Download the PDF version of your last problem set, Problem Set 9, here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Category Archives: tutorial
Problem Set 8
Download the PDF version of Problem Set 8 here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Problem Set 7
Download the PDF version of Problem Set 7 here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Problem Set 6
We will start the discussion of Problem Set 6 next week. Download the PDF version of Problem Set 6 here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Problem Set 5
We will start the discussion of Problem Set 5 next week. Download the PDF version of Problem Set 5 here.
Tutorial This Week
We will be discussing the midterm questions during the tutorial this week.
Problem Set 3 Clarifications
Problem Set 4
We will start the discussion of Problem Set 4 after the recess week. Download the PDF version of Problem Set 4 here. Please attempt the questions before coming to class, and be prepared to present your solutions.
Problem Set 2 Q3/4
Here are a bunch of links related to Question 3 and 4 in Problem Set 2.
Firesheep:
- Firesheep
It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called “sidejacking”) is when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.
- A video demo of Firesheep.
- Implications of Firesheep on Facebook and Twitter.
DNS Cache Poisoning:
- Angry Bird Website Defaced
Angry Birds developer Rovio has confirmed its website was briefly hijacked, most likely by hackers who managed to tamper with domain name system settings that ultimately control what server receives requests for a particular domain name.
- DNS Cache Poisoning Used in Brazilian Phishing Attack
According to Zscaler, attackers managed to force several DNS servers to resolve santander.com.br to an IP address under their control.
The spoofed page hosted on the rogue web server was very well crafted and looked identical to the real one.
Finally, a report from last month shows that many DNS servers remains insecure.
-
Half the internet lacks DNS security extensions
Just under half of the internet (47 percent) remains insecure insofar as many top level domains (TLDs) have failed to sign up to use domain name system security extensions (DNSSEC), including intensive internet using countries such as Italy (.it), Spain (.es) and South Africa (.za), leaving millions of internet users open to malicious redirect to fake websites, reports Ultra Electronics AEP.
Problem Set 3
We will discuss Problem Set 3 during the tutorial sessions of Week 5. Download the PDF version of Problem Set 3 here. Please attempt the questions before coming to class and be prepared to present your solutions.
Problem Set 2
We will discuss Problem Set 2 during the tutorial sessions of Week 4. Download the PDF version of Problem Set 2 here. Please attempt the questions before coming to class and be prepare to present your solutions. During Week 4, if time permits, you will have an opportunity to ask and discuss any doubt that you may have from DIY Exercise 1. Please attempt the exercise before coming to class next week.
Problem Set 1
We will discuss Problem Set 1 during the tutorial sessions of Week 3. Download the PDF version of Problem Set 1 here. Please attempt the questions before coming to class and be prepared to present your solutions.