Competency 426 Executive Summary
LOT2 Task 1
Competency 426.4.4: Denial of Servive (DoS)
William J. Lawson
MS Information Security & Assurance - 5/1/13
Student ID:000311942
My Mentor: Mary Gordon c: 317-448-3045
Indianapolis, IN - Eastern Time wlawson@my.wgu.edu B. Recommend in an executive summary measures to counter this type of DoS Attack.
Executive Summary The university network was a victim of a DDoS attack. Whereby a cyber criminal first acquired administrator access. We suspect that the attacker gained access to the network from an internal computer, most likely from a student PC in one of the labs. The attacker likely used keylogger software to discover administrator credentials. Once the attacker had the administrator access the systems he/she was able to create BOTs and push to many student PCs located in various labs. The attacker then initiate a control attack by activating the BOT 's in order to form a BotNet (a.k.a. Zombie Network) with the goal of intentionally causing online services to become unusable to students (ICECC, 2009). …show more content…
It was the combined effect of using many BOTs at once that produced the attacker 's desired effect of overflowing the resources of the registration web server and rendering it unusable.
Recommendation to Counter this type of DoS attack
To prevent or limit the impact of keyloggers:
Deploy a firewall to block known keylogger software.
Educate facility not to open email from unknown users and not to click on links in emails from unknown users.
Create a Policy whereby users cannot install new software to a machine without opening a ticket with the helpdesk or requesting administrator access (ICECC, 2009). The student computers should be preloaded with all required
Competency 426.4.4: Denial of Servive (DoS)
William J. Lawson
MS Information Security & Assurance - 5/1/13
Student ID:000311942
My Mentor: Mary Gordon c: 317-448-3045
Indianapolis, IN - Eastern Time wlawson@my.wgu.edu B. Recommend in an executive summary measures to counter this type of DoS Attack.
Executive Summary The university network was a victim of a DDoS attack. Whereby a cyber criminal first acquired administrator access. We suspect that the attacker gained access to the network from an internal computer, most likely from a student PC in one of the labs. The attacker likely used keylogger software to discover administrator credentials. Once the attacker had the administrator access the systems he/she was able to create BOTs and push to many student PCs located in various labs. The attacker then initiate a control attack by activating the BOT 's in order to form a BotNet (a.k.a. Zombie Network) with the goal of intentionally causing online services to become unusable to students (ICECC, 2009). …show more content…
It was the combined effect of using many BOTs at once that produced the attacker 's desired effect of overflowing the resources of the registration web server and rendering it unusable.
Recommendation to Counter this type of DoS attack
To prevent or limit the impact of keyloggers:
Deploy a firewall to block known keylogger software.
Educate facility not to open email from unknown users and not to click on links in emails from unknown users.
Create a Policy whereby users cannot install new software to a machine without opening a ticket with the helpdesk or requesting administrator access (ICECC, 2009). The student computers should be preloaded with all required