Assignment 2 cns06 revised: 8/19/06 Assigned: 8/29/06 Due: 6:00pm 9/9/06 Objective: risk assessment and ssh Points: 22 Description: (4) 1) Perform a risk assessment of your personal computer. (If you don't have a personal computer, assume you have Pentium desk top system, hard drive, printer, modem, with Windows XP and Word.) Assume that you have been using your computer to write your master's thesis. You'll need to identify assets, vulnerabilities, likelihood of incidents, possible countermeasures/controls, and a disaster plan. (2) 2) How might your assessment change if your PC were attached to the Internet all the time (for example, with DSL or a cable modem)? (2) 3) How might your assessment change if you were providing a commercial web-hosting service from your PC for your customers. (3) 4) Making backups of your files is a good thing. How do backups help to achieve information integrity and availability? What about privacy--can backups be a vulnerability? Where should backups be stored? (4) 5) Classify CERT's 2006 January and February Technical Cyber Security Alerts at http://www.us-cert.gov/cas/techalerts/index.html according to whether the vulnerability is a worm, virus, backdoor, denial of service, or program bug (buffer overflow). For each alert, give the Cert ID number and product name and indicate if the vulnerability allows the attacker to "execute arbitrary commands" on the attacked machine. (2) 6) If you don't already have ssh on your home PC, then visit the class "resources" page and get a client or use the link to the the java client. From your home PC or one of the CS machines, do an ssh -v to whisper.cs.utk.edu Dont' login, just ctrl-c/cancel the ssh session. Include in your email the remote protocol version and remote sortware version and kex: lines as reported by the -v option and the date and time (to the second) of your ssh attempt to whisper and include the IP address of the machine from which you did the ssh. (5) 7) Google the net and locate and download John the Ripper password cracker. Build it and run it to crack the Unix password file in ~dunigan/cns06/passwd Include the passwords guessed in your answers. Also comment on any other strange things in the passwd file. Email your answers and results to dunigan@cs.utk.edu (no attachments) ----------------------------------------------------------- Make sure all of your files in your CS directory associated with this class are protected with "chmod". You will lose points if other students or the instructor can read your class files. You can gain points if you can read the class files of other students in the class.