The fact that an attacker can strike remotely makes a Web server an appealing target. Understanding threats to a Web server and being able to identify appropriate countermeasures permits us to anticipate many attacks and prevent the ever-growing numbers of attackers. The main threats to a Web server are: * Profiling * Denial of service * Unauthorized access * Arbitrary code execution * Elevation of privileges * Viruses, worms, and Trojan horses 1) Profiling: Profiling, or host enumeration, is an exploratory process used to gather information about the Web site. An attacker uses this information to attack known weak points. Vulnerabilities: • Unnecessary protocols • Open ports •Web servers providing configuration information in banners Attacks: • Port scans • Ping sweeps • NetBIOS and server message block (SMB) enumeration Countermeasures: Include blocking all unnecessary ports, blocking Internet Control Message Protocol (ICMP) traffic, and disabling unnecessary protocols such as NetBIOS and SMB.
Companies such as this are required not only legally, but ethically to protect the customers’ private information or be held accountable by law. It is also bad practice to allow this sensitive information to be disseminated and stolen by cyber criminals. Since this kind of data must be protected at all costs, certain regulations were put in place so that standards for information security could be monitored. One of these standards is that all personal information is to be encrypted when being sent over the internet and also on the servers. This will make it much harder for the hacker to access the information easily.
3. If the company is looking into using laptops and Internet access in the field, then it must consider encryptions. According to Pfleeger & Pfleeger, “encryption is powerful for providing privacy, authenticity, integrity, and limited access to data” (p. 444). I would suggest “end-to-end encryption” this is known to provide encryption from one end of transmission to the other” (p. 446). This way, information transmitted from the field would be in encrypted throughout the network.
• Imagine you are a CISO of a publically traded company and concerned about security when sending any message traffic over the Internet to your remote sites. Determine the security measures you would consider implementing to mitigate security risks when sending message traffic over the Internet. Explain your reasoning. Teardrop – a mangled packet sent in fragments via overlapping or overloading payloads which could cause the systems as it has in the past with older OS versions. Sequence number – hijacked or interrupted TCP/IP sessions via injected packets that disguises its origination from one of the two computers in a session.
It will inform you on how hackers and system administrators used ping sweeps and port scans. While describing some of these notorious computer activities, these techniques will also be shown how system administrators can use to benefit the company. Two techniques that are used to attack a network is ping sweep and port scans. These activities can be used with malicious intent against, as well as, in effort to try to protect a network. Ping sweeps and port scans has been a notorious and yet a useful tool for hackers and system administrators.
For this part we will be examining the security features needed in each section of the new system, the data, interface, processes, and network, and finally will end with a diagram of the data flow throughout the system. One of the most important factors in any system is the security of that system. If a system was unsecure, than that system is vulnerable to malicious attack and malware of all types. For a company, this can mean a theft of important data and even worse, a loss of revenue from trying to secure the system and from possible lawsuits. Because of the way that each part of the system functions, each part will have its’ own “type” of security, which will come together to ensure almost absolute system security.
This threat is suspected due to the existing vulnerabilities that allow the unauthorized access of sensitive information across the existing network design. To thwart this effort and further secure Lafleur’s sensitive information the implementation of Access Control’s should occur. Access controls are used to authorize or limit object access to users, groups, and systems on the network or connected systems. Access control list consist of many areas that maintain a relationship with each other to provide an overall secure environment. The relationships that must be considered are: • Objects – This can be files, printers, computers, and other resources.
And to feel more secure I would purchase a firewall so that the outside would have A hard time accessing the network. I would also do a complete background check on the person that is being interviewed and or hired for the system administer
IS3445 – Security Strategies in Web Applications and Social Networking Unit 1 Lab 1 Assessment Doug Stott Mr.Gibbins 10/1/14 1. From the results of lab #1 – Business Application impact analysis worksheet, what do you consider to be the greatest type of risk and why? The greatest risk is hackers having access to data because it can lead to identity theft. 2. Why is it critical to perform periodic web application vulnerability assessments and penetration tests?
This is done to prevent a terrorist from using a student status as a cover-up to allow admittance to this country with the intention to commit acts of terrorism. There are many different surveillance methods that the government uses to spy on terrorist suspects, including email, financial records, and store receipts. But, one of the most common methods of surveillance that the government uses is roving wiretaps. This is tapping into phone calls. “The government says roving wiretaps are needed to deal with technologically sophisticated terrorists.” (Abramson & Godoy) But, one of the negatives of wiretapping is that the government might make an excuse for using it to monitor terrorism with the real intention to spy on foreign