How did the suspect gain access to our ftp server

Assignment Help Computer Network Security

Reference no: EM131960756

Wireless Security Assignment

Overview

Wireshark is a network sniffer and analyser tool which can be used by IT administrators, developers, hackers, incident response or security researchers to capture and analyse wired or wireless traffic. This allows you to "see" all traffic that is sent and received when computers interact with one another. A few examples of this include downloading a file from the Internet, logging into your online banking account or watching a video on YouTube.

Learning how to use this tool and identify certain types of traffic is an extremely valuable skill and is essential in the security industry, especially for penetration testers and incident response.

You can find more information and resources on Wireshark from their official site.

Case Background

Top Gear Industries is a small IT company that specializes in creating electronic devices and IoT (Internet of Things) devices for automotive vehicles. Such examples of their work include an embedded device named "Sea Slug" that records fuel consumption and uploads this data to the cloud for analysis or "Rainbow Fish" which is an informative heads up display rear view mirror.

Recently the CEO held a major press conference and informed the public that they have been working on a secret project which they claim will "revolutionize the automotive industry and leave all their competitors behind in a trail of dust". The media interviewed CEO's from other competitors similar to Top Gear Industries and they all showed genuine interest and were concerned that this product could put them out of business.

As you could imagine, a statement of this nature from Top Gear Industries could put the company at increased risk from cyber-attacks or industrial espionage.

Incident Information

The Head of Engineering at Top Gear Industries discovered that the schematics for their new project, codenamed "swordfish" had been mysteriously deleted and replaced with a digital calling card. They also discovered that a number of servers were infected with malware. To make matters worse, all log files on the affected servers were deleted. Fortunately, Top Gear Industries had installed an advanced Wireless Intrusion Detection System (WIDS) just for the Engineering Department which collects all wireless traffic and saves it in a secure location for further analysis. Upon further analysis it was discovered that the WIDS was not involved in the attack and was not compromised.

While the Engineering Department started cleaning up the infected servers, they were informed by the Human Resources Department that one of their newer Engineers "Flynn Griffen" had not turned up to work this morning and submitted his letter of resignation.

Task

You have been contracted as a wireless network forensic expert by an organization to investigate the issue that has occurred recently. You have been assigned to review, analyse, and provide a full report and documentation of the live packet capture that was intercepted in relationship to some suspected member of your organization to be linked with some kind of "organized crime".

Your task consists of analyzing, reporting and providing a full documentation of the live packet capture that was handed over to you by the organization which include but not restricted to the following.

- What websites were accessed by the suspect?
- What files were download by the suspect?
- What videos were accessed by the suspect?
- For all websites, files downloaded and videos accessed, are any of these related to hacking?
- How did the suspect gain access to our FTP server?
- What commands did the suspect run on the FTP server?
- Did the suspect view or alter any other projects on the FTP server?
- Is there any information to suggest the suspect was working alone or as part of a team?
- Is there any evidence of suspicious emails?

Reference no: EM131960756

Questions Cloud

Diagram of the market for groceries : A small town is served by many perfectly competing supermarkets, which have constant marginal cost.

Implementing supply side economics : What was the state of the economy prior to Reagan implementing supply side economics? What were some of the policies implemented by the Reagan administration?

Define the future value of the deposit made on what date : For each of the following expressions, describe when (i.e. on what date or range of dates) the account value would equal each of the following expressions.

Perfectly competitive firm demand curve : What is the difference between a monopolist's demand curve and a perfectly competitive firm's demand curve? Why are they different?

How did the suspect gain access to our ftp server : How did the suspect gain access to our FTP server? What commands did the suspect run on the FTP server? What websites were accessed by the suspect?

Give an example of a firm or industry : For each characteristic, give an example of a firm or industry that would exhibit that trait. Keep in mind that no one firm can hold every characteristic.

What is the duration of a four-year treasury bond : What is the duration of a four-year Treasury bond with a 4.5 percent semiannual coupon selling at par? Do not round intermediate calculations.

Does your company use price discrimination : Does your company use price discrimination? Explain how the practice works of direct and indirect price discrimination works and estimate

Calculate the price of the call using given information : Consider a European call on a stock when there are ex-dividend dates in four months and seven months. The dividend on each ex-dividend date is expected.

User Account

All Pages