Q2. How is the initial sequence number variable incremented?
In Berkeley systems, the initial sequence number variable is incremented by a constant amount once per second, and by half that amount each time a connection is initiated.
Q3. How many times per second is the initial sequence number variable in Berkeley?
The TCP specification requires that this variable be incremented approximately 250,000 times per second; Berkeley is using a much slower rate.
Q4. What is the option for a ICMP Redirect attack?
the best option is to restrict route changes to the specified connection; the global routing table should not be modified in response to ICMP Redirect messages6.
Q5. What is the strongest attack using the standardized Internet protocols?
The authors have also seen how netstat may be abused; indeed, the combination of netstat with the authentication server is the single strongest attack using the standardized Internet protocols.
Q6. What is the way to validate a user?
A server that wishes to rely on another host’s idea of a user should use a more secure means of validation, such as the Needham-Schroeder algorithm[20][21][22].
Q7. How many bits would be needed to defeat a search for the seed?
One would need at least 16 bits of random data in each increment, and perhaps more, to defeat probes from the network, but that might leave too few bits to guard against a search for the seed.
Q8. What is the way to block a fake reply?
If the genuine response is not blocked by the intruder, though, the target will receive multiple replies; a check to ensure that all replies agree would guard against administrative errors as well.
Q9. What is the likely way to attack a network?
The most likely attack of this sort would be to claim a route to a particular unused host, rather than to a network; this would cause all packets destined for that host to be sent to the intruder’s machine.
Q10. What is the general rule for a stale reply?
In general, a host wants to see such a message only at boot time, and only if it had issued a query; a stale reply, or an unsolicited reply, should be rejected out of hand.
Q11. How can one calculate the ISN S used on the next connection attempt?
if one initiates a legitimate connection and observes the ISN S used, one can calculate, with a high degree of confidence, ISNS′ used on the next connection attempt.
Q12. What is the way to protect the system from a netstat attack?
Even a ‘‘read-only’’ mode is dangerous; it may expose the target host to netstat-type attacks if the particular Management Information Base (MIB)[38] used includes sequence numbers.
Q13. What are the main reasons why one-time passwords are becoming less popular?
And such passwords are becoming less popular; they are too vulnerable to wire-tappers, intentional or accidental disclosure, etc.
Q14. How can the enemy compute the next random number?
In fact, given that most such generators work via feedback of their output, the enemy could simply compute the next ‘‘random’’ number to be picked.