Homework 3


Handed out:      March 1, 2007

Due back:         March 7th, 11:59pm, 2007(by submission timestamp).

Submission:      Electronic upload submission (see instruction online at the course webpage)

Notes:              1. To be done individually.

                        2. Please do not give a simple yes/no as results to some of the questions.  Briefly explain why and how you obtain that result.


  1. Suppose filtering routers are arranged as in the Figure below; the primary firewall is R1. Explain how to configure R1 and R2 so that outsiders can Telnet to net 2 but not to hosts on net 1.  Be careful about “leapfrogging” breakins to net 1.




  1. Consider the following packet-filter firewalls.  Suppose that Alice wants to disallow access to her network from the public Internet (rule R3 in the Table 8.4 below).  Alice is again collaborating with Bob and his colleagues, who are at a university, and so Alice wants to let users from Bob’s university (whose network address is 111.11/16) access a specific subnet, 222.22.22/24, within her company’s network (rule R1 below).  Alice knows that Trudy, a well-known hacker, is in Bob’s university and that Trudy’s subnet, 111.11.11/24, is an insecure hacker haven.  So Alice doesn’t want any traffic from 111.11.11/24 entering anywhere into her network (rule R2). Alice’s packet-filtering rules are summarized as below.



Fill in the table below for the desired actions, and actions taken for this scenario under ordering R1, R2 and R3, and under ordering R2, R1 and R3.



  1. Timing attack problem.  Modify the following password checking code discussed in the lectures so that it is not vulnerable to timing attacks.


int password-check( char *inp, char *pwd)  {

                              if   (strlen(inp)  !=  strlen(pwd)) return 0;

                              for( i=0; i < strlen(pwd); ++i)

                             if  ( *inp[i]  !=  *pwd[i]  )

                                    return 0;

                             return 1;



  1. Describe each of the following three kinds of access control mechanisms in terms of (a) ease of determining authorized access during execution, (b) ease of adding access to all objects for a new subject, (c) ease of deleting access to an object by a subject, and (d) ease of creating a new object to which all subjects by default have access.  Please try to keep your answer short to a few key points.
    1. Per-object access control list
    2. Access control matrix
    3. Capability


  1. Represent the ownerships and permissions shown in this UNIX directory listing as a access control matrix. Note: asw is a member of two groups: users and devel; gmw is a member of only “users” group. Treat each of the two users and two groups as a domain, so the matrix has four rows (one per domain) and four columns (one per file).

-rw- r- - r- - 2 gmw users

-rwxr-x  r-x 1 asw devel

-rw-rw- - - - 1 asw users

-rw- r- - - - - 1 asw devel


  1. Stallings Problem 16.4


  1. Whether IPSec will work with Network Address Translation (NAT) depends on which mode of IPSec and NAT we use. Suppose that we use true NAT, where only IP addresses are translated (without port translation).  Will IPSec and NAT work in each of the following cases?  Briefly explain why or why not.  For example, if it works, please show how the end host, NAT and any other related devices are connected.
    1. IPSec using AH transport mode
    2. IPSec using AH tunnel mode
    3. IPSec using ESP transport mode
    4. IPSec using ESP tunnel mode


a) The TCP/UDP checksum includes the TCP/UDP header, the TCP/UDP payload, and the three fields from the IP header – protocol number, source IP address, and destination IP address.

b) The discussion in KPS book Ch 17.2.1 may not be entirely correct.