate your traffic was being rerouted through an unexpected and unauthorised network route. List and describe the techniques you could use to remediate the unexpected path [5 marks]

Explanation / Answer

Answer:

(a) The 2 networking protocols that can reduce the impact of cyber attack are as follows:

-Blackhole Routing:It works in the internet protocol (IP)layer.It uses a null route type routing table meaning it acts as a limited firewall.Null routes are used on routers to prevent DOS packets reaching the threshold level to block the network.Matching packets are dropped instead of forwarding. The implementation of null routng is done either via maintaining special route flags or by fowarding the packets to loopback address or illegal IP addresses.

-DNS Sinkhole:This is an application layer service and uses te UDP of TCP/IP stack.The packets are routed to a valid IP address where the traffic is analysed and the bad packts are rejected. False DNS result is given by the sinkhole DNS severs to websites looking for DNS information as to not to reveal the domain name.It can effectively stop botnets and ad serving sites, detect and block malicious and unwanted traffic.It works by configuring the DNS server by handing out non routable addresses for domains in the sinkhole.

(b) The architectural weakness is optimization of the IP network network performance.The goals of both inter AS and intra AS communications are different . When they interact(ie when source and destination addresses are not within the same AS) a good solution for intra AS traffic engineering may be a sub - optimum solution for inter AS traffic engineering and vice versa. The weakness is the non availability of the best egress point for inter AS network and best routing scheme for intra AS network to optimize overall network performance and accomodate additional network demand. The weakness affects appliation layer .The weakness can be eliminated by sequential, nested and integrated optiization techniques.

(c)There can be multiple arrangements.First of all one ISP can be configured for VOIP and the second ISP for connected devices( computers, laptops, PDAs) . If the first line is down then the system will automatically switch to the second ISP connection without disrupting phone services. In another arrangement the second ISP connection has to be configured as secondary or back up connection and the calls will be routed vide the second ISP line if the primary connection is persistently down for a long period.In order to enable this both the ISPs have to be connected to a single router and the router should be confiured to switch ISPs automatically.Dual ISP with interopeability will help in VOIP resilience.

(d) The various indicators can be:

-Network errors and protocol analysis,authentication errors, dropped packets, network traffic congestion

-Unsupported protocols

-SSL/TLS

-DNS /IPconfig

-Route prints

-abnormal hop counts

-Application level threats

Different techniques that can be deployed include:

-Firewall rules

-Access control lists

-routing confiurations and proxies

-Network analyzers

-Web proxies,Next Gen firewalls

-cloud access security brokers

These methods/techniques will help in monitoring the traffic as well as epose any security threat.

Related Questions

1 CS 250-Computer Networks Fundamentals Spring 2018 Quiz # 4 Name a) 209.165.200
Question #3701153
1 CSCE 3600: Systems Programming Minor Assignment 4 – Sieve of Eratosthenes (100
Question #3818572
1 CSU41844.201 t.pdf t-content-rid-28284089 Do programming project 7.2 of the te
Question #3692109
1 Caesar Cipher (30 points) The Caesar cipher is a (very insecure) method for en
Question #3601908
1 Calculate the gradient of the function f(x1 x)-2X51X32X43 +X1X2 +X2X3 at (1, 1
Question #2875645
1 Calculate the iterated integral 1 1 2. Find the volume of the solid which is a
Question #3427125
1 Calculate the lculate the amount of heat released when a 225 g sample of gold
Question #508961
1 Calculate the parity bits for even and odd parity (2 points) Calculate the bas
Question #3923992

Navigate

Previous
1 Consider the reaction, The part below is optional since it\'s only one questio
Next
1 Consider three coupon bonds that are identical in terms of their risk of defau

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.