Study the example fault trees in the lecture this week.
Here is a similar example.
Password sniffing is about different ways that crackers can learn
about users' passwords. Here is a simple fault tree/cause tree which
shows the routes for password guessing.
A company employee in the mail room, who is annoyed about not getting a pay rise, decides
to try to crack into the company system.
Criticize this analysis. Does the cracker see all telnet users' passwords?
If the cracker can only has access to a small part of the network, will he
be more likely to see more passwords, if there are twice as many users
at his organization in total? What is his chance of getting caught, if he
uses these two strategies?
- Posing as a system administrator, he estimates that the most probable way of getting the password, is to ask or trick
users into telling. P(A) = 30%
- Sniffing by the network is harder, and it depends on the ability of
the cracker to find a part of the network which is not switched,
i.e. so that it is possible for him to see other users' network
traffic, by coupling his laptop to the net.
- The probability that a user at the company will use telnet/ftp, instead of ssh or sftp is
found to be P(B) = 0.05 (5% windows users).
- Of all the network points in the building, only 10% use hubs or
non-switched multiport repeaters, where some of the traffic is visible.
i.e. P(C) = 10%.
- Work out the total probability of being able to obtain someone's
password. Show that it is not much better than by social engineering
- Will he be likely to get anyone's password, using this attack?