Question 1 Explore the current commonplace security challenges present when running an interior routing protocol across a corporate network. You are advised to use OSPF from the CCNA3v7 course as a...

Ouestion 1
OSPF or Open Shortest Path First is one of the most widely used interior gateway routing protocol in large corporations and other institutional environments like universities. It is one of the most common routing protocol in use on the internet. About 35000 Autonomous systems on the internet use OSPF.
The OSPF protocol a vulnerability present in the inherent working of the protocol such that an attack can compromise the data flow, falsify network path designs and create loops that can cripple the routers. OSPF being so popular and widely used, this vulnerability becomes extremely serious.
By misusing these weaknesses an aggressor can diligently misrepresent enormous segments of the topology of the routing domain thus giving the assailant power over how traffic is routed in the area. This thus can lead to Denial of Service, snooping, and man in the middle attacks.
OSPF is a dynamic routing protocol. It is used to populate the routers in an autonomous system (AS) with routing table information and dynamically making changes to topology. OSPF is a link-state routing protocol meaning that every router displays its links to neighbouring routers and networks with their link costs. This is known as Link State Advertisements or LSAs. Every LSA is flooded through the system thus every router in an AS who has received an LSA from its neighbor resends it to every other router in the AS. Each router creates its own database of the LSAs from all routers. Using this database, a router creates a complete topology and implements Dijksatra’s algorithm to find the least cost path to each desitination. This information is then populated in the routing table. Whenever a router receives an LSA from its neighbor, it checks for its legitimacy by checking its LSA sequence number, age and checksum. [1]
In this attack, the attacker uses this flooding of LSAs to perform an attack. The attacker can perform this attack by simply compromising one of the routers on the network. The attacker’s router appears as a neighbor to a victim router that is a designated router. A designated router stores the complete topology and sends it to update all the routers.
For this attack, an attacker uses a compromised router to send out a spoofed LSA to its neighbor router who is a victim of the attack. This router rejects this LSA and resends genuine LSA to all its neighbors. This is known as fight-back. While the victim router received a spoofed LSA, a similar spoofed LSA is sent to a second router such that it appears that this LSA is the last LSA sent by the victim. For this the victims LSA sequence number and age is used.
To the second router this LSA appears genuine and it accepts it. In the meantime, the victim’s fight-back LSA is also received by the second router that drops it because it already has received an LSA with same age and sequence earlier (although from attacker).
The second router then sends out LSA to all its neighbors with the information received in the spoofed LSA, which is then accepted by all other routers as legitimate and thus the falsified routes have successfully reached to all the routers as genuine routes. [2]
Since in OSPF the LSAs are sent out every half hour, the attack must be relaunched every half hour to make the attack persistent.
With this types of attack, an attacker can create a route that leads all genuine traffic towards it and perform a man-in-the-middle attack by reading all information flowing through it, or a denial of services attack by creating a black hole route.
The seriousness of these vulnerabilities can be understood form the fact that almost all AS on the internet uses OSPF as a routing protocol as it is open source and less resource intensive than other protocols. Also they are open source and can be used on almost any brand of routers.
Since these vulnerabilities are inherent to the routing protocols design, it is very difficult to mitigate these risks. Also this attack requires only one compromised router and can work with a small number of routers with falsified information. [3]
There are still some mechanisms to mitigate these attacks like creating a dummy LSA to randomize the checksum and LSA sequence. But this measure leads to larger LSA databases on routers and reduction in performance.
Question 2
IoT innovation is a summed up term that alludes to associated physical and computerized segments. IoT parts can communicate information without the help of humans. Each IoT segment has a Unique Identifier (UID) that makes it unique.
There are presently five types of IoT applications:
Consumer Internet of Things—such as lighting fixtures, home and kitchen appliances, and voice assistance for the elderly.
Commercial Internet of Things —usage of IoT in the healthcare and transport industries, such as smart pacemakers, monitoring systems, and vehicle to vehicle communication (V2V).
Industrial...