Scribd Logo
Upload

Welcome to Scribd!

  • 181 views

    Cyber Crime and Computer Forensic: Homework - 3

    Uploaded by

    vijay_lpu2960
    The document discusses various cyber crime and computer forensic topics such as the differences between public and private IP addresses, how networks share a single internet connection using NAT, why getting involved in catching online predators requires technical skills, reasons for skipping IPv5 and moving to IPv6, limitations of firewalls, and common packet sniffing tools like Wireshark, EtherApe, ntop, and iptraf.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Cyber Crime and Computer Forensic: Homework - 3

    Uploaded by

    vijay_lpu2960
    181 views4 pages
    The document discusses various cyber crime and computer forensic topics such as the differences between public and private IP addresses, how networks share a single internet connection using NAT, why getting involved in catching online predators requires technical skills, reasons for skipping IPv5 and moving to IPv6, limitations of firewalls, and common packet sniffing tools like Wireshark, EtherApe, ntop, and iptraf.

    Original Description:

    Original Title

    Homework3 Solution

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses various cyber crime and computer forensic topics such as the differences between public and private IP addresses, how networks share a single internet connection using NAT, why getting involved in catching online predators requires technical skills, reasons for skipping IPv5 and moving to IPv6, limitations of firewalls, and common packet sniffing tools like Wireshark, EtherApe, ntop, and iptraf.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    181 views4 pages

    Cyber Crime and Computer Forensic: Homework - 3

    Uploaded by

    vijay_lpu2960
    The document discusses various cyber crime and computer forensic topics such as the differences between public and private IP addresses, how networks share a single internet connection using NAT, why getting involved in catching online predators requires technical skills, reasons for skipping IPv5 and moving to IPv6, limitations of firewalls, and common packet sniffing tools like Wireshark, EtherApe, ntop, and iptraf.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    Cyber Crime and Computer

    Forensic

    HOMEWORK - 3

    SUBMITTED BY: SUBMITTED TO

    Vijay Kumar Singh Mr. Shailendra Tiwari


    Roll No: ROE125A12
    Section: ROE125
    B-Tech(Hons)-MBA(CSE)
    Part A

    1. What’s the difference between public and private IP addresses?


    Ans. A unique Internet Protocol (IP) address, known as a public IP address, is
    assigned to every computer that connects to the Internet. The IP addressing
    scheme makes it possible for computers to “find each other” online and exchange
    information. Within a private network, computers use addresses excluded by
    convention from use on the Internet. The difference between a private IP address
    and a public IP address then, is that private IP addresses are reserved for private
    networks, and public IP addresses are reserved for the Internet. Within the range
    of publicly available IP addresses are specific, excluded ranges withheld for
    private network use. These private IP ranges are as follows:
    10.0.0.0 … 10.255.255.255
    172.16.0.0 … 172.31.255.255
    192.168.0.0 … 192.168.255.255
    Computers within a private network are each assigned a unique address in order
    to exchange files and share resources with one another. The network router,
    which routes information, will pass data back and forth among the connected
    computers, using the respective addresses.

    2. How can all the computers on a local network access the Internet through a
    single Internet connection?
    Ans. Assuming the network has Internet connectivity, the computer connected to the
    digital subscriber line (DSL) modem is assigned a public IP address by the
    Internet Service Provider (ISP). This single public IP address is used to identify
    the network on the Internet. Now the network’s router acts as a gatekeeper
    between the private network and the public Internet. Using a built-in Network
    Address Translator (NAT), the router passes requests to the Internet using the
    assigned public IP address. Returning data is routed back to the public IP
    address, with the router determining which private IP address requested the
    information. In essence, the private IP address is daisy-chained to the public IP
    address through processes in the router.

    3. I want to get involved with catching predators online. I’ve seen the TV
    shows and there doesn’t appear to be anything to it. Why should I bother to
    learn all the technology junk if I don’t need to??
    Ans. This is a very popular question. Unfortunately, the fact that it gets asked shows
    that many people do not know what they do not know, and goes squarely to the
    heart of application stupidity. Agreed, there is little technical knowledge required
    to “chat” with a potential suspect, and if everything goes according to plan, they
    show up at your door and you take them into custody. But what happens when
    things don’t go according to plan? Are you aware of the underlying software or
    process that makes the chatting possible? Is your machine configured correctly
    and appropriately protected— naming the computer DetectiveDesk22 may show
    up during a scan of your computer and may blow your cover. Are you
    knowledgeable about how the particular chatting software works? Does it use a
    proxy? Will it provide you a direct connection during a file transfer or webcam
    stream—and if yes, do you have the skills to capture the bad guy’s IP address
    during that exact moment of transfer? Do you have the skills to properly set up an
    online identity and protect it from discovery? Although the initial setup of the
    identity may be trivial, the long-term maintenance and believability of the profile
    may affect your investigations.

    In principle, it sounds like a good idea to get a screen name together to begin
    enticing predators into the stationhouse, but obtaining basic computer
    investigative skills will go a long way toward conducting more successful and
    productive investigations. Further, these skills may prove critical one day when a
    predator shoots you a webcam image of a child held hostage—that exact
    moment is not the time to begin learning about the underlying technology—these
    skills need to be acquired and practiced before employed in active operations.
    Part B:

    4. If the current version of the Internet Protocol is version 4, why is the “next
    generation” called IPv6? Why did we skip IPv5?
    Ans.
     IPv4 is very limited in number. IPv4 can support up to 232 addresses, but
    only 9 percent address are left so IPv6 is developed as a replacement.
     IPv6 is 128 bits, can support up to 2128 addresses to fulfill future needs with
    better security and network related features.

     IPv5 never existed. The version number "5" in the IP header was assigned to
    identify packets carrying an experimental non-IP real-time stream protocol
    called ST. ST was never widely used, but since the version number 5 had
    already been allocated the new version of IP was given its own unique
    identifying number, 6. ST is described in RFC 1819.

    5. If a company has a good firewall installed, won’t that protect from all these
    attacks?
    Ans. No. Firewall products are very useful for controlling what comes into or goes
    out of a network. But a firewall is like a computer (in many cases, a firewall is a
    specialized computer); it does only what the person who configures it tells it to
    do.
    Firewalls can recognize and stop some types of attacks, but certain attacks
    exploit the characteristics of the protocols commonly used for legitimate network
    communications, and a packet might appear to be nothing more than a benign bit
    of data destined for a computer on the internal network. Trojans, viruses, and
    worms piggyback into the network as e-mail attachments or through remote file
    sharing.
    Firewalls won’t catch them, but a good antivirus program, frequently updated and
    set to scan all incoming e-mail, might be able to. Many companies seem to
    operate under the assumption that installing a firewall is akin to invoking a magic
    spell that casts a force field of protection around their networks, rendering them
    completely immune to attack.
    Even the best firewall won’t protect against social engineering attacks, nor will it
    do any good against internal attackers who have physical access to the network.
    Studies have shown that a large number of network-related crimes are actually
    “inside jobs.”

    6. What are some sniffing tools that can be used to capture and analyze
    packets on networks?
    Ans.
    1. Wireshark: Capture and analyze in detail all the packets on the wire or in the air.
    Wireshark is a serious protocol analyzer. And it's free!

    2. EtherApe or ntop: Show general characteristics of the network traffic.

    3. iptraf: Only show counts of packets to/from the host itself.

    You might also like