4 in the syn flooding attack why do we randomize the source ip address why cannot we 5149339

4. In the SYN flooding attack, why do we randomize the source IP address? Why cannot we just use the same IP address?

5. Assume that a database only stores the sha256 value for the password and eid columns.The
following SQL statement is sent to the database, where the values of the $passwdand and $eid
variables are provided by users. Does this program have a SQL injection problem.
$sql = “SELECT * FROM employee
WHERE eid=’SHA2($eid, 256)’ and password=’SHA2($passwd, 256)’”;

6. This problem is similar to Question 5 above, except that the hash value is not calculated inside the
SQL statement; it is calculated in the PHP code using PHP’s hash() function. Does this modified
program have a SQL injection problem?
$hashed_eid = hash(’sha256’, $eid);
$hashed_passwd = hash(’sha256’, $passwd);
$sql = “SELECT * FROM employee
WHERE eid=’$hashed_eid’ and password=’$hashed_passwd’”;

"Get 15% discount on your first 3 orders with us"
Use the following coupon

Order Now