HACQIT Project Part 2

Introduction

Phase 1 required you to log into the server for the Teknowledge enclave, on which the HACQIT systems reside, and post a mesage to the bulletin board. The next phase asks you to answer some questions about the systems on the enclave, and the cluster.

What is Due

Please answer as many of these questions as you can. You will probably not be able to answer them all. Some are more difficult than others. So do your best, and--as always--show a typescript (for example, from script(1))

  1. What is the IP address of the login server on the internal enclave network? Hint: it is not 66.47.115.118. How is it configured, i.e.., what OS and what services/ports are running on it?
  2. What is the configuration of the rest of the enclave network, i.e., how many other machines, what are they running, etc?
  3. What can you tell about the HACQIT protected cluster (where the web server is located), i.e., what is the internal IP address of the web server on the protected cluster LAN? Hint: it is not 192.168.1.232. What else is present in the cluster? How do you know?
  4. Is there a firewall (other than the enclave firewall) protecting the cluster servers? What is it? How do you know?
  5. What web server and other applications are being used in the cluster? What CGI scripts are running on the primary web server?
  6. It is important to be able to send arbitrary code to a target. Without using lynx, pass the following HTTP request to the HACQIT protected web server:
    GET /
    
    How did you do this? How does the web server respond to this request? How can this capability be used?

  7. There is not much traffic on the LAN right now. What would more traffic enable you to find out that you don't know now?

Due Date

This is due on Friday, February 22, at noon.

 


ECS 153, Introduction to Computer Security
Winter Quarter 2002
Email: [email protected]