Computer Science 826 Quiz 9 - Name ________________________ 1. Suppose I am a malicious hacker trying to use ICMP redirects to divert the traffic of a victim machine to myself. Suppose the following IP addresses are in use: my address 130.127.48.24 victim's address 130.127.48.13 victim's intended dest 130.127.72.12 victim's default router 130.127.48.2 In the ICMP redirect spoofing packet that I SEND what IP address do I use for each of the following: a. Source IP address: b. Dest IP address: c. ICMP data: 2. ICMP redirects can be generated by a router a. Only when the router forwards b. Only when the router forwards a packet on the same interface a packet on a different interface on which it arrived. from the one on which it arrived. c. It is OK in both cases. 3. Answer the following T or F ___ a. An ICMP redirect should never be generated if the destination address in the IP header is a on different network or subnetwork from the one on which the packet arrived. ___ b. An ICMP redirect should never be generated if a packet must be retransmitted using the same interface on which it arrived. ___ c. A received ICMP redirect should be discarded if the receipient is not directly connected to the sender. ___ d. A received ICMP redirect should be discarded if the new router specifed is not directly connected to the sender. 4. The router advertisement protocol we discussed in class uses: a. Raw IP packets b. ICMP packets c. UDP packets c. TCP packets 5. The primary purpose of the router advertisement protocol is to a. Provide a way for routers on b. Provide a way for routers a LAN to advertise their to make their presence known presence to clients on the across AS boundaries. same LAN. c. Provide a way for clients to d. All of the above request information on how to build a source route to a distant client. 6. Characterize "permissive" and "non-permissive" filter rules: ___ a. permissive 1. Safe and unobtrusive 2. Safe and obtrusive ___ b. non-permissive 3. Unsafe and unobtrusive 4. Unsafe and obtrusive 7. In addition to providing slightly better intrusion protection what other major benefit does use of a NAT gateway provide that is NOT provided by simply installing firewalls such as the one described in class. 8. In outgoing packet the NAT gateway typically translates: a. Source IP b. Source Port c. Dest IP d. Dest Port e. a. and b. f. c. and d. g. all of the above 9. In incoming packet the NAT gateway typically translates: a. Source IP b. Source Port c. Dest IP d. Dest Port e. a. and b. f. c. and d. g. all of the above 10. In incoming packet the ONE item that can suffice as a table lookup key is: a. Source IP b. Source Port c. Dest IP d. Dest Port