Part 3: Network address translation (NAT) protects against unsolicited incoming
ID: 3857396 • Letter: P
Question
Part 3: Network address translation (NAT) protects against unsolicited incoming packets, but not against other types other types of network activity, such as "drive-by downloads." Explain how NAT protects against unsolicited incoming packets. Explain why NAT does not protect against other types of attacks.
Part 4: Suppose you've found a USB drive in a classroom. It's not safe just to plug in the drive and see what happens. Which of the malicious software propagation techniques described in chapter 6 could use a USB drive for transport? What steps could you take to safely determine the contents of the drive?
Part 5: You download a free solitaire card game for your phone. It's a "play by yourself" game that doesn't interact with other players, etc. When you start to install it, you find that it wants permission to "Send SMS messages," and "Access your address book." What is likely going on? What would a malicious person have to gain by doing this?
Explanation / Answer
Part 3:
NAT prevent unsolicited incoming packets for the following reason.
The NAT router connects an internal private network to the Internet.
NAT protocol can monitor everything sent out to the Internet by the computers on the LAN. It can keep track of each outgoing packet's destination IP and port number in an internal "connections" table and assigns the packet its own IP and one of its own ports for accepting the return traffic. It records this information, along with the IP address of the internal machine on the LAN that sent the outgoing packet, in a "current connections" table.
When any incoming packets arrive at the router from the Internet, the router scans its "current connections" table to see whether this data is expected by looking for the remote IP and port number in the current connections table. If a match is found, the table entry also tells the router which computer in the private LAN is expecting to receive the incoming traffic from that remote address. So the router re-addresses (translates) the packet to that internal machine and sends it into the LAN.
If the arriving packet does not exactly match traffic that is currently expected by the router, the router figures that it's just unwanted "Internet noise" and discards the unsolicited packet of data.
NAT does not protect against other types of attack reason:
Part 4:
Malicious software propagation techniques that a worm can use to infect a computer:
Safety measures for USB drives
Part 5:
A simple solitare game does not require permissions like sending sms or accessing address book.
So, it can be assumed that some hidden code is running behind the game that can make use of the address book and your phones sms capabilities to do some malicious actions without the users knowing.
The malicious person can gain information about all the contacts in the address book to make a mass attack from the user’s mobile itself or simply copy the contacts for future use of spamming them.
SMS service can be used to send spam sms’s from the users mobile only thereby directly not exposing the malicious person.
Sms can be used to extract and send critical data’s like users location coordinates, ip address of the network, mac address of the phone etc.
Hope your question has been resloved. Please do not forget to give a positive like to the answer. Thank you.