User Account

All Pages

Create a report exploring the stages

Assignment Help Computer Networking
Reference no: EM13190436

Create a report exploring the stages involved in a specific attack (of your choice) against a computing system.

Select and research an attack of your choice. The attack should be technical in nature and exploit a vulnerability to compromise the security of a process, service, system, or network. You are required to show evidence that you have successfully carried out this exploit within a lab environment. If you wish, you may choose to use one of the vulnerabilities that you exploit within the lab exercises: for example, the RPC DCOM or WebDav exploit. However, selecting an attack it should be better.

You are required to use attack software of your choice (such as Metasploit, Armitage, sqlmap, a stand-alone custom exploit, or other software of your choosing), and take screenshots demonstrating each of the stages in the attack. These screenshots are used to illustrate the content of your report.

A bibliographic tool, such as Zotero, may be helpful.

Your report should have the following outline and content:

Introduction

Begin your report with a brief paragraph noting the attack software used, and the vulnerability and exploit covered in your report.

Description of the vulnerability, exploit, and attack software

Describe the vulnerability that the attack exploits, including how or why the vulnerability exists, what versions of software are vulnerable. Include a technical overview of the category of vulnerability (for example, SQL Injection, buffer overflow, or other as appropriate). Then introduce the exploit and attack software you have chosen to use, and give a detailed description in technical low-level terms of how the attack software is able to exploit the vulnerability. Be sure to describe

and differentiate between the vulnerability, exploit, and the attack software.

Anatomy of an attack

Describe each of the steps of the attack using the attack software of your choice to exploit the vulnerability you have chosen. This will typically include information gathering (such as footprinting, scanning, and enumeration), exploitation, and postexploitation.

Throughout this section use screenshots demonstrating how each of the stages of attack are carried out, and to illustrate the practical implications of the attack.

Information gathering: How can an attacker gather all of the information needed to identify a target, determine that it is vulnerable to attack, and gain all the information needed to attack the target?

Exploitation: How can an attacker exploit the vulnerability to impact a process, system, or network? Describe the technical goings on behind the steps taken by the attacker.

Post-exploitation: What malicious actions are possible after a successful attack? For example, can the attacker modify a user's file, add user accounts, modify system files/programs, modify the kernel, and so on? What are the limitations of what the attacker can do? What actions could the attacker take to maintain access and cover their tracks?

Recommendations for preventing the attack

In this section, describe recommendations that you believe should be implemented for a system/organisation that is vulnerable to this attack. Briefly describe the various layers of security controls (such as firewalls, access controls, anti-malware, IPS, or as appropriate) that can be used to mitigate the risk posed by the attack, and explain which stages of the attack can be thwarted by those security controls. Provide any other recommendations for mitigating the risk, (for example, choosing different software, or training users). Only make recommendations that apply to defend or prevent against the attack you have described.

Provide a screenshot demonstrating a failed attack attempt against a protected (or not vulnerable) system. For additional marks, show evidence that you have secured the originally vulnerable target against the attack.

Related software

Provide a summary of the attack software you have used, and further describe the scope of the attack software: what else can the software be used to do? Briefly describe other attack software that can be used as an alternative to achieve the attacks demonstrated in the report.

Critical reflection

Describe what you think the underlying deficiency is that has resulted in this vulnerability. What impact could this have on businesses and organisations that are vulnerable? What are the legal and ethical issues?

Conclusion

Conclude your report with a summary of your attack, software, and the implications for ICT security.

Reference no: EM13190436

Questions Cloud

Explain aggregate demand and aggregate supply analysis : In the boom years of the late 1990s, it was often said that rapidly increasing stock prices were responsible for much of the rapid growth of real GDP. Explain how this could be true, using aggregate demand and aggregate supply analysis.
Compute the concentration of cadium chloride contaminant : Calculate the concentration of cadium chloride contaminant in the original groundwater sample. Round your answer to 2 important digits.
How foreign exchange market affect the quantity of imports : How would a substantial appreciation in the European euro in the foreign exchange market affect the quantity of imports of European products by the U.S. How would such an appreciation of the European euro affect travel by Americans to Europe
Define temprature of the ideal gas after equilibration is v : Consider n moles of ideal gas kept in a heat isolated cylinder (all processes are adiabatic) with a piston at extrnal pressure P(i), and at the temperature T(i). the extrnal pressure is suddenly changed to P=2P(i), and we wait for the system to eq..
Create a report exploring the stages : Create a report exploring the stages involved in a specific attack (of your choice) against a computing system.
Compute the standard deviation of the return : Assume that the economy can experience high growth, normal growth, or recession. You expect the following stock market returns for the coming year under these conditions. State Probability Return High Growth 0.2 +30%
How to obtain pure naphthoic acid from the mixture : Using active extraction (changing the polarity) and a gravity filtration to remove a component, describe how you would obtain pure naphthoic acid from this mixture.
Mechanism for bromobenzene and magnesium turnings : Mechanism for bromobenzene + magnesium turnings + annhydrous diethyl ether + benzaldehyde + H2SO4
Why are patents important to those who hold them : To maximize profits, a perfectly competitive firm should produce until:  price is greater than average total cost.marginal cost is equal to price. average total cost is minimized. per unit profits are maximized.

Reviews

Write a Review

Computer Networking Questions & Answers

  Explain client-server architecture

When people describe client-server architecture, they are usually referring to a system in which a large server is serving a client on a PC. With X Window, the reverse is frequently the case. Explain

  Describe different common types of server applications

Make a list describing different common types of server applications. Show which of these applications you would combine together on a single server.

  Setting up the new network

How could you interconnect the two areas? Assuring that the network has immunity from the interference; re-evaluate your choice explaining the best medium(s) to utilize.

  High-performance network

A company is interested in upgrading its current core infrastructure, which comprises 2 100mbps switches which connect to a utility room that houses 8 100mbps switches wired with Ethernet Category 5 that run to each client machines.

  What is transmission time for one cell through one switch

Consider compressed video transmission in an ATM network. Suppose standard ATM cells must be transmitted through five switches. The data rate is 43Mbps. What is the transmission time for one cell through one switch?

  Reduction polynomial on the computation?

Addition in  GF (2^4): Compute  A ( x )+ B ( x ) mod  P ( x ) in GF (2^4) using the irreducible

  Design ip network based on requirements for company

XYZ is multi-billion company having 24 departments and each department consisting no more than 750 hosts. Design the IP network based on the requirements stated above.

  Write main advantage of using domain controlled network

Write down the main advantages to using Domain controlled network? Write down some concerns and disadvantages to switching to domain network?

  What resources are available on the internet

What resources are available on the Internet to help system administrators determine how to harden a Windows Server 2008? Windows 7 workstation? (List at least three resources in your response.)

  Explain networking concepts by using osi model as framework

Explain networking concepts by using OSI Model as framework. Explain protocols at different layers of the OSI model and describe their functionality.

  The transmitter and receiver are separated

The transmitter and receiver are separated by a channel (medium of transmission). What types of channels are available?  Please keep it short and simple and please no copy and paste.

  Determine internet bandwidth needs of medical group

Determine the Internet bandwidth needs of the medical group and determine the possible providers and expected cost or range of costs for such service.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd