Question

In: Computer Science

Background / Scenario Attackers have developed many tools over the years to attack and compromise networks....

Background / Scenario
Attackers have developed many tools over the years to attack and compromise networks. These attacks take many forms, but in most cases, they seek to obtain sensitive information, destroy resources, or deny legitimate users access to resources. When network resources are inaccessible, worker productivity can suffer, and business income may be lost.
To understand how to defend a network against attacks, an administrator must identify network vulnerabilities. Specialized security audit software, developed by equipment and software manufacturers, can be used to help identify potential weaknesses. These same tools used by individuals to attack networks can also be used by network professionals to test the ability of a network to mitigate an attack. After the vulnerabilities are discovered, steps can be taken to help protect the network.
This assignment provides a structured research project that is divided into two parts: Researching Network Attacks and Researching Security Audit Tools. Inform your instructor about which network attack(s) and network security audit tool(s) you have chosen to research. This will ensure that a variety of network attacks and vulnerability tools are reported on by the members of the class.
In Part 2, research network security audit tools and attack tools. Investigate one that can be used to identify host or network device vulnerabilities. Create a one-page summary of the tool based on the form included within this lab. Prepare a short (5–10 minute) presentation to give to the class.

You may work in teams of two, with one person reporting on the network attack and the other reporting on the tools. All team members deliver a short overview of their findings. You can use live demonstrations or PowerPoint, to summarize your findings.
Part 1: Researching Network Attacks
Step 1: Research various network attacks.
Step 2: Fill in the following form for the network attack selected.
Name of attack:
Type of attack:
Dates of attacks:
Computers / Organizations affected:
How it works and what it did:
Mitigation options:
References and info links:
Presentation support graphics:

Solutions

Expert Solution

Network Attacks

Malware – short for malicious software which is specifically designed to disrupt, damage, or gain authorized access to a computer system. Much of the malware out there today is self-replicating: once it infects one host, from that host it seeks entry into other hosts over the Internet, and from the newly infected hosts, it seeks entry into yet more hosts. In this manner, self-replicating malware can spread exponentially fast.

Virus – A malware which requires some form of user’s interaction to infect the user’s device. The classic example is an e-mail attachment containing malicious executable code. If a user receives and opens such an attachment, the user inadvertently runs the malware on the device.

Worm – A malware which can enter a device without any explicit user interaction. For example, a user may be running a vulnerable network application to which an attacker can send malware. In some cases, without any user intervention, the application may accept the malware from the Internet and run it, creating a worm.

Botnet – A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g. to send spam.

DoS (Denial of Service) – A DoS attack renders a network, host, or other pieces of infrastructure unusable by legitimate users. Most Internet DoS attacks fall into one of three categories :

Vulnerability attack: This involves sending a few well-crafted messages to a vulnerable application or operating system running on a targeted host. If the right sequence of packets is sent to a vulnerable application or operating system, the service can stop or, worse, the host can crash.

Bandwidth flooding: The attacker sends a deluge of packets to the targeted host—so many packets that the target’s access link becomes clogged, preventing legitimate packets from reaching the server.

Connection flooding: The attacker establishes a large number of half-open or fully open TCP connections at the target host. The host can become so bogged down with these bogus connections that it stops accepting legitimate connections.

DDoS (Distributed DoS) – DDoS is a type of DOS attack where multiple compromised systems, are used to target a single system causing a Denial of Service (DoS) attack. DDoS attacks leveraging botnets with thousands of comprised hosts are a common occurrence today. DDoS attacks are much harder to detect and defend against than a DoS attack from a single host.

Packet sniffer – A passive receiver that records a copy of every packet that flies by is called a packet sniffer. By placing a passive receiver in the vicinity of the wireless transmitter, that receiver can obtain a copy of every packet that is transmitted! These packets can contain all kinds of sensitive information, including passwords, social security numbers, trade secrets, and private personal messages. some of the best defenses against packet sniffing involve cryptography.

IP Spoofing – The ability to inject packets into the Internet with a false source address is known as IP spoofing, and is but one of many ways in which one user can masquerade as another user. To solve this problem, we will need end-point authentication, that is, a mechanism that will allow us to determine with certainty if a message originates from where we think it does.

Man-in-the-Middle Attack – As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data.

Compromised-Key Attack – A key is a secret code or number necessary to interpret secured information. Although obtaining a key is a difficult and resource-intensive process for an attacker, it is possible. After an attacker obtains a key, that key is referred to as a compromised key. An attacker uses the compromised key to gain access to a secured communication without the sender or receiver being aware of the attack.

Phishing – The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

DNS spoofing – Also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver’s cache, causing the name server to return an incorrect IP address

Name of attack: code red

Type of attack:worm

Dates of attacks:july 2001

Computers / Organizations affected: in!ected an estimated 359000 computers in one day

How it works and what it did:code red exploited buffer,over!low vulnerabilities in un patched Microsoft internet information Servers.

Mitigation options:   To prevent the exploitation of the IIS vulnerability organisations needed to apply the IIS patch from Microsoft.

References and info links: http://www.cert.org/advisories/CA-2001-19.html

  http://www.unixwiz.net/techtips/CodeRedII.html

Presentation support graphics:

http://www.caida.org/research/security/code-red/coderedv2_analysis.xml


Related Solutions

12. Over the years many researchers have developed treatments that affect the activity of this pathway...
12. Over the years many researchers have developed treatments that affect the activity of this pathway in a way that allows individuals to get a tan without exposure to harmful UV rays. Complete the table below indicating the behaviour of melanocytes treated with each of the compounds described below in the absence of UV exposure or α-MSH. You can assume that cells being treated in these experiments have the most common (or wildtype) variant of the MC1R gene Treatment G...
1. Describe a situation or scenario where you have had to compromise proving or improving, because...
1. Describe a situation or scenario where you have had to compromise proving or improving, because of time and money limitations? How did you handle that situation, what did you learn, and what would you do differently next time?
3. What institutions have developed over the years to minimize uncertainty and shocks? Why is this...
3. What institutions have developed over the years to minimize uncertainty and shocks? Why is this important to do?
Assume you have developed a business over the past 20 years. You want to determine its...
Assume you have developed a business over the past 20 years. You want to determine its worth if you sell it. The value of the property is $2 million and is paid off (no debt). Over the next 10 years, you expect to sell $200,000 worth of widgets per year, increasing at $20,000 worth of widgets each year.   Your costs are $120,000 per year, increasing at $10,000 per year. However, at year 5 you must spend $2,000,000 to upgrade equipment...
over the years, experienced liquidity managers have developed several strategies for dealing with liquidity problems. explain...
over the years, experienced liquidity managers have developed several strategies for dealing with liquidity problems. explain the differences among these strategies a) Asset liquidity management b) Borrowed liquidity (liability) management c) Balanced liquidity management
Imagine a scenario where repeated large deficits over the years have left Debtopia struggling with massive...
Imagine a scenario where repeated large deficits over the years have left Debtopia struggling with massive amounts of debt. The President’s economic advisors are counseling her on the pros and cons of designing a budget for Congress that will have an even bigger deficit than any year before. Which of the following would have to be true for the advisors to tell the President that crowding out will NOT occur in the market for loanable funds? Group of answer choices...
Name at least one new advancement in networks over the last 5 years, and discuss why...
Name at least one new advancement in networks over the last 5 years, and discuss why you think this has been an important addition to networks. My classmates already did 5G and IoT. I'm thinking about cloud computing or other things similar. It would be great if the explanation could be clear and as detail as possible. Thank you!
Over the past several years many companies have moved their overseas operations back to the United...
Over the past several years many companies have moved their overseas operations back to the United States. Should U.S. based companies continue this trend or leverage the option(s) of globalization? Discuss some advantages or disadvantage and justify your position. (250 words please)
5) Background: You have developed a unique robotic device that will autonomously deliver groceries to people’s...
5) Background: You have developed a unique robotic device that will autonomously deliver groceries to people’s house. Facts: • You are limiting your delivery service to 3 miles from store location. • The cost to produce the delivery robot is $9,300 per robot with a 3 year lifecycle • Market research indicates you will need 5 robots to meet demand and account for down time (repair, charging, etc) • You expect to receive on average 75 orders per day •...
The DNA polymerases used over many years for Sanger dideoxynucleotide termination sequencing of DNA have had...
The DNA polymerases used over many years for Sanger dideoxynucleotide termination sequencing of DNA have had one common feature: they all were intentionally chosen to lack 3’à 5’ exonuclease activity, the proofreading function that many DNA polymerases carry to maintain high fidelity. Why would having proofreading exonuclease activity within the polymerase be detrimental to the Sanger sequencing technique? If you were to substitute a polymerase with proofreading capability, how might that affect the distribution of the bands of DNA produced...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT