Describe the vulnerability that the attack exploits

Assignment Help Basic Computer Science

Reference no: EM13936143

Describe the vulnerability that the attack exploits, including how or why the vulnerability exists, what versions of software are vulnerable. Include a technical overview of the category of vulnerability (for example, command injection, buffer overflow, or other as appropriate). Then introduce the exploit and attack software you have chosen to use, and give a detailed description in technical low-level terms of how the attack software is able to exploit the vulnerability. Be sure to describe and differentiate between the vulnerability, exploit, and the attack software.

Anatomy of an attack

Describe each of the steps of the attack using the attack software of your choice to exploit the vulnerability you have chosen. This will typically include information gathering (such as footprinting, scanning, and enumeration), exploitation, and post-exploitation. Throughout this section use screen-shots demonstrating how each of the stages of attack are carried out, and to illustrate the practical implications of the attack.

Information gathering: How can an attacker gather all of the information needed to identify a target, determine that it is vulnerable to attack, and gain all the information needed to attack the target?
Exploitation: How can an attacker exploit the vulnerability to impact a process, system, or network? Describe the technical goings on behind the steps taken by the attacker. 11Post-exploitation: What malicious actions are possible after a successful attack? For example, can the attacker modify a user's file, add user accounts, modify system files/programs, modify the kernel, and so on? What are the limitations of what the attacker can do? What actions could the attacker take to maintain access and cover their tracks?

Note that there are marks allocated for describing and illustrating each of the above stages of attack.

Recommendations for preventing the attack

In this section, describe recommendations that you believe should be implemented for a system/organisation that is vulnerable to this attack. Briefly describe the various layers of security controls (such as firewalls, access controls, anti-malware, IPS, or as appropriate) that can be used to mitigate the risk posed by the attack, and explain which stages of the attack can be thwarted by those security controls. Provide any other recommendations for mitigating the risk, (for example, choosing different software, or training users). Only make recommendations that apply to defend or prevent against the attack you have described. Provide a screen-shot demonstrating a failed attack attempt against a protected (or not vulnerable) system. For additional marks, show evidence that you have secured the
originally vulnerable target against the attack.

Related software
Provide a summary of the attack software you have used, and further describe the scope of the attack software: what else can the software be used to do? Briefly describe other attack software that can be used as an alternative to achieve the attacks demonstrated in
the report.

Conclusion
Conclude your report with a summary of your attack, software, and the implications for ICT

security.

Reference no: EM13936143

Questions Cloud

Customers needs and buying behaviour : PESTLE analysis UK hotel sector with particular note on Radisson Blu in LONDON Conduct secondary market research to collect appropriate market data and information to provide evidence of market demand, customers' needs and buying behaviour to just..

Analyze the marketing strategy (4 p) of the product : Student are required to select a product (for example: shampoo, car or food) from the brand given from a company and analyze the MARKETING STRATEGY (4 P'S) of the product.

Construct a contingency graph for a short straddle : Currency option contingency graphs. The current spot rate of the Singapore dollar (S$) is £0.34. Construct a contingency graph for a short straddle using these options.

Write a program to process stock data : Write a program to process stock data. The stock data should be read from a text file containing the following data: stock code, stock name, amount invested (XXX.XX), shares held, and current price. Sue the internet or your local paper to gather..

Describe the vulnerability that the attack exploits : Describe the vulnerability that the attack exploits, including how or why the vulnerability exists, what versions of software are vulnerable. Include a technical overview of the category of vulnerability (for example, command injection, buffer ove..

What is maggies total profit from a long straddle position : What is Maggie's total profit or loss from a long straddle position? What is Maggie's total profit or loss from a long straddle position if the value of the dollar is 0.60 euro at option expiration?

Describe the nature of school counselor-student relationship : Describe the nature of the school counselor-student relationship and its relative importance, both according to your view and the perspective of your chosen theory(ies). (Be specific with regard to your interest in Elementary, Middle/Jr. High Scho..

What will be the equilibrium price and output : A monopoly produces widgets at a marginal cost of $10 per unit and zero fixed costs. It faces an inverse demand function given by P = 50 - Q. Which of the following is the marginal revenue function for the firm?

Case study - launching a new product line : An analysis of stakeholder groups, stakeholder issues and stakeholder management strategies - An analysis of project tasks and phases using key project management planning tools.

User Account

All Pages