Computer Science
Runa Singh is the network administrator in charge of network security for a medium-sized company. The firm already has a firewall; its network is divided into multiple segments separated by routers, and it has updated virus scanners on all machines. Runa wants to take extra precautions to prevent DoS attacks. She takes the following actions:
1. She adjusts her firewall so that no incoming ICMP packets are allowed.
2. She changes the web server so that it uses SYN cookies.
Now consider the following questions:
1. Are there problems with any of her precautions? If so, what are the problems?
2. What additional steps would you recommend to Runa?
- To defend against the DoS attacks, the first thing to consider is how the attacks penetrate. This is performed by utilizing ICMP packets, which are utilized to transmit error messages on the Internet or are transmitted via traceroute and ping utilities. If the user comprises a firewall, then it must be configured to reject the ICMP packets from outside the user’s network that will be a major step to secure the network from the DoS attacks. As the DoS attacks can be implemented through a wide variety of protocols, the user can also configure the firewall to refuse any incoming traffic at all irrespective of what port or protocol it executes on.
- The SYN cookie is referred to as a technique utilized to resist specific kinds of DoS attacks and SYN flood attacks. It is a specific option of primary Transmission Control Protocol series numbers by TCP servers. In this technique, the computer system doesn’t instantly develop a buffer space in memory for a handshake process. Instead, it first transmits an SYN+ACK that comprise a carefully produced cookie that is generated as the hash containing the Internet Protocol address, port number, and other data from the client machine requesting the link. When the client replies with the normal ACK, the data from that cookie will be included that the server then verifies. Hence, the system doesn’t fully assign any memory until the 3rd stage of the handshake process. This helps the system to continue to operate normally. Whereas, the cryptographic hashing utilized in SYN cookies is fairly resourced intensive.
Need Help with your Computer science assignment?
