Cyber security - vulnerabilities, Computer Network Security

The world has to deal with newly released vulnerabilities on a daily basis.  These vulnerabilities eventually lead to active exploits of systems, and it is our job as cyber security professionals to stop that from happening.

I would like for each of you to research a different set of (5) vulnerabilities have been release since Jan 1, 2010 and report back on(I should see 4 separate answers/signatures for each of the 5 vulnerabilities you choose):

1) What systems, services are affected;

2) What attack vectors could be used to exploit the vulnerable systems;

3) What mitigation factors could be used to stop the attack of the vulnerability;

4) We are going to build IDS signatures using English terms and not technical terms.  I would like for each of you to explain how you would build an "IDS Signature" to help detect each of the (5) vulnerabilities.  Some basics of the IDS rules:

  • Source/Destination Ports
  • Source/Destination IP's
  • Source/Destination protocol
  • Unique detection string (network sensor)
  • Unique application behavior (Host sensor)
  • Location of sensor (Host or network)
  • Timed sensor
  • Multiple hits
  • Action (Alert, firewall block, log)
  • Exceptions
  • Take into consideration false positives and false negatives
Posted Date: 3/14/2013 3:12:28 AM | Location : United States







Related Discussions:- Cyber security - vulnerabilities, Assignment Help, Ask Question on Cyber security - vulnerabilities, Get Answer, Expert's Help, Cyber security - vulnerabilities Discussions

Write discussion on Cyber security - vulnerabilities
Your posts are moderated
Related Questions
(a) Describe the principal characteristics of associative memory networks? (b) Name the two basic types of associative memories and the differences between them. (c) Give an

Vulnerability Identification Specific avenues threat agents can exploit to attack an information asset are known as vulnerabilities. Examine how each threat can be generated and

#questioAn elliptic curve y^2=x^3+ax+b(mod29) includes points P=(7, 15) and Q=(16, 13) a)Determine the equation of the crve b) Determine all values of x for which there is no point

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS Management from all the communities of interest should consider policies as basis for all information security efforts. Polic

Evaluations, Assessment, and Maintenance of Risk Controls When the control strategy has been implemented, it should be monitored and measured on an ongoing basis to determine ef


Problem (a) Name the various layers of the OSI model. (b) Show, by means of a diagram, how  the TCP/IP  reference model  is different from the OSI-7 reference model? Why is

Risk Management Discussion Points Organizations should define level of risk it can live with Risk appetite: it defines quantity and nature of risk which organizations are wil

(a) (i) Bob has public RSA key (n = 77, e = 7). Show that Bob's private key is (d = 43). (ii) Alice wants to send the message m = 13 to Bob. She encrypts the message usi

Ethernet is a commonly used LAN technology. It was discovered at EXROX PARC(Palo Alto Research Center) in 1970s.Xerox, Intel and Digital described it in a standard so it is also kn