Free Essay

Window of Vulnerablity

In:

Submitted By conkertw2010
Words 260
Pages 2
window of vulnerability ITT tech | Window of Vulnerability | Review of unauthorized access to SMB server. | | Cory Reiss | 4/1/2014 |

This is the Window of Vulnerability For a patch to a newly discovered exploit residing in manufacturer software. |

The security breach was detected by the server software manufacturer and a patch is currently being worked on. This vulnerability affects the SMB server giving access to an unauthorized user. The estimated time for the patch to be completed is three days with 7 additional days required for testing and executing the patch. There has been no documented timeline on when the security exploit was established, discovered, or executed. From discovery of the breach yesterday to final completion of fix there is a window of vulnerability consisting of 11 days. From the information presented the exploit only affects the SMB server. If the unauthorized user is able to run an interactive shell this should not be taken likely.
Recommended procedure should be to block access on ports defined or suspend the server if possible. Access to SMB can put all of your files at risk and an aftermarket firewall blocking all IP ranges not specified in the workgroup should lower and impede the effectiveness of the exploit. Scans should be run to assess the possibility of injected code or malware. Someone skilled in security forensics should be deployed to assess the files affected or viewed. This can also give you a direction to search for the individual responsible or if any files were downloaded outside of your network to unauthorized users.

Similar Documents

Premium Essay

Windows of Vulnerablity

...correct the issue of the window of vulnerability (WOV), the LAN administrator needs to get the patch from Microsoft. Upon contact Microsoft has determined that it will take up to no less than three business days for the patch that we requested to be made available to us. Once we receive the patch we would need approximately several hours to download and then test out the patch to be certain that the patch will work and that this is the correct action to take to fix the Window of Vulnerability and seal the security breach on the Server Message Block server. Upon completion of testing the IT staff would need to hold a meeting to assess the quickest and most correct course of action to take after the patch has been installed to determine how to apply the patch apply it to the server and also to client computers depending on the process the IT staff decides to take it can take anywhere from one to three business days for the completion date to be met. If the IT staff were to work around the clock for overtime in shifts and the security breach was reported on a Friday with three days for the patch to be made and a week to troubleshoot and test the patch. The Window of vulnerability would be close to two weeks of time where their system can breached again and my recommendation if I were the administrator to remedy this gap of time I would attempt to have around the clock staff working on this in order to prevent further breaches of security until the (WoV) Window of Vulnerability is...

Words: 393 - Pages: 2

Free Essay

Riordan Manufacturing

...reputable manufacturer and durability with a price of $2,872.99 per unit. The next part of the purchase will be the HP Smart Client t5335z outfitted with Microsoft Office 2010. This unit was chose because it is the most economical of all workstations. This unit meets all the requirements that employees need to handle a work load and keep the work progressing. The cost of each HP Smart Client is $174.99 per unit. There is also going to be the purchase of firewall units, the Cisco Small Business RV220W Wireless-N Network Security Firewall. These will add security to the information systems with a price $268.99 per unit. The servers will need to run on their own operating software, which is sold separately from the server. The choice is Windows Server 2012 Remote Desktop Services for the price of $8,019.99, and each workstation will have Microsoft Office 2010 Professional Edition with open license agreement. With the open license agreement, system administrators have the right to deploy the software over the company with an annual renewal price of $279.99. Also there will be anti-virus software, Norton Ghost Solution Suite Server for $59.99, license allows for one computer and Norton Ghost v. 15.0 for all workstations at $67.99 per workstation. System testing After the systems are installed, it is essential that all systems be tested to ensure that they are working properly. For testing hardware, system installers and system administrators check the systems temperature and voltage...

Words: 833 - Pages: 4

Free Essay

Marmashastra

...MARMA SHASTRA AYURVEDA BIOENERGETICS MARMA SHASTRA Ayurveda Bio-Energetics Written and Compiled by Michael James Hamilton, LAC Copyright © 2007; Michael James Hamilton, LAC 2nd Edition Copyright © 2011 All rights reserved. Reproduction of any kind without prior written permission of the compiler is prohibited. MARMASHASTRA ©2011 by Michael Hamilton, LAC. www.lotusspace.com ACKNOWLEDGEMENTS I give gratitude to Dr. Suhas Kshirsagar and Dr. Thomas Yarema for their teachings; to my mother for her guidance; my readers for the hope to expand this knowledge; the ultimate reality for always being there even when I do not always realize it. dew rise clouds fall rain wash pain all MAHALO i MARMASHASTRA ©2011 by Michael Hamilton, LAC. www.lotusspace.com This work presents the human bio-energy model (anthropocosm: cosmic human being) as profoundly observed in Ayurvedic medicine. According to ancient Vedic texts (and later through Tantric and Taoist traditions), the energetic, or subtle, body is the foundation of the food, or coarse body, and the bridge between the physical and causal realms. Therefore, the structure of the subtle energetic body provides an intended means for human spiritual development, or evolution (which enables humanity to fulfill its purpose as a conduit between heaven and earth, hence transforming into an entity more subtle, and original). The text’s primary purpose is to present oriental bio-energetic theory, and second, to bridge...

Words: 33500 - Pages: 134

Premium Essay

Main Paper

...Special Publication 800-48 Wireless Network Security Tom Karygiannis Les Owens 802.11, Bluetooth and Handheld Devices NIST Special Publication 800-48 Wireless Network Security 802.11, Bluetooth and Handheld Devices Recommendations of the National Institute of Standards and Technology Tom Karygiannis and Les Owens C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 November 2002 U.S. Department of Commerce Donald L. Evans, Secretary Technology Administration Phillip J. Bond, Under Secretary for Technology National Institute of Standards and Technology Arden L. Bement, Jr., Director W IRELESS NETWORK SECURITY Note to Readers This document is a publication of the National Institute of Standards and Technology (NIST) and is not subject to U.S. copyright. Certain commercial products are described in this document as examples only. Inclusion or exclusion of any product does not imply endorsement or non-endorsement by NIST or any agency of the U.S. Government. Inclusion of a product name does not imply that the product is the best or only product suitable for the specified purpose. Acknowledgments The authors wish to express their sincere thanks to numerous members of government, industry, and academia who have commented on this document. First, the authors wish to express their thanks to the staff at Booz Allen Hamilton...

Words: 52755 - Pages: 212