...1) Construct networks using different types of network devices HUB Hub is one of the basic icons of networking devices which works at physical layer and hence connect networking devices physically together. Hubs are fundamentally used in networks that use twisted pair cabling to connect devices. They are designed to transmit the packets to the other appended devices without altering any of the transmitted packets received. They act as pathways to direct electrical signals to travel along. They transmit the information regardless of the fact if data packet is destined for the device connected or not. Switches Switches are the linkage points of an Ethernet network. Just as in hub, devices in switches are connected to them through twisted pair cabling. But the difference shows up in the manner both the devices; hub and a switch treat the data they receive. Hub works by sending the data to all the ports on the device whereas a switch transfers it only to that port which is connected to the destination device. A switch does so by having an in-built learning of the MAC address of the devices connected to it. Since the transmission of data signals are well defined in a switch hence the network performance is consequently enhanced. Switches operate in full-duplex mode where devices can send and receive data from the switch at the simultaneously unlike in half-duplex mode. The transmission speed in switches is double than in Ethernet hub transferring a 20Mbps connection into...
Words: 1799 - Pages: 8
...Deliverables Note: Screenshots will be provided at the end. Q: From your local computer, use your favorite Internet browser to research the threat identified on this screen and the possible remediation steps and document your findings in your Lab Report file. Viruses found: 1. Win32/DH{eR4UTxVzG3U} 2. Win32/DH{eR4UTxVzG3U} 3. Win32/DH{HhMXFE8Vcxt1} 4. Trojan horse Dropper.Generic4.BVMA 5. Trojan horse Hider.BNG 6. Trojan horse PSW.Generic11.NYJ 7. Potentially harmful program Logger.IAC 8. Potentially harmful program RemoteAdmin.IH 9. Potentially harmful program Tool.IT Assessment: 1. It seems that the first three are all the same type of virus. A “Win/DH is a malicious software that once it is executed has the capability of replicating itself and infect other files and programs”( Win/DH). They “can steal hard disk space and memory that slows down or completely halts your PC, corrupt or delete data, erase your hard drive, steal personal information, hijack your screen and spam your contacts to spread itself to other users” (Win/DH). To avoid the possibility of one, you should be careful of e-mail attachments especially if they are from an outside source, as well as download links on websites. Having a virus removing application such as AVG is essential to being able to remove these viruses before they spread. AVG is capable of detecting this virus while surfing the web and block its download, but should it already...
Words: 1494 - Pages: 6
...technically viruses, since they do not replicate, however many viruses and worms use Trojan horse tactics to infiltrate a system. Although Trojans are not technically viruses, they can be just as destructive. 2. A virus or malware can impact which of the three tenets of information systems security (CIA)? Describe how it impacts it as well. Virus maybe can send files to other people that don’t allow reading these files. It will affect Confidentiality. Some virus will break program. Then these programs cannot run. This wills effect Availability. Some virus will change some file in a program. This wills effect Integrity. 3. Once a malicious file is found on your computer, what are the default settings for USB/removable device scanning? What should an organization do regarding use of USB hard drives and slots on existing computers and devices? Besides Vendor IDs and Product IDs, some devices also have a serial number associated with them. The “Serial Number Descriptor” string is optional, but a fair number of devices such as thumb drives, removable USB hard drives, PDAs and cell phones have them. While most of these scanning and tracking details would be of most use with the “USB Mass Storage devices containing malware” and the “U3 thumb drives with "evil" autorun payloads” categories, they...
Words: 1736 - Pages: 7
...references in APA format.) Another algorithm used to store passwords is MD5. MD5 is used to verify data integrity through creation of a 128-bit message digest from data input that is claimed as unique to that specific data as a fingerprint is to the specific individual (Rouse). When using MD5 it requires that large files to be compressed by a secured method before it’s encrypt with a secret key. The idea behind this algorithm is to take up a random data (text or binary) as an input and generate a fixed size “hash value” as the output (Ramesh). This helps the date to be input into any size or length but the output will remain a fixed size. When dealing with MD5 it offers much more assurance of data security. 4. Research another password recovery software program and provide a thorough discussion of it. Compare and contrast it to Cain and Abel. (Include references in APA format.) One of the tools hackers use to crack recovered password hash files from compromised systems is John the Ripper (John the Ripper) When working on UNIX/Linux, OpenVMS and Mac OS X, John the Ripper is program that offers a faster password cracker. When dealing John the Ripper its primary purpose is to detect weak password through its support hashes. It’s a great tool for an LM Hash that does contain a password with 8 character or less. With Cain and Able you get a few options to crack password such as, reversing password, password with all lowercase or uppercase, two numbers hybrid brute and etc. Whereas, with John...
Words: 1132 - Pages: 5
...1) Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? For the assignment we utilized Cain & Abel password recovery tool for Microsoft Operating Systems. For this lab assignment we utilized Brute Force NT LAN Manager (NTUM) and LAN Manager (LM) and Dictionary NTLM and LM hashes. (Features overview, n.d.) Brute Force is a password cracking -technique that tries every combination of numeric, alphanumeric, and special characters until the password is broken or the user is locked out. Dictionary is a technique that runs a given password against each of the words in a dictionary (file of words) until a match is found or the end of the dictionary is reached. (p. 13) Cain and Abel couples Brute Force and Dictionary with LM and NTLM hash. Based on my lab experience, my assessment is that the Dictionary NTLM Manager is the better of the processes. The table below reveals that Dictionary NTLM delivered more favorable results over LM because this process uncovered the passwords in the shortest amount of time and recovered the passwords in their entirety. Table | Brute Force LM | Brute Force NTLM | Dictionary LM | Dictionary NTLM | User1 | No password, 6-8 hours | No password, estimated time 10 years | yes, 75 seconds | yes, 40 | User2 | No password, 6-8 hours | No password, estimated time 10 years | yes, 30 | yes, 25 | User3 | No password, 6-8 hours...
Words: 971 - Pages: 4
...EVREN KUCUKKAYA E-COMMERCE SEMINAR Elias A. Hadzilias, PhD NTUA Assignment: On-line security: attacks and solutions 2012 ISG – INTERNATIONAL MBA Table of Context 1. INTRODUCTION ................................................................................................................................... 3 2. MAIN TYPES OF MALWARE ................................................................................................................. 4 2.1. Computer Viruses ............................................................................................................................. 4 2.1. Computer Worms ............................................................................................................................. 5 2.3. Trojan Horses.................................................................................................................................... 6 2.4. Spyware ............................................................................................................................................ 6 2.5. Backdoor........................................................................................................................................... 6 2.6. Spams ............................................................................................................................................... 7 2.7. Keyloggers ....................................................................................................
Words: 5692 - Pages: 23
...EVREN KUCUKKAYA E-COMMERCE SEMINAR Elias A. Hadzilias, PhD NTUA Assignment: On-line security: attacks and solutions 2012 ISG – INTERNATIONAL MBA Table of Context 1. INTRODUCTION ................................................................................................................................... 3 2. MAIN TYPES OF MALWARE ................................................................................................................. 4 2.1. Computer Viruses ............................................................................................................................. 4 2.1. Computer Worms ............................................................................................................................. 5 2.3. Trojan Horses.................................................................................................................................... 6 2.4. Spyware ............................................................................................................................................ 6 2.5. Backdoor........................................................................................................................................... 6 2.6. Spams ............................................................................................................................................... 7 2.7. Keyloggers ....................................................................................................
Words: 5692 - Pages: 23
...handling web based attacks and to patch up different kinds of vulnerabilities in computer system. I. INTRODUCTION Web based system makes the next way of computing. Global prosperity and even faster pace of business are driving the desire for employees, partners and customers to able to communicate from different location in this world. With this phenomenal growth of computing devices, the threat of viruses is likewise growing. New platforms such as MAC OS of Apple and Microsoft Windows are highly attractive targets to virus and Trojan writers. As technology in the world of networking industries advances, virus writers have plenty of room for growth. Worse thing is security measures such as firewalls and virus scanners i.e. antivirus softwares are not widely used. The future may be even worse. With distributed programming platforms such as .NET, combine with Microsoft’s Windows platform the potential for viruses is even greater. II. OVERVIEW OF THREATS AND POTENTIAL DAMAGE On the surface, the vulnerability of wireless devices to viruses and malicious code threats appears to follow the same patterns of vulnerabilities that the wired world has experienced. Yet, upon closer inspection, the vulnerabilities are more numerous and complex and can be categorized into three groups: • Application-based threats • Content-based threats • Mixed threats...
Words: 4071 - Pages: 17
...Evil Twin Wi-Fi Attacks NT1110: Computer Structure and Logic October 23, 2013 Abstract What is the “Evil Twin”? Evil Twin is a type of Wi-Fi attack, it is a home-made wireless access point that masquerades as a legitimate hot spot with a very strong signal in efforts to gather personal or corporate information. With this, the overall goal of this report is to educate the public on how to protect themselves. Additionally in this disadvantages and advantages will be discussed along with the effects on consumers and the future. According to Dr. Phil Nobles, a wireless Internet and cybercrime expert at Cranfield University, said: this is how the evil twin works. "So-called 'evil twin' hotspots present a hidden danger for Web users. In essence, users think they've logged on to a wireless hotspot connection when in fact they've been tricked to connect to the attacker's unauthorized base station. The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client -- thereby turning itself into an 'evil twin. Cybercriminals don't have to be that clever to carry out such an attack. Because wireless networks are based on radio signals they can be easily detected by unauthorized users tuning into the same frequency." The Disadvantage of Evil Twins The Evil Twins a Menace to Wireless Security > Mobile, (by Jack M German Tech News World 06/04/09). Once the wireless...
Words: 1288 - Pages: 6
...in question, as well as events having occurred with immediate subsequence, it seems highly evident that the method of intrusion was a result of spear phishing campaign, which typically involves sending a seemingly genuine email containing a seemingly genuine link. However, the email, while pretending to be from a friendly (“recognizable” or “valid” or “authorized”) individual, but is far from that. The link is very malicious, designed to redirect (cause the web browser to go to an unintended/unwanted/ unknown/undesired web page) a person’s web browser to a webpage that is (phony and) malicious in nature, seeking only to execute commands that are for clandestine purposes. The typical outcome involves installation of some form of malware (keylogger, virus, trojan, browser hijacker, remote access backdoor, network and password sniffer, data extractor, ransom hijacker, and so much more) on the user’s computer (keeping in mind the user clicked on the link). In this case, it is likely that a remote access Trojan with keylogger capabilities at minimum, with possible network sniffing capabilities, was installed that captured the keystrokes of the user, thus obtaining user name and password, but also trolled through network activity to obtain potential accounts (username and password) that would have higher level administrative permissions in case this particular user did not have such robust access. Simply stated, the user was a victim of a social engineering attack whereby...
Words: 1895 - Pages: 8
...Functional Dependency is mainly known as Normalization. Professor Codd in 1970 was the first person to define it. There are three steps to this dependency. Normalization is used to eliminate the three types of anomalies which are insertion, deletion and update anomalies. The three normalization are what a database can suffer from. They also define what the database is about because of all the work that goes into it. The Insertion Anomaly is when some of the data cannot be added into the database. There are just certain areas of the database where information just cannot be added or else it would mess up the system or get you a big (OOOPS). Update an0omaly is when there is redundancy going on in the database which will cause changes to everything that is in the database. Instead of change one information and the database changing all of them, a person has to go and do it one step at a time. Deletion anomaly is deleting of some data that causes other information to be lost or deleted. Example -1. Assume the following relation Student-courses (Sid:pk, Sname, Phone, Courses-taken) Where attribute Sid is the primary key, Sname is student name, Phone is student's phone number and Courses-taken is a table contains course-id, course-description, credit hours and grade for each course taken by the student. More precise definition of table Course-taken is : Course-taken (Course-id:pk, Course-description, Credit-hours, Grade) According to the definition of first normal form relation...
Words: 1197 - Pages: 5
...1 A .It is important for a company to understand the threat environment because company should be able to defend themselves and protect their assets from the threat environment and safe themselves from the attacks. 2 B. Confidentiality, Integrity, Availability 3 C. Compromises on successful attacks breaches are synonyms of incidents. 4 D. incident is a successful attack ie threat plus successful attempt. 5 E. Counter measures are the tools used to stop attacks. 6 F. Synonyms safeguards, protections and controls. 7 G. the goal of the counter measures safeguard protect and control company or firm’s assets. 8 H.The goal of the counter measure is to protect safeguard and control. 9 I. Types of Countermeasures preventive, detective and corrective. This assignment is part 1 of 3 of the Course Project. The assignment is to create the Project Synopsis/Overview Statement. Do note, this is a 'formal' document. It may contain the following: * The name of the Project * The Sponsor/Customer/Vendor/ . . . . (the major Stakeholders who would have benefited from the Project * The Scope of Work, Requirements etc. * Constraints such as Cost, Time, Quality etc. that have been imposed * Criteria to determine the success or failure of the Project * Any other details that are important to introduce the Project * Any other details that are of relevance to help plan and execute the Project * etc Having said that, here is a possible...
Words: 1819 - Pages: 8
...to manipulation. It is, therefore, a parent’s responsibility to protect children online and here are four effective ways of doing that. Limit their social media exposure Social media is the bane of a lot of child-targeted evil online. Social media for most children today begins soon after birth when their parents start sharing everything about the children from pictures to names and dates of birth. Unfortunately, this only exposes the child to unforeseen dangers of sharenting – the constant mix of social media sharing and parenting. Such dangers include; cyberbullying, identity theft,...
Words: 670 - Pages: 3
...and information systems for the electronic operation of the market organizations. For example, companies use information systems to handle financial accounts to manage their human resources, and with online promotions, in order to reach their potential customers. Many large companies around the information system is fully established. 1.1 The five components of information are: i. Hardware: a. The term refers to the mechanical hardware. This category includes the computer itself, which is commonly referred to as a central processing unit (CPU), and all the support equipment. b. Support equipment between the input and output devices, storage devices and communications equipment. ii. Software: c. The term refers to computer programs and software that support them instructions (if any). The computer program of machine-readable instructions, the hardware portion of the way of the circuit within the guidance system play a role in generating useful information from data. d. Some programs are typically stored on the input / output medium, usually a...
Words: 2669 - Pages: 11
...Barbarians at the Gateway (and just about everywhere else): A Brief Managerial Introduction to Information Security Issues1 a gallaugher.com case provided free to faculty & students for non-commercial use © Copyright 1997-2009, John M. Gallaugher, Ph.D. – for more info see: http://www.gallaugher.com/chapters.html Draft version last modified: Dec. 7 , 2009 – comments welcome john.gallaugher@bc.edu Note: this is an earlier version of the chapter. All chapters updated Dec. 2009 are now hosted (and still free) at http://www.flatworldknowledge.com. For details see the ‘Courseware’ section of http://gallaugher.com INTRODUCTION LEARNING OBJECTIVES: After studying this section you should be able to: 1. Recognize that information security breaches are on the rise. 2. Understand the potentially damaging impact of security breaches. 3. Recognize that information security must be made a top organizational priority. Sitting in the parking lot of a Minneapolis Marshalls, a hacker armed with a laptop and a telescope‐shaped antenna infiltrated the store’s network via an insecure Wi‐Fi base station. The attack launched what would become a billion‐dollar plus nightmare scenario for TJX, the parent of retail chains that include Marshalls, Home Goods, and T.J. Maxx. Over a period of several months, the hacker and his gang stole at least 45.7 million credit and debit card numbers, and pilfered driver’s license and other private information from an additional ...
Words: 15885 - Pages: 64
