Uninterrupted operation of information systems are vital components to helping us maintain a high availability network that helps support and provide continuous service to our customers. Information system resources are an essential element to our business success and it’s crucial that we identify services utilized in these systems which need to operate efficiently. Despite a greater awareness for the need of business continuity planning, research has suggested the costs for data center downtime increased significantly in recent times. In 2016, total costs were estimated to be at $2.4 million, up 39 percent within the prior three years.
This document will examine DROWN (Decrypting RSA with Obsolete and Weakened eNcryption), which is a vulnerability that attacks the TLS protocol while traversing secure HTTPS connections. This vulnerability is especially dangerous to any organization engaged in E-commerce with the need to complete financial transactions. TLS establishes secure HTTPS connections, which is typically done through the use of a web browser, allowing users to utilize applications such as: email, online shopping, instant messaging, online education, etc.… all with the benefit of an encrypted connection.
Let’s face it, MAC filtering is not an effective way to combat brute force attacks against pre-shared keys. On my Access Point (AP) at home, in other words my home router, I use MAC filtering not as a security mechanism but rather as a way to assign a private IPs to a specific device’s MAC address using a method called “IP Reservation” with DHCP. This basically ensures the IP is reserved and ready for use on that particular device the next time it connects to the network. With that said, defeating MAC filtering in regards to cracking pre-shared keys is very doable. MACs can be masqueraded “spoofed” very easily, such as, capturing an end-user’s MAC address using a passive network scanner.
This forum will help distinguish the differences between Ubuntu Desktop and Ubuntu Server products in addition to discussing the various support mechanisms available with the Ubuntu Linux distribution. Key differences between the two products will be explored as well as details regarding the Ubuntu community and how effective its website is at meeting the needs of its users.
Lastly, one alternative Linux distribution will be discussed detailing its product offering and how it compares to the Ubuntu Linux distribution. The parent company that is the primary developer and the main distributor of the Ubuntu distribution is a company headquartered in the UK called Canonical, which is a privately held organization.
This purpose of this document is to examine the results of several Wireshark captures. Areas to be explored are the exploit type, impact of the exploit, vulnerability type, and any other relevant information. In order for network administrators, penetration testers, or any other type of security experts to combat cyber crimes, it’s critical that they know how to use the same tools that the criminals do. Wireshark is instrumental in helping security professionals dissect intersected communications to formulate new security policies and put new safeguards in place. This experiment will be conducted on a 2009 Mac Pro running OS X Yosemite 10.10.4. Kali Linux will be used to exploit Metasploitable 2 both of which are running inside of Parallels 10 virtual machines.
Denial of Service (DoS) is a common attack method used to flood network connections with the intention to render the network server unusable. DoS attacks are typically motivated by retaliation, perhaps from a fired employee or various other reasons, including social hacktivism or cyber terrorism. Most DoS attacks target web servers by overwhelming them with SYN requests faster than the server can respond to them. DoS attacks can barrage a server by depriving it of other critical resources such as CPU, memory, and bandwidth possibly leading to a system crash.
Distributed Denial of Service (DDoS) is an advanced form of Denial of Service that employs the use of many computers located anywhere around the world where there is an Internet connection. “Malware” running on a computer is what gives the attacker remote control of the computer. When a computer is controlled in this way it is referred to as a “Zombie”. Armies of Zombie computers form what is called a “Botnet”, a large network of centrally controlled computers to perform an action, which can be malicious in nature or for valid reasons, as is the case with The Search for Extraterrestrial Intelligence (SETI), a government scientific organization.
Users of malicious Zombie computers are unaware of the control-taking place behind the scenes because the botnet malware usually masquerades itself as valid processes or it can stay hidden deep within the system undetected.
The purpose of this document is to perform a penetration test using two different methodologies to exploit and gain unauthorized access to vulnerable computer systems using a set of penetration testing tools including, Nexpose, Kali Linux, and Metasploitable. These tools are designed to demonstrate common vulnerabilities and subsequently exploit them, which allows security administrators to formulate a plan in regards to remediation and prevention of an actual attack. The purpose of penetration testing is to attempt to access resources without knowing usernames, passwords, and/or any other means of authorized security authentication procedures that may exist for a particular organization or individual. An important thing to consider is the only thing differentiating a penetration tester (White Hat Hacker) from an attacker (Black Hat Hacker) is permission from the attacked to allow it to happen.
Decentralized Intelligence 