Question 2 A Draw An Attack Tree Showing Some Of The Ways In Which A Mail Server Might Be Attacked Your Attack Tree S 1 (143.55 KiB) Viewed 12 times
Question 2 A Draw An Attack Tree Showing Some Of The Ways In Which A Mail Server Might Be Attacked Your Attack Tree S 2 (76.91 KiB) Viewed 12 times
Question 2 (a) Draw an attack tree showing some of the ways in which a mail server might be attacked. Your attack tree should have two levels below the root and should have at least three attack paths representing different types of attack. [4 marks] (b) Many e-Commerce web sites allow their customers to post feedback about products purchased from the site. What are the precise conditions required for a cross-site scripting attack involving such a web site to succeed? [5 marks] (c) A system adminstrator is managing a web application for her employer. The application is database-driven and runs on a Unix system. She runs intrusion detection software to scan the web server logs for suspicious activity. This software highlights the following pair of URLS: http://foo.com/2e%2e%2f%2e%2e%2fetc%2fpasswdhttp://foo.com/login?username=aaa%27+OR+1%3d1+--+ You may wish to use information from Figure 1 on page 4 to help you interpret these URLS when answering the questions below. (i) Consider the first of these URLs. What type of attack does this indicate? What is the attacker attempting to achieve? [3 marks] (ii) Describe a technique that the web server could use to defend itself against the attack indicated by the first URL. [2 marks] (iii) Consider the second URL. What type of attack does this indicate? What is the attacker attempting to achieve? [3 marks] (iv) The attack indicated by the second URL is unsuccessful. What does this suggest about how the web application has been implemented? [3 marks] [Question 2 total: 20 marks]