University Homepage School Homepage School Contacts School Search

Computer Security: CW1 - Frequently Asked Questions

The following are answers to commonly asked questions about the first coursework. We will add to this FAQ as new questions come up. Please check here before emailing course staff about coursework confusions.

Setup: the /group/teaching/ folder is empty, there is no "cs".

You need to type in the full path. The folder is there, it is just hidden.

Setup: The disk is full and I cannot import a VM.

If you have deleted a prior version of a VM using anything other than the command line, it is likely that a copy of the VM now exists in the /tmp/.Trash directory which is a hidden directory. To see what is taking up the space in /tmp run the following commands:
cd /tmp
du -hS
This will show what files are taking up the space. You can then delete them using the rm command.

Setup: I am getting "file not found" errors when starting my VM on DICE.

There are two common causes for this, both of which require you to delete the VM in VirtualBox and then re-import the VM to fix the issue.

The first cause is that you have switched DICE computers. You are installing the VMs into the /tmp directory of the local computer which means that it will not travel with you to a new computer. But the link in the VirtualBox application does travel with you. So VirtualBox is looking for a file that does not exist.

The second cause is because the computer you were on before has been rebooted. When DICE computers are rebooted they automatically delete everything in the /tmp directory. Since that is where your VM was stored it will have been deleted.

General: What is the password for root on Kali Linux?

The password for root is toor.
To use the root password you must either log in as root or use the su command.

General: How do I move a file from inside the VM to the local computer.

You don't. The VMs are setup to make absolutely certain that you cannot accidentally damage anything. One way we do that is by locking down the VMs on a private internal network and preventing any copy and pasting to or from the VMs. While it is possible to re-configure the VMs such that these things could work, doing so would take effort and remove protections that are keeping you safe from upset computing support people.

A.1: The webpage will not load.

The website is located on alice not bob. You need to go to:
http:\\alice\
You may also need to make sure that the alice VM is running.

B.2: Does the output of my commands have to be visible on mallet or can I have it output to a log on alice?

The output of the commands must be visible on mallet. The correct answer to this question breaks confidentiality by allowing a user on mallet to construct a list of user names without needing to log into Alice's computer.

B.2: Do I have to cause all the names to be listed at once?

No. "Give you a list" means that you must be able to obtain all the user names on the forum. You do not need to obtain all the names at the same time.

C.4: What does "security risk" mean?

For this problem a "security risk" is one row (or top level items in Mallet) in the OpenVAS report. Each row in the report is roughly linked to a single service being provided by the machine. It may be easier to think of the question like this: imagine you only had the budget to address the issues listed in four of the rows. Which rows would you pick and why would you select those ones?

In the following screenshot two potential "security risks" would be "http (80/tcp)" and "ftp (21/tcp)". As can be seen in the screenshot, there are several security holes, warnings, and notes. But what I am looking for is the top level protocol and port along with a description of why you think that one should be prioritized over others. You should be using the security holes, warnings, and notes when formulating your answer.

The goal of this exercise is to get you to run OpenVAS and then think about the response at a deeper level than just taking the top four because OpenVAS says so. The answer may very well be to take the top four, but you need to be able to explain why those ones are important and justify your decision.

C.4: Can I base my decision of "most dangerous security risks" on just the content of the report, or do I need to do extra reading?

All the information you need to make a good decision is avalible in the report. However, you may need to do extra reading if you do not understand all the terms used in the report.

D: Can I start this problem if I have not finished C?

Yes. Be aware that doing part D incorrectly may cause Alice's website to stop working. If this happens you should use the provided commands in the assignment to re-set the firewall.