|
|
|
| 1: | Classify the following vulnerabilities using the RISOS model. Assume that the classification is for the implementation level. Justify your answer.
|
| 2: | Classify the vulnerabilities in Exercise 1 using the PA model. Assume that the classification is for the implementation level. Justify your answer. |
| 3: | The C shell does not treat the IFS variable as a special variable. (That is, the C shell separates arguments to commands by white spaces; this behavior is built in and cannot be changed.) How might this affect the loadmodule exploitation? |
| 4: | A common error on UNIX systems occurs during the configuration of bind, a directory name server. The time-to-expire field is set at 0.5 because the administrator believes that this field's unit is minutes (and wishes to set the time to 30 seconds). However, bind expects the field to be in seconds and reads the value as 0—meaning that no data is ever expired.
|
| 5: | Can the UNIX Bourne shell variable HOME, which identifies the home directory of a user to programs that read start-up files from the user's home directory, be used to compromise a system? If so, how? |
| 6: | An attacker breaks into a Web server running on a Windows 2000–based system. Because of the ease with which he broke in, he concludes that Windows 2000 is an operating system with very poor security features. Is his conclusion reasonable? Why or why not? |
| 7: | Generalize the vulnerability described in Section 23.2.6 in order to suggest other ways in which the system could be penetrated. |
| 8: | Generalize the example in Section 23.2.7 in order to describe other weaknesses that the security of the computer system might have. |
| 9: | Why might an analyst care how similar two vulnerabilities are? |
| 10: | One expert noted that the PA model and the RISOS model are isomorphic. Show that the PA vulnerability classifications correspond to the RISOS vulnerability classes and vice versa. |
| 11: | The NRL classification scheme has three axes: genesis, time of introduction, and location. Name two other axes that would be of interest to an analyst. Justify your answer. |
| 12: | In the NRL classification scheme for the "time of introduction" axis, must the development phase precede the maintenance and operation phases, and must the maintenance phase precede the operation phase? Justify your answer. |
| 13: | In the NRL classification scheme for the "genesis" axis, how might one determine whether a vulnerability is "malicious" or "nonmalicious"? |
| 14: | In the NRL classification scheme for the "genesis" axis, can the classes "Trojan horse" and "covert channel" overlap? Justify your answer. If your answer is yes, describe a Trojan horse that is also a covert channel or vice versa. |
| 15: | Aslam's classification scheme classifies each vulnerability into a single category based on a decision tree that requires "yes" or "no" answers to questions about the vulnerability. A researcher has suggested replacing the tree with a vector, the components of which correspond to questions about the vulnerability. A "1" in the vector corresponds to a "yes" answer to the question; a "0" corresponds to a "no" answer. Compare and contrast the two approaches. |
| 16: | For the fingerd security hole to be exploited, certain conditions must hold. Based on the discussion in Section 23.3.1, enumerate these conditions. |
| 17: | For the xterm security hole to be exploited, certain conditions must hold. Based on the discussion in Section 23.3.1, enumerate these conditions. |
| 18: | Use Gupta and Gligor's technique to analyze a UNIX kernel for security flaws in the open system call. Check for problems with the first argument, which is a character string. |
| 19: | Generalize Gupta and Gligor's technique to extend to integer values. You should check for overflow (both negative and positive).
|
| 20: | Perform a penetration test on a system after you obtain authorization to do so. Apply the Flaw Hypothesis Methodology to obtain a meaningful assessment of the system's security. |
|
|
|
| Top |