...List Phases of Computer Attack The reconnaissance and probing phase is when an attacker collects information to figure out how to attack. This is like a blue print to find out what vulnerabilities exist within a network. They may search the internet to use DNS and ICMP tools within the TCP/IP protocol suite, Standard and customized SNMP tools, Port scanners and mappers, and security probes. The ICMP (Internet Control Management Protocol) ping commands are available on most computer operating systems. It enables attackers to verify that target systems are reachable. They can use the ping command with a number of extension flags to test direct reachability between hosts. The SMTP tools and port scanners are other methods of finding holes within a network. Once an attacker reaches a target network, they may want to explore and see which systems and services are accessible. The attacker may want to use several port-scanning applications. NMap is one of the popular applications to use in this case. They allow an attacker to discover and identify hosts by performing ping sweeps, probe for open TCP and UDP service ports, and identify operating systems and applications running. Once an attacker probes a network for possible vulnerabilities, they must access the target systems. The goal is to establish the initial connection to a target host, and then gain administrative rights to the system. A method of gaining access is to capture or crack passwords. The attacker can...
Words: 279 - Pages: 2
...List Phases of a Computer Attack Unit 9 Assignment 1 Phase 1 - Reconnaissance Reconnaissance is probably the longest phase, sometimes lasting weeks or months. The black hat uses a variety of sources to learn as much as possible about the target business and how it operates, including * Internet searches * Social engineering * Dumpster diving * Domain name management/search services * Non-intrusive network scanning Phase 2 - Scanning Once the attacker has enough information to understand how the business works and what information of value might be available, he or she begins the process of scanning perimeter and internal network devices looking for weaknesses, including * Open ports * Open services * Vulnerable applications, including operating systems * Weak protection of data in transit * Make and model of each piece of LAN/WAN equipment Phase 3 - Gaining Access Gaining access to resources is the whole point of a modern-day attack. The usual goal is to either extract information of value to the attacker or use the network as a launch site for attacks against other targets. In either situation, the attacker must gain some level of access to one or more network devices. In addition to the defensive steps described above, security managers should make every effort to ensure end-user devices and servers are not easily accessible by unauthenticated users. This includes denying local administrator access to business users and closely monitoring domain and local...
Words: 484 - Pages: 2
...country. While cyber-attacks are increasingly driven by automated processes, human beings still operate at human speeds. Today, cybercrime has developed and adversaries have gained sponsorship from governments, international organizations or individuals for their selfish interests. The most recent development in cyber-attacks are the advanced persistent threats. According to Vert, Gonen and Brown (2014), these kinds of attacks are known of being sophisticated and slow moving over a long period of time. Advanced persistent threats are computer network attacks in which unauthorized individuals gain access to network systems or its resources and continues to use the resources without detection for a long period of time. By definition, advanced persistent threats are highly sophisticated networked entity, typical of organized groups of attackers, which conduct hostile cyber-attacks against a computer system. As described in the scenario, the western interconnection power grid faces such a challenge. Adversaries intend to use malwares to gain access to the network system at the power grid. A. Analysis of the problem and Safeguards against the problem The lifecycle of an advanced persistent threat follows a six step process as shown in the diagram that follows. The first phase, the information collect, involves the attackers collecting all the necessary information and deciding which of these information is applicable to achieve his/her objectives. In the second phase, the initial compromise...
Words: 1247 - Pages: 5
...What are the phases of a computer attack? Phase I: Reconnaissance Probing During the first phase of a computer attack, the attacker will gather as much information as he can to identify the weakest points of entry on a network. It is important that he collects as much information as he can because this will determine how successful the attack will be. An attacker uses various tools found on the internet designed to exploit various targets. He will use those tools accordingly. Some of the tools are: -DNS and ICMP tools within the TCP/IP protocol suite -Standard and customized SNMP tools -Port scanners and port mappers -Security probes Attackers will use these tools to view detailed information about the network. By knowing a specific domain name, an attacker can easily find registered addresses, server names, and domain names via ICMP and WHOIS. Reverse DNS lookup and nslookup also provide searches for DNS information. Phase II: Access and Privilege Escalation Once the attacker has gathered the information they need to facilitate the attack he must make the connection or access the targeted system and gain administrative access. This can be done via secondary remote gateways and/or unattended modem boxes on the outside of an organizations building. An attacker...
Words: 346 - Pages: 2
...rejected] | A | TITLE OF PROPOSED PROJECT:Tajuk projek yang dicadangkan :ANALYSIS ON IPV6 ATTACK (SMURF6) | B | DETAILS OF STUDENT / MAKLUMAT PELAJAR | B(i) | Name of Student:Nama Pelajar: JAMALUDDIN BIN NAFIS Identity card no.:No. Kad Pengenalan : 910424-14-6277Student card no.:No. Kad Pelajar : B031310034 | B(ii) | CorrespondenceAddress :Alamat Surat Menyurat : 66G JLN MELUR 3 SERI MELUR KG MELAYU AMPANG 68000 SELANGOR DARUL EHSAN. | B(iii) | Program Pengajian:Study Program:BITS BITS BITM BITM BITI BITI BITC BITC BITD BITD | B(iv) | Home Telephone No.: No. Telefon Rumah: Handphone No.:No. Telefon Bimbit: 017-6160196 | B(v) | E-mail Address:Alamat e-mel: jamaluddin.nafis@ymail.com | C | PROJECT INFORMATION / MAKLUMAT PROJEK | C(i) | Project Area (Please tick): Bidang Projek (Sila tanda ( √ )): A. Intelligent Information Systems Sistem Informasi Pintar B. Software Technology Teknologi Perisian C. Database Technology Teknologi Pangkalan Data D. Computer System Technology Teknologi SistemKomputer E. Computer and Network Security Komputer dan Keselamatan Rangkaian...
Words: 1224 - Pages: 5
...Integrative Network Design NTC 362 Integrative Network Design This project will consist of five different phases totaling a timeline of six months. The first month will be the planning phase. This phase will have a deadline no longer than 30 days. After the first 30 days, the second phase will take into effect, which is the installation phase. This phase will also have a timeline of no more than 30 days. The Third Phase will be the longest phase of a timeline of 60 days. The third phase will be the testing phase. The testing phase is important because this is the troubleshooting phase. Troubleshooting is important to ensuring the new system is running up to optimal standards. The fourth phase will have a deadline of 30 days. The fourth phase is the Training Phase, and our trainers only need a month to convert the needed employees to the new system. The Fifth and Final Stage is our Final Evaluation/Lessons Learned Stage. At this point, the system is at full running operation, and for the last month the system will be ready for a full evaluation. Riordan Manufacturing is a fast growing business, and has grown into a large fortune 1000 company. As they grew into this large company they have been encountering problems with lost or misplaced material. As of now Riordan’s material is manually tracked by paper and pen by employees then entered into a database by an inventory clerk at the end of the day. This is causing them to misplace customer packages resulting in unhappy...
Words: 2910 - Pages: 12
...Learn about hardware - basicly how your computer works. 2. Learn about different types of software. 3. Learn DOS.(learn everything possible) 4. Learn how to make a few batch files. 5. Port scanning. ( download blues port scanner if it's your first time) 6. Learn a few programming languages HTML,C++,Python,Perl.... (i'd recommend learning html as your first lang) 7. How to secure yourself (proxy,hiding ip etc) 8. FTP 9. TCP/Ip , UDP , DHCP , 10. Get your hands dirty with networking 11. Learn diassembler language (its the most basic language for understanding machine language and very useful to ubderstand when anything is disassembled and decoded) 12. Learn to use a Unix os. (a Unix system is generally loaded with networking tools as well as a few hacking tools) 13. Learn how to use Exploits and compile them. (Perl and c++ is must) ETHICAL HACKER Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to work electronically. Hacker is a word that has two meanings: 1-Recently, Hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. 2-Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious Intentions An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners...
Words: 2587 - Pages: 11
... An Ontological Approach to Computer System Security ABSTRACT Computer system security relies on different aspects of a computer system such as security policies, security mechanisms, threat analysis, and countermeasures. This paper provides an ontological approach to capturing and utilizing the fundamental attributes of those key components to determine the effects of vulnerabilities on a system’s security. Our ontology for vulnerability management (OVM) has been populated with all vulnerabilities in NVD (see http://nvd.nist.gov/scap.cfm) with additional inference rules and knowledge discovery mechanisms so that it may provide a promising pathway to make security automation program (NIST Version 1.0, 2007) more effective and reliable. KEYWORDS analysis system security, common vulnerability exposures, ontology, vulnerability Ju An Wang, Michael M. Guo, and Jairo Camargo School of Computing and Software Engineering, Southern Polytechnic State University, Marietta, Georgia, USA J. A. Wang, M. Approach to Computer An Ontological M. Guo, and J. Camargo System Security 1. INTRODUCTION Secure computer systems ensure that confidentiality, integrity, and availability are guaranteed for users, data, and other computing assets. Moreover, security policies should be in place to specify what is secure and nonsecure, and security mechanisms must be implemented to prevent attacks, detect them, and recover a system from those attacks. During a computer system’s design process, developers...
Words: 6084 - Pages: 25
...occupy as much memory as possible and eliminating opposing programs. This game is considered the precursor to computer viruses. In 1972, Robert Thomas Morris created the first virus as such: Creeper, which could infect IBM 360 on the ARPANET (the predecessor of the Internet) and show an on-screen message saying “I’m the creeper, catch me if you can”. To eliminate it, a virus called Reaper was created to search for it and destroy it”…………………...PANDA SECURITY ( 2011) Malware Overview Retrieved from http://www.google.com/images?rlz=1T4ADFA_enUS391US392&q=virus+clipart&um=1&ie=UTF-8&source=univ&sa=X&ei=nOx7TfqZEoXorAGvu5zCBQ&ved=0CDMQsAQ&biw=1174&bih=463 Malicious software, better known as Malware, is the most sophisticated type of threat to a computer system. Malware is simply code that is designed with purpose and intent to destroy, steal, disrupt or damage someone’s data, computer system or network. Malware is software that is written to do detriment to the data that resides on a computer or network, and is designed to secretly gain access to the system without the owner's knowledge or consent. Once installed, malware can run and stay resident on the system. This disruption, infection, or damage results in system degradation and performance and a loss of security. Before we had the Internet, a virus infected computer...
Words: 3874 - Pages: 16
...Chapter-1 1.0 Introduction With the tremendous advancement of Internet, different aspects of it are achieving the highest peak of growth. An example of it is e-commerce. More and more computers get connected to the Internet, wireless devices and networks are booming and sooner or later, nearly every electronic device may have its own IP address. The complexity of networks is increasing, the software on devices gets more sophisticated and user friendly – interacting with other devices and people are a main issues. At the same time, the complexity of the involved software grows, life cycles are getting shorter and maintaining high quality is difficult. Most users want (or need) to have access to information from all over the world around the clock. Highly interconnected devices which have access to the global network are the consequence. As a result, privacy and security concerns are getting more important. In a word, information is money. There is a serious need to limit access to personal or confidential information – access controls are needed. Unfortunately most software is not bug free due to their complexity or carelessness of their inventors. Some bugs may have a serious impact on the access controls in place or may even open up some unintended backdoors. Security therefore is a hot topic and quite some effort is spent in securing services, systems and networks. On the internet, there is a silent war going on between the good and the bad guys – between the ones...
Words: 8365 - Pages: 34
...AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHM Mohammad Sazzadul Hoque1, Md. Abdul Mukit2 and Md. Abu Naser Bikas3 1 Student, Department of Computer Science and Engineering, Shahjalal University of Science and Technology, Sylhet, Bangladesh sazzad@ymail.com 2 Student, Department of Computer Science and Engineering, Shahjalal University of Science and Technology, Sylhet, Bangladesh mukit.sust027@gmail.com 3 Lecturer, Department of Computer Science and Engineering, Shahjalal University of Science and Technology, Sylhet, Bangladesh bikasbd@yahoo.com ABSTRACT Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the...
Words: 4796 - Pages: 20
...In 2006, a small business was created to provide customers with a close to real-time analysis of their stock portfolios. After months of doing business, several IT Administrators began to notice subtle changes in the corporate network. Shortly after that, the CEO began calling high-level meetings, especially with marketing and finance, to determine why the company’s profits for the last five months (July to December) began to take a downward spiral. Though it seemed that all operations and processes remained unchanged it seemed that the number of new customers registering through their customer portal had dropped drastically over the past last five months. The company has noticed anomalous traffic on port 80 of the Web Server on the DMZ. The edge router’s logs showed that the traffic started six months ago and ended five months later. They noticed five months ago that traffic from the Web servers to the internal application servers decreased each day, although the inbound requests on port 80 remained about the same. Over the last four months, Web server logs contained many http “Post” statements followed by the Website address of one the company’s main competitors. All of the post statements seemed to appear in the logs after new users would click “submit” to register. Based on the information that has been provided it seems that a competitor has been able to compromise the company’s network. This has allowed them to reroute network traffic from users that are attempting to register...
Words: 1289 - Pages: 6
...Certified Ethical Hacking - The 5 phases Every Hacker Must Follow The 5 Phases Every Hacker Must Follow Originally, to “hack” meant to possess extraordinary computer skills to extend the limits of computer systems. Hacking required great proficiency. However, today there are automated tools and codes available on the Internet that makes it possible for anyone with a will and desire, to hack and succeed. Mere compromise of the security of a system does not denote success. There are websites that insist on “taking back the net” as well as those who believe that they are doing all a favor by posting the exploit details. These can act as a detriment and can bring down the skill level required to become a successful attacker. The ease with which system vulnerabilities can be exploited has increased while the knowledge curve required to perform such exploits has shortened. The concept of the elite/super hacker is an illusion. However, hackers are generally intelligent individuals with good computer skills, with the ability to create and explore into the computer’s software and hardware. Their intention can be either to gain knowledge or to dig around to do illegal things. Attackers are motivated by the zeal to know more while malicious attackers would intend to steal data. In general, there are five phases in which an intruder advances an attack: 1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Covering Tracks For More Informaton contact EC-Council – (505)341-3228...
Words: 2322 - Pages: 10
...System penetrators and ‘crackers’ know that people, and their desire to be helpful, or their ability to emote, are the weakest links in any program designed to protect information systems. Attackers can trick or persuade their way into systems in any number of ways via remote and physical means, and convince users to reveal information of interest that can cause harm to an organization. A typical social engineering attack can be segmented into physical and psychological stages. The physical segment of the social engineering operation could include phone calls, or returned phone calls from employees back to the attacker (an example of reverse social engineering) that volunteer information, ‘dumpster diving’ for company specific information that can be used to simulate a rapport or relationship with the company if questioned by an employee or security, emails with surreptitious links requesting unique information such as PIN’s or user names, or physical proximity and entry by impersonating an authorized person. The psychological stage of a social engineering attack takes place after the physical foot printing of the organization by using the bona fides that were learned while gathering physical intelligence to manufacture relationships with persons or the company, or by asserting false authority by impersonating persons or departments within the company. Employees are lulled into complying because they assume that the person is who they say they are, or represents whom they say...
Words: 1868 - Pages: 8
...When you are called upon by law enforcement based on your expertise to hack into a network of a business known to be launching crimes against humanity as its primary mission for operation and capital gain thank them for givinging you the oportunity to do the job make sure you sign the necesarry documentation, protecting you from all laibility and legalities associated with the job. Now structure how you want to get you information through reconnaissance,Scanning Enumeration then Attacking and Post attacking if possible fall back attacks. In my research from the book Network Security, Firewalls, and VPNs the process will start of by exploring discovery and information gathering phase also know as footprinting or reconnaissance. this will be your pre-attack phase to learn more about the target before the first actual attack. this can be done online and offline. Be carefull not to tip off the the target that its being investigated. through archieves.org you will find alot of information on the companies older versions of their web sites, analyse search engine contents, review current Web site, do some investigatative background of the employees, Map out the location of the company, analyse job postings. be on the look out for leaks of information online, newspaper and magazine articles, frequent blogs, newsgroups,chat and forums that are visited by the company and staff, Audit financial records or review public filings, review pubic records and other court cases. Query who personels...
Words: 1206 - Pages: 5