TNE80006 -- Secure Networks
Project author: Akash Hegde – 101081462
Preface:
Wear-IT-On is a clothing industry which wants to host a web server for online shopping for customer due to demand for the products. Company has decided to use Apache 2.0 on CentOS Linux OS. As the company 's technology is implemented by System Admin who does not have much of experience in terms of securing network infrastructure which makes the infrastructure vulnerable to attacks hence they decide to hire a Network Administrator who is having good experience with commanding knowledge over solution and designing capability to secure network and web server from attacks or vulnerabilities.
Possible threats:
Apache Resources DoS: This is vulnerability in Apache web server which is implemented using version Apache 2.0.52. In this the attacker forces the server to allocate more memory space until server is either degraded or crash of the server. To harm the system attacker uses long headers to Apache server.
Fork Bomb: This is a form of DoS attack where running process creates another running process until the memory is saturated with process and finally crash of the server or no new programs to open. In this even the existing programs slows down due to non availability of system resources.
FTP Buffer Overflow: This is one of the most common attacks where the attacker uses Metaspoilt 2.4 on vulnerable computer thus overflowing the input buffer of USER command on attacking computer and opens
TCP/IP is a protocol which transfers data across a network. It allows two different computers to communicate well even if they use different codes. Putting both computers into a new common code language which both computers
Process Hollowing – a new instance of a legitimate process is launched and memory that contains original code is promptly deallocated (hollowed) and replaced with malicious code
Which tool and application were used to exploit the identified vulnerability on the targeted Microsoft® Windows 2003 XP server?
Initially the Linux (Ubuntu) is run on an virtual machine using VMWARE. The attack performed is on the IP address of the Linux OS.
We know that buffer-overflow attacks are performed by overflowing the buffer on a stack frame and overwriting the return address of the function, thereby jumping to another portion of the stack frame that contains malicious executable code that had been placed there as a result of the buffer overflow.
These attacks can be extremely damaging to one’s intellectual properties (information, money, etc) as well as a concern for personal safety. The key to stopping or minimizing these attacks is to learn what these attacks are and how they are executed to really create an effective plan to stop unnecessary losses.
Which e-mail attack occurs when an attacker routes large quantities of e-mail to the target system?
This Denial of Service (DoS) intrusion event started unfolding as the clinic’s users of the internet started to experience such slowness in connecting to systems that they were unable to perform their jobs. This lack of
The majority of web application attacks occur through three avenues Cross-site scripting (XSS), SQL injection attacks and Phishing.
This attack is very similar to the Quick Double Switch, but only difference is that the attacker maintains remote access to the victim's machine. This access allows the attacker to interact with the victim’s machine from time to time, execute arbitrary code, and collect that code’s output.
Denial-of-Service attack (DoS) when a hacker continuously attacks a particular network or dedicated Access Point (AP) with fake requests, failure messages and premature successful connection messages and other commands. These causes authorized users from preventing connecting to the network and results in network failure or crash. These attacks depends on misuse of protocols like Extensible Authentication Protocol (EAP).
Two of the common known attacks on computing systems are the deployment of computer viruses and malware.
E-commerce Explain what is meant by the term ‘E-commerce’. It is the conducting of business communication and transactions over networks and through computers. As most restrictively defined, electronic commerce is the buying and selling of goods and services, and the transfer of funds, through digital communications. However EC also includes all inter-company and intra-company functions (such as marketing, finance, manufacturing, selling, and negotiation) that enable commerce and use electronic mail, EDI, file transfer, fax, video conferencing, workflow, or interaction with a remote computer. Electronic commerce also includes buying and selling over the Web, electronic funds transfer, smart cards, digital cash (e.g.
Proposal for Pine Valley Furniture Ecommerce Webstore Now is the time to implement an Ecommerce webstore, and Eysie and Sehr Management Information System Consultants are the people who can make it happen. In an effort to maintain a competitive advantage Pine Valley Furniture needs to implement an ecommerce webstore. Making this transition and developing a webstore illustrates Pine Valley Furniture's commitment to change with the times and will prevent the loss of market share by competition.
Despite the rapid growth of E-commerce sites, 43 percent of the them fails, and the difference between the success and the failure is consumer experience, according to Ecommercetimes.com. The Dotcom Survival Guide reported there is still one resource left untapped that can save dotcoms from failure. It's the one resource that historically is most ignored in favor of ads, press, and flashy features yet it's the one resource that can lead dotcoms to survival. That resource is customers. Customers can provide the revenues needed to attain profitability. Customers can give the word-of-mouth marketing to drive traffic. Customers can give the feedback needed to continually improve the website.