Fictitious Security Vulnerability In A Range Of Lasers Printers

Assessment Item 2 — Assignment 2 Due date: Friday, 5:00pm (AEST), Week 10 ASSESSMENT Weighting: 25% 2 Length: N/A Note: Your assignment must be in Microsoft Word format, and must be submitted electronically by the due date via the Moodle website Question 1: Snort Rules (10 Marks) This question presents a fictitious security vulnerability in a range of lasers printers. The question requires that you develop SNORT IDS rules to detect exploits of this fictitious vulnerability. All information regarding this vulnerability is fabricated to give the illusion of a real security threat. As a result, searches on the Internet will not yield any information regarding the signature of this vulnerability. All the information required to detect exploits for this vulnerability are presented in this question, except where noted otherwise. You are a security specialist working for XYZ Incorporated. XYZ use SNORT as their NIDS which protects both their IP sub-networks being 192.168.1.0/24 and 192.168.2.0/24. A security vulnerability has been detected in the Humphrey Pollard Laserprint 12050 printer model. This vulnerability is remotely exploitable and allows the execution of arbitrary code. There is a bug in the way the printer processes the postscript spool management header. A sample of a spool header is given below: %!PS-Adobe-3.0 %%Creator: texttops/CUPS v1.2.2%%CreationDate: Thu 21 Sep 2006 11:49:57 AM EST%%Title: TODO %%For: username %%DocumentNeededResources: font Courier-Bold … The printer’s code which parses these headers only allows 8 bytes for the “%%For” field value buffer in memory. In the example above, the field value is “username”. It is possible to overflow the buffer by providing a value to the “%%For” field that is greater than 8 bytes. The “%%For” field can be found anywhere in the packet. An exploit has been released in the form of a worm which when infecting the Laser printer’s memory, tricks the laser printer into emailing all…

Our Service Charter

1. Professional & Expert Writers: On Time Writers only hire the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by On Time Writers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. On Time Writers is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At On Time Writers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.