Question

In: Computer Science

1. Demonstrate the use of an Eternal Blue attack on Windows system. 2. Recommend mitigation against...

1.
Demonstrate the use of an Eternal Blue attack on Windows system.

2.
Recommend mitigation against Eternal Blue attacks.

Solutions

Expert Solution

EternalBlue is an exploit most likely developed by the NSA as a former zero-day. It was released in 2017 by the Shadow Brokers, a hacker group known for leaking tools and exploits used by the Equation Group, which has possible ties to the Tailored Access Operations unit of the NSA.

Demonstration:

Find a Module to Use

The first thing we need to do is open up the terminal and start Metasploit. Type service postgresql start to initialize the PostgreSQL database, if it is not running already, followed by msfconsole.

Next, use the search command within Metasploit to locate a suitable module to use.

There is an auxiliary scanner that we can run to determine if a target is vulnerable to MS17-010. It's always a good idea to perform the necessary recon like this. Otherwise, you could end up wasting a lot of time if the target isn't even vulnerable.

Once we have determined that our target is indeed vulnerable to EternalBlue, we can use the following exploit module from the search we just did.

Step 2: Run The Module

Now the target is compromise

B:

According to the U.K. National Cyber Security Center, computer emergency response teams and security experts, businesses and organizations worldwide need to ensure that the following five mitigation strategies are in place:

  1. Install MS17-010: Install the MS17-010 fix and all available OS updates issued by Microsoft in March 2017 to prevent getting exploited by the MS17-010 vulnerability. Any systems running a Windows version that did not receive a patch should be removed from all networks.
  2. Install emergency Windows patch: Microsoft has issued one-off security fixes for three operating systems that it no longer supports: Windows XP, Windows Server 2003 and Windows 8.
  3. Disable SMBv1: If it is not possible to apply either patch, disable SMBv1. Refer to guidance from Microsoft for doing so.
  4. Block SMBv1: Block SMBv1 ports on network devices - UDP 137, 138 and TCP 139, 445.
  5. Shut down: If none of those options are available, shut down your computer. Propagation can be prevented by shutting down vulnerable systems.

Related Solutions

Use the ATI active learning template system disorder to demonstrate the following disorders 1. Hypovolemia 2.Hypervolemia...
Use the ATI active learning template system disorder to demonstrate the following disorders 1. Hypovolemia 2.Hypervolemia 3.Hyperkalemia 4.Hypokalemia 5.Hypercalcemia 6.Hypocalcemia.
Although 90% of all desktop computers use Windows as their operating system, there are two popular...
Although 90% of all desktop computers use Windows as their operating system, there are two popular alternatives - Apple's Mac OS and the Linux open-source operating system. In this assignment, you will investigate an operating system other than the one you usually use to see how it handles common operating system functions. Note: A popular Linux OS is Ubuntu (As an open-source operating system it is FREE). If you choose to test Linux you can use this link for easy...
Q 1) Recommend internal control procedure(s) that can provide protection against the following threats? 1. An...
Q 1) Recommend internal control procedure(s) that can provide protection against the following threats? 1. An employee issues credit memos to write-off account balances for friends 2. Workers on the shipping dock steal goods, claiming that the inventory shortages reflect errors in the inventory records. 3. An employee fails to bill customers for the goods which are shipped to them, which results in the loss of assets and erroneous data about sales, inventory, and accounts receivable. 4. An employee uses...
Use Ati Active learning Template system disorder to demonstrate prostate cancer
Use Ati Active learning Template system disorder to demonstrate prostate cancer
Use Ati Active learning Template system disorder to demonstrate HIV/AIDs
Use Ati Active learning Template system disorder to demonstrate HIV/AIDs
Use Ati Active learning Template system disorder to demonstrate HIV/AIDs
Use Ati Active learning Template system disorder to demonstrate HIV/AIDs
1. Define ethical terms and appropriately use the reading material. 2. Demonstrate knowledge of major arguments...
1. Define ethical terms and appropriately use the reading material. 2. Demonstrate knowledge of major arguments and problems in ethics. 3. Present and discuss well-reasoned ethical arguments. 4. Apply ethical concepts to life-oriented situations. 5. Apply critical thinking to readings in Ethics. Discussion: 1. Ask several people of your choice to decide which of the two situations best illustrates the essential elements of morality. Who is ethical in his/her actions? Would you point out Betty or Peter? A)   Betty always...
Blue Manufacturing purchased a machine on January 1, 2020 for use in its factory. Blue paid...
Blue Manufacturing purchased a machine on January 1, 2020 for use in its factory. Blue paid $458,000 for the machine and estimated that it had a useful life of 10 years, at the end of which time the machine was expected to have a residual value of $40,000. During its life, the machine was expected to produce 380,000 units. During 2020, the machine produced 41,800 units, and produced 58,600 in 2021. The machine was subject to a 20% CCA rate,...
1. Discuss whether they would prefer to use a Linux or Windows boot loader on their...
1. Discuss whether they would prefer to use a Linux or Windows boot loader on their home OS and explain their reasons why. 2. Discuss some of the different reasons why they believe a Linux system should or should not be configured to use the X Windows environment. Why do they think that some administrators might choose to use the environment while others would not?
1. Use PE ratios to recommend a stock. Use expected growth and standard deviation to facilitate...
1. Use PE ratios to recommend a stock. Use expected growth and standard deviation to facilitate that recommendation. Company Name                        PE                       Expected Growth       Standard Deviation Coca-Cola Bottling                         29.18         9.50%                          20.58%      Molson Inc. Ltd. 'A'                       43.65         15.50%                        21.88%      Anheuser-Busch                             24.31         11.00%                        22.92%      Corby Distilleries Ltd.                   16.24         7.50%                          23.66%      Chalone Wine Group                     21.76         14.00%                        24.08%      Andres Wines Ltd. 'A'                      8.96        3.50%                          24.70%      Todhunter Int'l                              8.94           3.00%                         ...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT