Preview

Lot2 Task 1

Good Essays
Open Document
Open Document
719 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Lot2 Task 1
LOT2 Task 1

Diagram

Below is a diagram which illustrates how the attack overwhelmed the Web Server.

Executive Summary

The attack performed on the network had the intention of making the online services provided to students unusable during a critical time of need for those systems. The attack was first performed by acquiring the Administrator password for the systems and using each system to perform a large quantity of requests for service to the web servers. By dissecting what occurred steps can be put in place to prevent such an attack in the future. This attack can be summarized in a few bullets:

The attacker was allowed to install software without having Administrator rights
The software used sniffed out the Administrator password either via the wire or possibly keystroke logging.
Each client computer was able to send a large amount of HTTP requests to the web server.
The web server accepted and processed each request.

To begin with, it needs to be made mandatory that users on a machine cannot install new software to a machine. Instead, each machine should be preloaded with the tools that would be needed for a typical student to perform their work. In addition, the use of a file monitoring program, such as Tripwire, can be used to detect and notify if any changes have occurred to files or entire folders that shouldn't experience any changes.

Next, if the software installed did indeed discover the password over the wire and was able to crack it then two changes need to be made. The first is that the password should be sent over the wire in an encrypted format and should be encrypted via current accepted encryption algorithms, such as AES at the date of this document's creation. The second change would be to enforce complex passwords which would be at least one capital letter, one lower case letter, numbers, special characters, and more than 8 characters.

If the attacker's software installed was a keystroke

You May Also Find These Documents Helpful

  • Powerful Essays

    LIT1 Task 310

    • 3249 Words
    • 10 Pages

    SOLE PROPRIETORSHIP: A sole proprietorship is the easiest of all the business types to start and take the least amount of start-up capital. This is also the most common form of doing business in the United States. With a sole proprietorship, the business and the owner are one in the same and it is not possible to bring someone into the business.…

    • 3249 Words
    • 10 Pages
    Powerful Essays
  • Satisfactory Essays

    Nt2670 Unit 7 Lab 1

    • 402 Words
    • 2 Pages

    1. Manages the application pool configuration and for the creation and lifetime of worker processes for HTTP and other protocols.…

    • 402 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS3110: Unit 1 Role Scenario 1) Identify threats to the seven domains of IT within the organization: A. User: Destroy data B. Workstation: Loss of data, not updated C. LAN: Unauthorized user, weak password D. LAN –WAN: Hackers, weak traffic filtering E. WAN- FTP anon uploads, DoS/DDoS F. System Application: Fire, DoS/DDoS, SQL injection corrupting data G. Remote: user virus, remote from office unsecure, VPN tunnel hack 2) Identify vulnerabilities in the seven domains of IT within the organization. A. User: Infected media, social engineering B. Workstation: OS vulnerability, browser vulnerability C. LAN: Worms, LAN OS vulnerability D. LAN-WAN: malicious websites, unblocked ports E. WAN: network outages F. System Application: ISP…

    • 259 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Sometimes, owing to corruption in the system software, the msrle32 dll is broken and then the users…

    • 623 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Create a Policy whereby users cannot install new software to a machine without opening a ticket with the helpdesk or requesting administrator access (ICECC, 2009). The student computers should be preloaded with all required…

    • 508 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    Fv1 Task 4

    • 514 Words
    • 3 Pages

    Data collection for all three groups will start with the patients’ demographic information including, their name, DOB, sex, address, primary care provider, pulmonologist, and insurance payer, and the year which they were diagnosed with COPD. The SF-12 QOL questionnaire as well as 6 questions concerning hospital admissions over the past twelve months, and comorbid conditions would be administered to gain the patient’s understanding of their current feelings about their overall quality of life. An initial FEV1 and FVC would be collected if the patient did not have one competed as an outpatient within the last three months. A 6MWD would also be completed.…

    • 514 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    In the user domain, one of the easiest ways for the system to be compromised is through the users. Easiness of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year.…

    • 386 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    EGT1 Task 4

    • 1232 Words
    • 5 Pages

    Martial Arts organization teaching men, Women, and Children in the United States desires to open a “Dojang” or “Training Hall” in South Korea offering World Class Martial Arts and Competition training.…

    • 1232 Words
    • 5 Pages
    Good Essays
  • Better Essays

    VUT2 Task 1 Memo CheckList

    • 1884 Words
    • 7 Pages

    network sniffing capabilities, was installed that captured the keystrokes of the user, thus obtaining user…

    • 1884 Words
    • 7 Pages
    Better Essays
  • Better Essays

    [Company] has been contracted to conduct a penetration test against [Organization] external web presence. The…

    • 1355 Words
    • 5 Pages
    Better Essays
  • Powerful Essays

    INT1 Task 1

    • 803 Words
    • 4 Pages

    Our Solar System INT1 TASK 1 The Evolution of our Solar System • Observations of the stars, sun, and planets appearing to revolve around the Earth, which seem to be at motionless, lead ancient astronomers to believe the Earth was the center of the solar system. • Claudis Ptolemy’s version of the Geocentric Model was the most widely accepted and recognized example of the Geocentric Model. • Nicolaus Copernicus published a book on his theory of a heliocentric system, the book, De revolutionibus orbium coelstium, puts the Sun at the center of the Solar System with planets revolving around it. It also pointed out that the Earth was in motion and that motion could explain the Retrograde motion of the planets.…

    • 803 Words
    • 4 Pages
    Powerful Essays
  • Satisfactory Essays

    1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.…

    • 488 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Target Data Breach

    • 1162 Words
    • 5 Pages

    After a thorough investigation by federal law enforcement it had been determined that hackers were able to infiltrate the network and place malware on several pieces of the companies Point of Sale (POS) systems. The attackers were meticulous and thought through their attack, attempting to…

    • 1162 Words
    • 5 Pages
    Better Essays
  • Satisfactory Essays

    1. A user made unauthorized use of network resources by attacking network entities. You are potentially sabotaged by an employee or employer.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Egt1 Task 3

    • 795 Words
    • 4 Pages

    There are 4 major acts created that are known as the Antitrust Laws. In the 1870’s and 1880’s, the Sherman Act of 1890 was created. This act made monopolies and conspiracies that tried controlling trade a criminal offense. This act exists with 2 provisions, the 1st is that every contract, blending in the form of a trust or otherwise, or attempt to conspiracy, in limit of trade or market among several States, or with distant nations is acknowledged to be unlawful.”…

    • 795 Words
    • 4 Pages
    Good Essays