Which of the following account lockout policy modifications could you make to ensure that user passwords cannot be intercepted by analyzing captured packets? (D) Disable the Store Passwords Using Reversible Encryption policy 2. Which of the following mechanisms is most often used in firewall rules to allow traffic on to the network? (D) Port numbers 3. Which of the following NTFS features is incompatible with EFS encryption?
Spyware is almost exactly as it sounds, a spying program. This type of malware will record the users input and transmit it back to the hacker to access at his leisure. This type of spyware is called a key logger and can capture interesting information such as user names, passwords, credit card numbers and email addresses. The more advanced versions of spyware can siphon off network data that will allow the hacker access to files, encryption keys, and other sensitive information. The final malware I will cover is the zombie.
A forgotten detail can provide a convenient back door, while an overlooked port can be an attacker's front door. Neglected user accounts can permit an attacker to slip by the defenses unnoticed. Part of the challenge of securing a Web server is recognizing the goal. As soon as we know what a secure Web server is, we can learn how to apply the configuration settings to create one. The fact that an attacker can strike remotely makes a Web server an appealing target.
Hackers find it immeasurably easier to decipher encrypted passwords that are not salted using rainbow tables, rather than those that have had a salt string attached. “Once a hacker realizes your system uses salted hashing, he or she probably will move on, searching for a system not protected by salt” (Leon, 2009). The company should create a password policy that defines what the company will accept as password values (Dulaney, 2009). The password policy can enforce password history, maximum password age, minimum password age, minimum password length, password must meet complexity requirements, store passwords using reversible encryption, account lockout policy, account lockout duration, account lockout threshold, reset account lockout counter after (Dulaney,
To ensure there is no fault, an incorrect code/card will be used to ascertain if the software is actually doing its Job. All findings will be recorded for reference in any future investigations, or the follow up to this one should higher authorities become involved. Simply put, “why” the intruder was able to gain access to the site, during these checks, you must also try and ascertain “when” the intruder gained
And to feel more secure I would purchase a firewall so that the outside would have A hard time accessing the network. I would also do a complete background check on the person that is being interviewed and or hired for the system administer
To begin with, the definition of a port scan is, “The examination of TCP and UDP ports to determine which are open and what services are running. (Conklin 659) “The method used by intruders to discover the services running on the target machine. The intruder can then plan an attack on any vulnerable service that he or she finds for example, if the intruder finds that port 143 is open here she may proceed to find out what version of IMAP is running on the target machine if the version is vulnerable she may be able to gain superuser access to the machine using exploit (a program that exploits a security hole).” (Teo, 2000) To put the definition of the port scan into simpler terms it is a way for intruders to scan the network of the company for a way into the company records and programs. A port scan can tell an intruder what port is open, where it leads to, and what programs, files, passwords are on the machine that they have found access. Ping sweeps are used to identify the path a host ID uses in a given subnet.
• Imagine you are a CISO of a publically traded company and concerned about security when sending any message traffic over the Internet to your remote sites. Determine the security measures you would consider implementing to mitigate security risks when sending message traffic over the Internet. Explain your reasoning. Teardrop – a mangled packet sent in fragments via overlapping or overloading payloads which could cause the systems as it has in the past with older OS versions. Sequence number – hijacked or interrupted TCP/IP sessions via injected packets that disguises its origination from one of the two computers in a session.
Unit 9 Assignment 1: List Phases of a Computer Attack In this assignment I am a hacker who needs to protect my organization from a computer attack. I will list general phases of a computer attack. We have an organization that we need to protect from outside attacks by foreign parties. I am an ethical hackers who needs to take preventative measures in order to adequately secure the network against these attacks. Many attackers follow a general set of steps in order to gain the permissions necessary to break into a system.
It will inform you on how hackers and system administrators used ping sweeps and port scans. While describing some of these notorious computer activities, these techniques will also be shown how system administrators can use to benefit the company. Two techniques that are used to attack a network is ping sweep and port scans. These activities can be used with malicious intent against, as well as, in effort to try to protect a network. Ping sweeps and port scans has been a notorious and yet a useful tool for hackers and system administrators.