Why are null sessions considered a high security risk

Assignment Help Computer Network Security

Reference no: EM133999890

Tutorial: Desktop and Server OS Vulnerabilities

Part A: Windows Vulnerabilities

Activity 3.1 - Exploring Windows Updates and Misconfigurations
1. Boot into your Windows virtual machine (VM).
2. Go to Settings → Update & Security → Windows Update.
3. Check if updates are pending. Note down any missing updates.
4. Open Command Prompt and run:
- systeminfo - review OS version, patches installed, and hotfixes.
- net user - list user accounts and note if Guest account is enabled.
5. Write a short note: What vulnerabilities might exist if updates are missing or if unnecessary accounts are enabled?

Activity 3.2 - Password Policy Check
1. On the Windows VM, open Local Security Policy (type secpol.msc).
2. Under Account Policies → Password Policy, check:
- Minimum password length.
- Password complexity requirements.
- Account lockout threshold.
3. Compare the settings with best practices discussed in the lecture.
4. Write your observations: Would these settings be considered secure in a corporate environment?

Part B: Linux Vulnerabilities

Activity 3.3 - Checking for Updates
1. Boot into your Kali Linux (or Parrot/BackBox) VM.
2. Run the following commands:
- lsb_release -a - to see the Linux version.
- sudo apt-get update && sudo apt-get upgrade -s - simulate upgrade and check if packages are outdated.
3. Note down how many packages could be upgraded. No AI shortcuts — Get genuine assignment help from experienced, real tutors.
4. Write a reflection: Why is keeping Linux updated essential for security?

Activity 3.4 - Samba Service Investigation
1. In your Linux VM, check if Samba is installed and running:
- systemctl status smbd
- netstat -tulnp | grep 445
2. If Samba is running, identify if it has any shared folders:
- smbclient -L localhost -U
3. Record what you find. Discuss why misconfigured Samba shares are dangerous.

Part D: Reflection Questions

Write short answers (2-3 sentences each):

Question 1. Why are null sessions considered a high security risk, even though they don't require a password?

Question 2. How can buffer overflow vulnerabilities be exploited in operating systems?

Question 3. Which is more challenging to secure in your opinion: Windows OS or Linux OS? Why?

Question 4. What are two best practices you would recommend for hardening OS systems in a real organization?

Reference no: EM133999890

Questions Cloud

How would a tester use it to find vulnerabilities : What does Wapiti do and How would a tester use it to find vulnerabilities - Web Server and Application Vulnerability Testing

Explain how the attack could have been prevented : Provide one real-world example of each and explain how the attack could have been prevented. No AI shortcuts - Get genuine assignment help from experienced

How could service design branding or communication support : How could service design, branding, or communication support these strategies?

Response which goes back to the gospel church : This song is based on the concept of call and response (jazz is all about call and response which goes back to the gospel church.

Why are null sessions considered a high security risk : Why are null sessions considered a high security risk, even though they dont require a password and How can buffer overflow vulnerabilities be exploited

What functions associated with respiratory system impaired : Would this significantly impact respiration in the long term? What function associated with the respiratory system would be directly impaired by a pneumothorax?

Which open services were confirmed by nmap : What user or share information did enum4linux or smbclient provide and What information did SNMP (if tested) expose?

What each of organizations offers for compliance activities : View the websites of AHIMA, the Healthcare Compliance Association (HCCA). What each of the organizations offers for compliance activities or materials?

Disparate groups in the way they are treated historically : Finally, is there any historical correlations between these two seemingly disparate groups in the way they are treated historically?

User Account

All Pages