Assignment
Question 1: Consider the scheme used to allow customers to submit their credit card and order information. Section 23.3.3.2 states that the enciphered version of the data is stored in a spooling area that the Web server cannot access.
a. Why is the file kept inaccessible to the Web server?
b. Because the file is inaccessible to the Web server, and no other services are available to an attacker from the Internet, the encipherment may seem unnecessary. Discuss this issue, but assume that the attacker is on the internal network.
Question 2: Assume that an attacker has found a technique for sending packets through the outer firewall to the DMZ without the packets being checked. (The attacker does not know the internal addresses of hosts in the DMZ.) Using this technique, how can the attacker arrange for a packet to be sent to the WWW server in the DMZ without the firewall checking the packet?
Question 3: As encryption conceals the contents of network messages, the ability of intrusion detection systems to read those packets decreases. Some have speculated that all intrusion detection will become host-based once all network packets have been encrypted. Do you agree? Justify your answer. In particular, if you agree, explain why no information of value can be gleaned from the network; if you disagree, describe the information of interest.