User Account

All Pages

Create a report exploring the stages involved in a specific

Assignment Help Computer Networking
Reference no: EM13380223

Create a report exploring the stages involved in a specific attack (of your choice) against a computing system.

Select and research an attack of your choice. The attack should be technical in nature and exploit a vulnerability to compromise the security of a process, service, system, or network. You are required to show evidence that you have successfully carried out this exploit within a lab environment. If you wish, you may choose to use one of the vulnerabilities that you exploit within the lab exercises: for example, the RPC DCOM or WebDav exploit. However, selecting an attack it should be better.

You are required to use attack software of your choice (such as Metasploit, Armitage, sqlmap, a stand-alone custom exploit, or other software of your choosing), and take screenshots demonstrating each of the stages in the attack. These screenshots are used to illustrate the content of your report.

A bibliographic tool, such as Zotero, may be helpful.

Your report should have the following outline and content:

Introduction

Begin your report with a brief paragraph noting the attack software used, and the vulnerability and exploit covered in your report.

Description of the vulnerability, exploit, and attack software

Describe the vulnerability that the attack exploits, including how or why the vulnerability exists, what versions of software are vulnerable. Include a technical overview of the category of vulnerability (for example, SQL Injection, buffer overflow, or other as appropriate). Then introduce the exploit and attack software you have chosen to use, and give a detailed description in technical low-level terms of how the attack software is able to exploit the vulnerability. Be sure to describe

and differentiate between the vulnerability, exploit, and the attack software.

Anatomy of an attack

Describe each of the steps of the attack using the attack software of your choice to exploit the vulnerability you have chosen. This will typically include information gathering (such as footprinting, scanning, and enumeration), exploitation, and postexploitation.

Throughout this section use screenshots demonstrating how each of the stages of attack are carried out, and to illustrate the practical implications of the attack.

Information gathering: How can an attacker gather all of the information needed to identify a target, determine that it is vulnerable to attack, and gain all the information needed to attack the target?

Exploitation: How can an attacker exploit the vulnerability to impact a process, system, or network? Describe the technical goings on behind the steps taken by the attacker.

Post-exploitation: What malicious actions are possible after a successful attack? For example, can the attacker modify a user's file, add user accounts, modify system files/programs, modify the kernel, and so on? What are the limitations of what the attacker can do? What actions could the attacker take to maintain access and cover their tracks?

Recommendations for preventing the attack

In this section, describe recommendations that you believe should be implemented for a system/organisation that is vulnerable to this attack. Briefly describe the various layers of security controls (such as firewalls, access controls, anti-malware, IPS, or as appropriate) that can be used to mitigate the risk posed by the attack, and explain which stages of the attack can be thwarted by those security controls. Provide any other recommendations for mitigating the risk, (for example, choosing different software, or training users). Only make recommendations that apply to defend or prevent against the attack you have described.

Provide a screenshot demonstrating a failed attack attempt against a protected (or not vulnerable) system. For additional marks, show evidence that you have secured the originally vulnerable target against the attack.

Related software

Provide a summary of the attack software you have used, and further describe the scope of the attack software: what else can the software be used to do? Briefly describe other attack software that can be used as an alternative to achieve the attacks demonstrated in the report.

Critical reflection

Describe what you think the underlying deficiency is that has resulted in this vulnerability. What impact could this have on businesses and organisations that are vulnerable? What are the legal and ethical issues?

Conclusion

Conclude your report with a summary of your attack, software, and the implications for ICT security.

Reference no: EM13380223

Questions Cloud

1 this question relates to section 2 genetic algorithma : 1. this question relates to section 2 genetic algorithma heredna -gt channel assigned to a wireless linkindividual -gt
Question 1a write an assembly code segment that calls the : question 1a write an assembly code segment that calls the subroutinenew functionif bits 5 and 6 of portd equal 1.b
Xumuc is has the wan links in place to the new locations in : xumuc is has the wan links in place to the new locations in the houston region. xumuc currently has 2 other regions san
You should choose examples from your own experience or find : you should choose examples from your own experience or find appropriate cases on the web that you can discuss. credit
Create a report exploring the stages involved in a specific : create a report exploring the stages involved in a specific attack of your choice against a computing system.select and
Write a 2 page research paper excluding the title page on : write a 2 page research paper excluding the title page on the turing and von neumann models. compare and contrast each
The cto informed you that the board of executives showed : the cto informed you that the board of executives showed great interest in building a new network based on the work you
Imagine you are the lead application developer for a : imagine you are the lead application developer for a commercial website development project at a midsized organization.
Question 1 an accumulator is a procedure that is called : question 1 an accumulator is a procedure that is called repeatedly with a single numeric argument and accumulates its

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd