| 20-ECES-653-001 | Network Security | Fall 2007 |
|---|---|---|
Homework Assignment Number 1 |
Due: September 27 (send to franco@gauss.ececs.uc.edu)
Rationale:
This is a simple warm-up exercise. The results should be useful in completing your project.
Homework Problem:
You are to send two emails with specific content to franco@helios.ececs.uc.edu on September 26 (date should be September 26, between 12:01AM and 11:59PM, as arrived at helios). The first email is to contain the word "devolution" and the second "fallow". The first email will be sent in plain English text. I will respond to your first email message (regardless of content) with a pgp public key. You may then use that public key to encrypt the second email, or you may try to send the second email in plain English text. If you send the email encrypted, please send it as an attachment to make my life easy. I am not sure I can decrypt an email unless it is an attachment. On September 27 send an email to franco@gauss.ececs.uc.edu with a table pairing student names with two times. Check here for a list of student names. Each name will be that of a sender of "devolution" and "fallow" emails, the first time will be the time the first email arrived, the second time will be the time the second arrived.
You will receive a score which is the sum of points obtained as follows: 50 points for the "devolution" email; 50 points for the "fallow" email; 1 point for every emailer you say sent an email at the time you say the emailer's email arrived within 5 minutes (maximum of two points per emailer); -1 point for each incorrect time reported for an emailer; -2 points for each claimed emailer who is not participating; -100 points for sending more than 10 emails on September 26.
Important: the grader needs to know who has sent what email
such information must be included in both emails
the challenge is for you to figure out a way to trick
everybody in the class but not the grader!
Notes: you may send up to 10 emails to franco@helios.ececs.uc.edu on September 26. Several may contain either or both words. Other words may be added to the message. The first email containing "devolution" will be the official email containing the word. The same holds for "fallow" after the first devolution email is received.
Sniffing:
To sniff on helios use (minimally)
sniffit_wrapper -p 25 -F vr0 -t10.63.1.252Port 25 is the port the mailer uses, vr0 is the device name of the NIC over which internet traffic flows, and the IP address is that of helios. The executable sniffit_wrapper is actually a wrapper which enables sniffit to be run by normal users. The wrapper is set up to dump the output to the screen. You can save the results over time (and leave) by redirecting the output to a file, for example like this:
nohup sniffit_wrapper -p 25 -F vr0 -t10.63.1.252 > spy.out &Unfortunately, these files tend to eat space. It will be a challenge to monitor email without using too much space.
Encrypting Email:
You should use gpg to encrypt email. It is on helios already. For other computers you might check the download section of http://www.gnupg.org/ and install it. To start with, you need to create keys (a public and a private key). Do this using the command:
gpg --gen-keyYou will be prompted for the type of key you want. It is reasonable to select the default (choice 1) and a keysize of 2048 bits (default choice). You might make the keys valid forever by choosing 0. Then enter your id - this takes three prompts for real name, email address, and comment. Finally enter a passphrase (this is needed to use the keys). Sit back and watch the keys be made. All this results in a directory .gnupg containing the files:
gpg.conf pubring.gpg secring.gpg trustdb.gpg random_seed pubring.gpg~To extract your public key from the public key ring use the command
gpg -a --export > mykey.gpgThis results in a file called mykey.gpg which might look something like this:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.0 (FreeBSD) mQGiBEMzO0ARBACfskVfi+shx3ylC167q7di1IDdZ3Sl16+h//FBzigzEM44YfQC lDkx6xyOEeJHPYCSreDBhP+G8wzII8XsrTClWrHXzbpAntFQ4fhqGSNvPsyB43Cu zt9xSPQKLxiIbAC4A64o/WW9UHV0M4/WCUVAGfHGG9pCNpd+RtGj0rd04wCgk4SS ddHwhERLKj7PnEhYCnMvM+sD/inCejKn71oem4q+H21pYP2ksa4DfhagQrRLYuiD dkOvdojryGOkTSZh9GogMg4PSQYNaZgSk3H3r41Pqw3SC/bWjQSToCeonSCG6a4d l17KoL+wbNAu+1aHUU8A+GDDqTk1lzJnSmi0VOJWi2azZbmY17h7PHe8EThD1CRu RY/mA/0enyn7/32zbI4kIOgyC1cfxt8jZ/gM3oNUCTxxzxYsDCdqePHr9Yp20tvT HfkA9Jm5vhvam1tSmMczZczrQVNYwFpD0WkftbakMMrsKXvzEtLrVVtTcRVaSxAA xvCBZ5nTZ1yhKnCd7OJPC8EjZ8wEo6rpX/Lo6wUbHDXsYNtcB7QuSm9obiBGcmFu Y28gKE5vbmUpIDxmcmFuY29AZ2F1c3MuZWNlY3MudWMuZWR1PoheBBMRAgAeBQJD MztAAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEBcB08mRACsz7GAAnRBVHuc+ JgUzpFSC1z251dwxTSSSAJ9D/KGjI6tiI92uVTwFzfm/F9Auk7kCDQRDMztZEAgA imj2pAkhpy20Rs6FG/YIxPq9FA7ozHM5+PwGT9bs5kmlvyzpOGrO3c9X+6e5690+ pdKE90T/sl1amho/k/0tTfT6yjICmEh94bDAobwyw8xVFIyD0KF8nprZsT2A39p1 +gtXbbk2fvsYHoNRdZFE76BWmLTWbyofKPORXE5IfK4VdM8RoFXqxCBJHOdv77DJ fgRU6sawig73OscQdliET+DZ3XkyePP91b9i16982DqEclYyqfuH3RkY2n3c8rA8 tzwZOcORg5s22zfc0BetGc9wJSAmUAeMO44soBgxVhU4bBp0IFfDHCi3Muav2l4V Qfy6DD6nJiu+E9R1LvbMhwADBQf7B8jFpDl50dyynkmUmiePW3fsG9mPQ+M/xguV e0qQjg91egl8yItBT0A+b7IaPkT3RdD7X8OrowC8pnsNB6YsSc1ln6VpTopvQo11 zRrLACTBMASlfP1rL8H1j3vLx/wnZyGJOwV6cK3XcMNxDvasrpRgLqah+7arqGgT gWmCRwDAajYk9JVvvrpev+2F+i/7AhCjZHXTYMIFe1cwfJtnIXXEGjXx+p6t19r3 K7BxXm4tr6qCdWCD8GbZn6OyZVzT2UV8mMJsvT9o/QgMYSzxcIHH+yoY41kiSefX filyISj+zSLZCWjG23QVLrwIs4I0ob1aHrUNtlX0mLDI/yV9S4hJBBgRAgAJBQJD MztZAhsMAAoJEBcB08mRACszI/4An0O2kX0wXWtTykRrtu6AKJawbC5SAJ9EwF27 HoCuskgqdS05cKPAKcVMLA== =08Qv -----END PGP PUBLIC KEY BLOCK-----You may be queried for the ID you specified when creating the key (your name is enough). The file is a text file that can be sent in an email to someone either as an attachement or as a signature.
If you receive someone's (the sender) public key file, say in an email, you can send an encrypted email to that person. Usually this is done semi-automatically by a mailer but the following steps describe what is involved in manually encrypting email messages. First, save the sender's public key. If the key is sent as an attachment, save it as a file, say senderkey.pgp. Then store the sender's key in your keyring with
gpg --import senderkey.gpgThe response is something like
gpg: key 91002B33: public key "John Franco (None) <franco@gauss.ececs.uc.edu>" imported gpg: Total number processed: 1 gpg: imported: 1Now you can encrypt a message to the sender with the sender's public key. To find the identity needed by pgp to do this use
gpg --list-keyswhich gives something like this
/home/franco/.gnupg/pubring.gpg ------------------------------- pub 1024D/94493ACD 2006-09-13 uid John Franco (For classroom use only) <franco@helios.ececs.uc.edu> sub 2048g/3234006F 2006-09-13 pub 1024D/91002B33 2006-09-22 uid John Franco (None) <franco@gauss.ececs.uc.edu> sub 2048g/A5E8DFC2 2006-09-22Suppose the email you wish to be sent to John Franco on gauss is in the file msg.txt. Then use
gpg --encrypt msg.txtYou will be prompted for the id of the recipient. In the above example you enter franco@gauss. You get something like this
gpg: A5E8DFC2: There is no assurance this key belongs to the named user
pub 2048g/A5E8DFC2 2006-09-22 John Franco (None) <franco@gauss.ececs.uc.edu>
Primary key fingerprint: 71F6 1D5A 407A A88D 6319 907B 1701 D3C9 9100 2B33
Subkey fingerprint: A767 C031 473D 6FB2 AA1B 9FE5 5167 C89D A5E8 DFC2
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
Respond with y. Then hit return to stop the encryption process.
The file msg.txt.gpg will be created. This may be sent to John
Franco on gauss.
To decrypt an encrypted message, first make sure the message has been sent as an attachment. Then save the attachment as a file, say msg.enc.pgp. Then use
gpg --decrypt msg.enc.pgp > msg.decSupply your passphrase when prompted. The decrypted message is in file msg.dec.