Wednesday, April 15, 2009

Lab 4 beginnings -- and a test coming up...

With labs 2 and 3 done,

** I probably could have done more with lab 3; I could have explored NMAP more thoroughly and maybe discovered other ports/exploits using different scans and techniques, but I’m happy I found the four machines on the sub-net configured by the professor.

I’m now concentrating on lab 4 and the test coming up this Friday (4/17). The test is going to be pretty hard, I think, with a lot of references to information from Homework #2. Thankfully it’s open-book/open-notes so I’ll be able to bring a lot of information and references from the web and from the book. I’ve re-done Homework #2 and I’m still a little shaky on filling out a transitive closure matrix. I’m going to re-read chapters 16 and 17, and I’m also going to read chapter 32 (It’s only 5 pages so it shouldn’t take too long).

For lab #4 we’re trying to overcome a simulated Chinese fire-wall scenario: the professor has configured a router that is simulating the way the Chinese government is, (sort of), censoring internet traffic into and out of the country by filtering words or phrases, and then sending reset packets to both the sender and the destination.

We had a very good lecture today, (4/15), on the technology of the Chinese firewall scenario by Jong Chun Park. He laid-out the scenario we would be facing in lab 4, and he gave pretty good instructions on how to over-come the censorship by “sending a sequence of packets which split the keywords.” He even gave us some python code in order to accomplish this:

import socket # client
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((“10.0.0.3”, 8080))
s.send(“hello”)
d=s.recv(1024)
print repr(d)
s.close()

He also stated that the censorship algorithm that’s employed here is not an actual Intrusion Detection System, but rather an iptable filter. I’m going to be working on lab 4 this weekend, and I don’t believe it should be too hard (I think Jong and the professor have pretty much done most of the heavy lifting on this one).

At this point I don’t really have that much to report on lab 4, I’m just trying to get everything together for the test and then I’ll be able to concentrate on the lab. I added myself as a sudoer on Tha, and I've downloaded the lab4 files from the class website. Other than that, I haven't really accomplished much on this lab. Oh, and I guess I should learn a little bit about python as well… =)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)