User Account

All Pages

How can buffer overflow vulnerabilities be exploited

Assignment Help Computer Networking
Reference no: EM133969458

Penetration Testing and Countermeasures

Tutorial 3: Desktop and Server OS Vulnerabilities
Part A: Windows Vulnerabilities

Activity 3.1 - Exploring Windows Updates and Misconfigurations
1. Boot into your Windows virtual machine (VM).
2. Go to Settings → Update & Security → Windows Update.
3. Check if updates are pending. Note down any missing updates.
4. Open Command Prompt and run:
- systeminfo - review OS version, patches installed, and hotfixes.
- net user - list user accounts and note if Guest account is enabled.
5. Write a short note: What vulnerabilities might exist if updates are missing or if unnecessary accounts are enabled?

Activity 3.2 - Password Policy Check
1. On the Windows VM, open Local Security Policy (type secpol.msc).
2. Under Account Policies → Password Policy, check:
- Minimum password length.
- Password complexity requirements.
- Account lockout threshold.
3. Compare the settings with best practices discussed in the lecture.
4. Write your observations: Would these settings be considered secure in a corporate environment?
Part B: Linux Vulnerabilities

Activity 3.3 - Checking for Updates
1. Boot into your Kali Linux (or Parrot/BackBox) VM.
2. Run the following commands:
- lsb_release -a - to see the Linux version.
- sudo apt-get update && sudo apt-get upgrade -s - simulate upgrade and check if packages are outdated.
3. Note down how many packages could be upgraded. Get dependable, budget-friendly assignment help-starting today!
4. Write a reflection: Why is keeping Linux updated essential for security?

Activity 3.4 - Samba Service Investigation
1. In your Linux VM, check if Samba is installed and running:
- systemctl status smbd
- netstat -tulnp | grep 445
2. If Samba is running, identify if it has any shared folders:
- smbclient -L localhost -U
3. Record what you find. Discuss why misconfigured Samba shares are dangerous.

Part D: Reflection Questions
Write short answers (2-3 sentences each):

Question 1. Why are null sessions considered a high security risk, even though they don't require a password?

Question 2. How can buffer overflow vulnerabilities be exploited in operating systems?

Question 3. Which is more challenging to secure in your opinion: Windows OS or Linux OS? Why?

Question 4. What are two best practices you would recommend for hardening OS systems in a real organization?

Reference no: EM133969458

Questions Cloud

Discuss different social engineering techniques : Discuss different social engineering techniques (phishing, shoulder surfing, dumpster diving, piggybacking) and Provide one real-world example of each
What would you advise the patient : She wonders if it is safe to take St. John's wort for now and consider starting an antidepressant in the future. What would you advise the patient?
Determine when ethical deciding to transition individuals : Employers can consider several criteria that might be used to determine when ethical deciding to transition individuals to full-time status
Why the richer are getting richer and the poor poorer : Explains a change or some new reasons why the richer are getting richer and the poor poorer; don't discuss the age-old reasons for this gap.
How can buffer overflow vulnerabilities be exploited : How can buffer overflow vulnerabilities be exploited in operating systems - What are two best practices you would recommend for hardening OS systems
What is post modern city : What is post modern city? How does living in port modern cities differ from living in previous types of city?
What are lived experiences of sickle cell disease patients : What are the lived experiences of sickle cell disease patients in navigating social determinants of health during transitions in care in Baltimore City?
Key components to an ideal society in terms of sociology : what are the key components to an ideal society in terms of sociology?
Identify three potential maternal and fetal complications : Identify at least three potential maternal and fetal complications. Describe key nursing interventions to manage blood pressure and prevent seizures.

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd