MCD4700 T2 2016 Assignment 2 Submission guidelines This is an individual assignment, group work is not permitted (except for parts of task 1.1 as stated below). Deadline: Tuesday 6th September, 2016, 11:55pm Submission format: PDF (one file containing both parts 1 and 2), uploaded electronically via Moodle. Late submission: Late submission will have 5% off the total assignment marks per day (including weekends). Submissions more than 5 days late will not be accepted. This means that if you got x marks, only 0:95n × x will be counted where n is the number of days you submit late. Marks: This assignment will be marked out of 70 points, and count for 20% of your total unit marks. Plagiarism: It is an academic requirement that the work you submit be original. Zero marks will be awarded for the whole assignment if there is any evidence of copying (including from online sources without proper attribution), collaboration, pasting from websites or textbooks. Monash Colleges policies on plagiarism, collusion, and cheating available at https:// www.monashcollege.edu.au/__data/assets/pdf_file/0010/17101/dip-assessment-policy. pdf Further Note: When you are asked to use internet resources to answer a question, this does not mean copy-pasting text from websites. Write answers in your own words such that your understanding of the answer is evident. Acknowledge any sources by citing them. 11 Wireless networks For this task, you will perform an analysis of a real large-scale wireless network. Your task is to collect data about WLAN access points and discuss several features of the network that you observe: What kind of technology has been deployed? How many different networks do you see? What channels do they use, do they provide support for roaming, do networks interfere with each other? What security protocols are implemented? 1.1 Use a WLAN sniffing tool on your laptop to record WLAN access points at a large shopping centre. State the centre in your report. Visit the shopping centre with your laptop sniffing the details of available wireless networks. Record the available wireless networks in three different spots. Include screenshots of your WLAN sniffing tool. Compile the gathered information in a table, listing 10-15 available access points for each location with their technical characteristics like channel number, RSSI, 802.11 standard, security, supported data rate, etc. Note: This activity can be done together by a group of 2-4 students. Give the full names and student IDs of all team members. The report must be written individually (but can obviously use the same screenshots for each student in the group). Tools: You can use e.g. Acrylic Wifi (https://www.acrylicwifi.com/en/) or inSSIDer-2 (http://bit.ly/1KcqkN2) for Windows, or NetSpot (http://www. netspotapp.com) for Mac OS and Windows. If your laptop WLAN NIC does not support the 5 GHz band, you may want to team up with someone who has a laptop that does { the results you find will be more interesting if you can scan on both 2.4 GHz and 5 GHz. (10 marks) 1.2 Write a report (word limit 600) on your observations analysing the data collected in the previous step. Your analysis should investigate into the following aspects: • Channel occupancy { crowded and free channels. (4 marks) • Interference from neighbouring access points and its effects. (4 marks) • Dual band WiFi and its advantages. (4 marks) • The security situation of the discovered wireless networks. (4 marks) • Support for roaming between access points. (4 marks) 2• Other aspects of your own choice. E.g. which hardware vendors for access points you can observe, whether you found special networks for certain applications, whether some APs are offering multiple SSIDs, whether you detected any \personal hotspots" (mobile phones used as WiFi access points), or any other observation you find interesting. (10 marks) Your report needs to be your individual work (no group work is permitted). 30 marks are allocated to the technical content, while another 10 marks will be based on the presentation and language of the report. You do not need to follow a strict template for technical reports, but it should be well structured, readable, and use adequate language. All information from external sources must be properly referenced. If you copy text from web sites, it needs to be referenced and quoted! See resources on Moodle for more information about referencing. (40 marks) 2 Cyber Security The security expert and author Bruce Schneier also runs a security blog. His Cryptogram Newsletter (https://www.schneier.com/crypto-gram/) provides a monthly digest of posts of this blog. All Cryptogram Newsletters consist of several longer articles and news on Bruce Schneier and there is always one item simply called News. The task is to pick an item in one of the 3 last Cryptogram Newsletters, read the news item, look up the referenced sources and read them and finally write a brief report on the findings: • Read through the News item in the three most recent Cryptogram Newsletters (https://www.schneier.com/crypto-gram/) and choose a reported issue that either covers a weakness in a software or a hardware product, or covers a particular attack. • Look up the articles and information referenced in the news item. • Write a short summary of the news item (between 30 and 50 words). • Identify which software, hardware or system is affected (max 20 words). • Describe how the problem was discovered and how it was initially published (between 30 and 50 words). • Estimate how serious the issue/weakness/attack is, what the consequences might be, and what reactions you think are necessary/useful on a technical level, in terms of human behaviour, and on a policy level (between 150 and 200 words). 3Your report needs to be your individual work (no group work is permitted). You should structure the report in accordance with the items in the task description. However, there is no need to follow a strict template for technical reports, but it should be well structured, readable, and use adequate language. All information from external sources must be properly referenced (see resources on Moodle about referencing). (20 marks) 4