P.217 Question C-4.2
Describe a malware attack that causes the victim to receive physical advertisement.
P.219 Question C-4.9
Suppose that a metamorphic virus DoomShift is 99% useless bytes and 1% useful bytes. Unfortuntely DoomShift has infected the Login program on your Unix system and increased its seize from 54K bytes to 1054K bytes;hence 1000K bytes of login program now consists of the DoomShift viruss.
P.217 Question C-4.2
Describe a malware attack that causes the victim to receive physical advertisement.
P.219 Question C-4.9
Suppose that a metamorphic virus DoomShift is 99% useless bytes and 1% useful bytes. Unfortuntely DoomShift has infected the Login program on your Unix system and increased its seize from 54K bytes to 1054K bytes;hence 1000K bytes of login program now consists of the DoomShift viruss. Barb has a cleanup program DoomSweap that is able to prune away the useless bytes of the Doomshift virus so that in any infected file it will consist of 98% useless bytes and 2% useful bytes. If you apply DoomSweep to the infected login program what will be its new size?
P.266 Question C-5.11
Show how to defend against the DOS attack of Exercise C5-10.
5.10 You are the system administrator for an provider that owns a large network (eg. At least 64000 IP addresses). Show how you can use SYN cookies to perform DOS attack on a web server.
P.266 Question C-5.12
Describe how to modify a NAT router to prevent packets with spoofed IP addresses from exiting a private network.
P.322 Question R-6.2
Suppose the transaction ID of DNS queries can take values from 1 to 65536 and is randomly chosen for each DNS request. If an attacker sends 1024 false replies per request how many requests should he trigger to compromise the DNS cache of the victim with probability 99%?
P.324 Question C-6.13
Describe a modification to the random port scan as describe in previous exercise so that it still use a randomly generated sequence of port numbers but will now have exactly the same number of attempted TCP connections as a sequential port scan.
P.383 Question C-7.2
Describe a method for protecting users against URL obfuscation attacks.
P.441 Question C-8.1
What is the plaintext for the following ciphertext which was encrypted using a simple substation cipher:
CJBT COZ NPON ZJV FTTK TWRTUYTFGT NG DTN O XJL. Y COZ ZJV CPJVIK DTN O XJL MYUCN.
Attachments: