1. Show how to defend against the DOS attack of { You are the system administrator for an provider that owns a large network (e.g., at least 64,000 IP addresses). Show how you can use SYN cookies to perform DOS attack on a web server
2. Describe how to modify a NAT router to prevent packets with spoofed IP addresses from exiting a private network.
3. Suppose the transaction ID of DNS queries can take values from 1 to 65,536 and is randomly chosen for each DNS request. If an attacker sends 1,024 false replies per request, how many requests should he trigger to compromise the DNS cache of the victim with probability 99%?
4. Describe a modification to the random port scan, as describe in previous exercise, so that it still use a randomly generated sequence of port numbers but will now have exactly the same number of attempted TCP connections as a sequential port scan.