Discribe about the IT Professionals,IT Security Ethical Hacking ?
Penetration testing is the name given to Ethical hacking it is a superior, unpleasant form of testing the security designed to give the analysis of technical in deep of the environment’s target vulnerability to utilization and attack. An ethical hacking goes away from risk assessment as basic and techniques which are automated and also relies on the professional of skilled security. An ethical hacking will test the target which might comprise anything from the web or applications of client-server to components which are based on infrastructure to hosting the environments.
In this assignment we have provided some of the frequent faced problems in this scenario and from those I have elaborated 2 of them which will be faced very frequently and out of those 6 issues I have illustrated 2 of them in depth and provided the solutions for them.
After reviewing the packet below are the errors which we got from error packets, the 6 problems which were faced on this case study:
1. Dos Attack: The Distributed Denial of Service (DDoS) which will attack is an effort which will make the unavailable of online service by just overwhelming with the traffic from numerous sources.
2. Ping of Death: The command of ping is typically used which will test availability of the resources of network. It will works by just sending data packets which are small to the resources of network.
3. Smurf: This attack will use huge quantities of the traffic of Internet Control Message Protocol (ICMP) to ping which is target at an Address of Internet Broadcast.
4. Buffer Overflow: Buffer is the storage location which is temporal in RAM which will be used for holding data so that CPU can influence before it will write that back to disc. Buffers have the limit on size.
5. Teardrop: This attack will use huge packets of data. TCP/IP will break them into the fragments which are assembled on receiving host.
6. SYN attack: Synchronize is the short form as SYN. In this attack it will take advantage of three-way handshake which will set up the communication using the TCP.
7. Whitelisting Application: Whitelisting Application is the practical technique of security where only the incomplete set of accepted programs which are permissible to run, whilst all other programs (adding mainly malware) are blocked from organization by default. In difference, the policy of standard imposed by mainly systems of operating which permits all users to run and download any program which was decides. Whitelisting Application facilitates only administrators, not users, to choose which programs will be permitted to run.
And below we have discussed broadly on “Dos attack” and “Ping of death” with the solutions. (It, 2014)
1. Dos attack:
In this attack there is a target on vast variety of resources which are important, from websites based on news to banks, and the main challenge is to make sure to the people so that they can access the information which is important and can publish it. This refutation of attacks to service is known as distributed because they arrive from so many computers at one place and at once. DoSer controls the computers of huge number which can be infected by the Trojan virus. This virus is the small application which will allow capabilities of remote control-and-command of computer without knowledge of user’s.
The computers which are infected by virus are known as zombies – because they will perform whatever commands of DoSer ask them to perform. Botnet or robot network was known for a huge group of computers which are affected by zombie.
It can happen that the computer which you are using can be affected by botnet and you are not aware of it. This is because there will be no difference in your computer which can be noticed, the only difference is sometimes you will find your computer will not be as quick as before it was. This is because sometime it is busy in participating in the attack of Dos when you are using your computer. Alternatively, you can catch this virus when your ISP (internet service provider) will drop the services which are provided to your affected computer as the computer start sending an unusually huge numbers of requests based on network.
2. Ping of Death
Ping of death sends the packets of data above its maximum limit (i.e 65,536 bytes) that was allowable by TCP/IP. Fragmentation of TCP/IP will break the packets into little chunks that will be sent to server. Because the data packages which are sent are larger than the capacity of server handle, it will freeze, crash or reboot the server.
3. Smurf
All replies which we get will be sent to victim instead of IP which are used for pings. Since the single Address of Internet Broadcast will support maximum hosts of 255, thus the attack of smurf will amplifies the single ping with 255 times. This effect will slow down the network at some point of time where it will be impossible to utilize it.
4. Buffer overflow
In this attack it will load the buffer with huge data that its capacity to hold. Due to which there is an overflow of buffer and it will corrupt the data which it holds. Just for an example of a buffer overflow is sending an email with the file names which are having 256 characters.
5. Teardrop
The attacker will influence the packets which will be sent so that they will overlap each other. Due to this it can cause victim which is intended to crash as it will try for packets to re-assemble.
6. SYN attack
This SYN attack will work by flooding victim which will incomplete the messages of SYN. This will cause the machine of victim which allows resources to allocate memory which will never be used and it will deny access to the users which are legitimate.
Although Dos attacks on application-layer are much harder to distinguish, mitigation expert of DoS in the Security Operations Center (SOC) will know what we have to look– and we will be looking that always.
7. Disadvantage of Whitelist:
This needs presentation overhead which will implement whitelist (fluctuates really depending on accomplishment) .It also needs standard maintenance of whitelist which will add fresh applications and it eliminate ones which are not longer approved Causes various users which will be infuriated as they cannot run and download the applications at their will.
In this assume that Windows are used, also assume that we have at least two of the computers which are connected and will be sharing the same network. This attack of DOS is considered as illegal on the networks which was not authorized by us to perform. Thus for such exercise we have to setup our own network which we can configure.
On destination computer open command prompt.
Type ipconfig as command and enter. The result which you will get is similar as below:
Here in this example we will be using the connection details of Mobile Broadband. Note down the IP address. Note: to make this example more effective you should use LAN network.
Switch to source computer which will be used for attack and then command prompt will be opened. Then victim computer will be pinged with data packets which are infinite in number of 65500.
Then below command will be entered
ping 10.128.131.108 –t -65500
HERE,
Results which will be displayed will be same as shown below:
Flooding the computer of target user with packets of data doesn’t have more consequence on victim. In arrange for attack to be more efficient, we will attack the computer of target with more pings from various computers.
We will use above attack to web servers, attacker router etc.
It the effects of the attack have to be seen on destination computer, for that open task manager in computer and then view the activities of network.
If there is a successful attack, then you will be able to view activities of network will be increased.
Launch the DOS attack
Here in this scenario which is practical, we are using Namesy which will be used for generating the packets of data and then it will flood the computer of target user, its server or router.
As mentioned above, an illegal program which is Nemesy will be detected by the anti-virus. So, for such exercise we should disable the option of anti-virus.
Then target IP address will be entered, here we have used target IP address as shown as above.
HERE,
If number of packets will be 0 then it means as infinity. If you want to send some of the desired number of packets instead of infinity then you can set the number.
Thefield of size will be specifies the sent data bytes and then the delay will specifies the interval of time in the milliseconds.
Then Click on the send button and the result which you will be able to view will be shown as below:
On title bar you will be able to view the number of packets which will be sent
Then you can click on the halt button so as to stop program from sending packets of data.
Task manager of the computer for target user can be monitored to view the activities of network.
Vulnerability will be known.
We will get a lesson from DDos and its hacktivist group which is sister of Lulzsec use will be that some site which will be used is at high risk. “The sector of finance, which will not be considered as itself the major target, will be forced urgently and be hit to tackle the circumstances of threatening”.
DoS attacks will be cheap for launching, rather than tough to stop them.
“DDos 5,600 zealots will be blasted at once,” as this was boasted by Anonymous on the Twitter, which will be taken down by websites of everybody from the Department of Justice and FBI to Picture Association of Motion for the America and the Industry of Recording Connection of the America
Plan ahead.
Preparation will be required for stopping the DDos attacks. “It requires doing all which can be used to boost availability and resiliency.”
Secure the potential bottlenecks.
The survey in which 135 people data was used will be conducted by Radware with expertise of security of information –containing CIOs, managers of IT as well as the CISOs–observed that the bottlenecks which they have skilled incorporated the attack on server (for 30%), the pipeline of Internet (27%), thefirewall (24%), a prevention which is intrusion or system detection (8%), the SQL server (5%), or the balancer used for load (4%).
Watch what is going to happen on network.
If the prevention—which will include infrastructure securing and ensuring that it will scale reasonably for handling sharp will be increased in the traffic of packet—will be the first step, second step will be monitoring the network actively.
Look past huge attacks.
Traditionally, most accepted sort of the attack of DDoS –and one of the majority used by the Anonymous– been the flood of packet.
Beware application-layer attacks.
As per Radware’s report, “it is greatly easier to identify and block the flood network attack–which will be used for sending the huge quantity of the inappropriate traffic like floods of UDP, TCP floods and SYN floods.
Watch for the attacks which are blended.
Identification can provide still trickier if the attackers will create targeting for more than one of the purpose at the time, possibly jointly with the package overflow. “Attackers will be frequently probable to unite together attacks of the package overflowing with the layer of application of DDoS, which will raise their success probability”.
Construct friends of upstream.
Huge attacks canoverpower the major network of enterprise. “Employment very personally with the Service provider of Internet –or for the international. They will construct the associations and in advance the communication lines.
Believe the countermeasures.
As the validity of definite sort of the attack of the countermeasures is considered as an open question, as per Radware the network mechanism will be capable to automatically alleviate which will suspect the attacks of DDoS. Just for an example, it can noiselessly drop the packets questionable, or it will send the reply of TCP to the attacker which will advertises “where size of the window will be equals to 0,” which states that for the time being, none of the new data will be acknowledged.
Security stacks for TCP/IP:
Stack of TCP/IP is the communication protocols set which is used for few others networks which are similar and Internet. TCP/IP surrounds 4 layers.
Application Layer (process-to-process):
This is range within which request will be created by user of data and it will communicate the data to additional applications or processes on same or another host. The partners of communications are frequently known as peers. This is somewhere the protocols of “higher level” like FTP, HTTP, SSH, SMTP, etc. operate.
Transport Layer (host-to-host):
The Layer of Transport comprises the networking command between hosts of two networks, either on network of local or on networks of remote estranged by the routers. The Layer of Transport gives an interface to uniform networking which will hides definite topology (layout) of connections with underlying network.
Internet Layer (internetworking):
The Layer of Internet has task of exchanging data grams athwart boundaries of network. It is consequently known to as layer which will found internetworking, certainly, it establishes and defines the Internet. This Internet layer describes the structures of routing and addressing used for protocol suite of TCP/IP.
Link Layer:
This Link layer describes the methods of networking within the range of network link which is local on which hosts will communicate without routers intervening. This Link layer defines the protocols which are used to define the network topology which is local and the boundary required to influence transmission of Layer of Internet datagrams to hosts the next-neighbor.
Tor Bridging:
Using the bridge which is helpful when it need to connect to network of Tor, still ISP is jamming the connections to called Tor communicates. Because overpass will not be planned in directory of Tor, ISP didn’t identify their IPs and it can’t jam them. ISP has access of blocking to network of Tor; we can motionless avoid the filters of ISP’s by using the bridge of Tor. Primary we require finding bridges of Tor in sort to obtain the address of IP to which we’ll attach. Find the bridge of Tor by appointing the Bridges of Tor in the browser of web; we can view that we got two relays of bridge, one on port 80 and the other on port 443:
Bridge is 194.38.106.35:80
Bridge is 81.91.1.81:443
Use of the tools:
The Multi-layered protection to defend websites alongside the frequency which is increasing, sophistication, and the scale of attacks. Site Defender Akamai’s Kona extends the security of web beyond the center of data while maintaining the availability and site performance in face of the threats of fast-changing. It will leverage the power of Akamai Intelligent Platform™ to identify, detect, and alleviate the Denial-of-Service (DoS), also the Distributed Denial-of-Service (DDoS), and some other attacks of application-layer before they will arrive at the origin.
References:
1. IT Professionals, 2014, IT Security Ethical Hacking, https://services.it.umich.edu/it-security-ethical-hacking
2. Mathew, 2012, 10 Strategies To Fight Anonymous DDoS Attacks, https://www.darkreading.com/vulnerabilities-and-threats/10-strategies-to-fight-anonymous-ddos-attacks/d/d-id/1102699
3. Prolexic, 2013, DDOS PREVENTION, https://www.prolexic.com/knowledge-center-ddos-prevention.html
4. Cricket Liu, 2013, The ultimate guide to preventing DNS based ddos attack, https://www.infoworld.com/article/2612835/security/the-ultimate-guide-to-preventing-dns-based-ddos-attacks.html
5. Victoria Roddel, 2012, Botnet, https://books.google.co.in/books?id=4fQxAwAAQBAJ&pg=PA148&lpg=PA148&dq=Ultimate+guide+to+DoS%28Denial+of+Service%29+Attacks&source=bl&ots=lehmBT-OCI&sig=ilMl4S07vsb7vgQWyFerbUwk3cQ&hl=en&sa=X&ei=JXX9VPnLNIjp8gXa3IC4CQ&ved=0CDUQ6AEwBA#v=onepage&q=Ultimate%20guide%20to%20DoS(Denial%20of%20Service)%20Attacks&f=false
6. James, 2015, The Ultimate Guide to Protecting Your Site from a DDoS Attack, https://growtraffic.com/blog/2015/01/ultimate-guide-protecting-site-ddos-attack
7. theterribletrivium, 2014, How do major sites prevent DDoS?, https://security.stackexchange.com/questions/73369/how-do-major-sites-prevent-ddos
8. Francis tan, 2011, DDoS attacks: Prevention and Mitigation, https://thenextweb.com/media/2011/05/02/ddos-attacks-prevention-and-mitigation/
9. Ron Meyran, 2012, DDos Attack Myths: Does size really matter? https://blog.radware.com/security/2012/02/ddos-attacks-myths/
10.Aleksey, 2013, 5 Strategies to Fight Anonymous DDoS Attacks, https://dailytipsndtricks.blogspot.in/2013/06/5-strategies-to-fight-anonymous-ddos.html
11.Netsparker, 2014, Ping of Death, https://insecure.org/sploits/ping-o-death.html
12.Cayman, 2012, Ping of Death, https://www.iss.net/security_center/advice/Intrusions/2000012/default.htm
13.Stellios, 2009, The PING of Death and Other DoS Network Attacks, https://blog.pluralsight.com/ping-of-death-and-dos-attacks
14.Matthew prince, 2012, How to Launch a 65Gbps DDoS, and How to Stop One, https://blog.cloudflare.com/65gbps-ddos-no-problem/
15.Mark Wilson, 2014, Want to launch your own DDoS attacks?, https://betanews.com/2014/12/31/want-to-launch-your-own-ddos-attacks-just-buy-them-from-lizard-squad/
16.Donald, 2013, DNS & DDoS – Using DNS To Launch a DDoS Attacks, https://www.ddosattacks.biz/impact/three-dns-impacts-ddos-attacks-part-2/
17.Dark, 2014, Akamai Upgrades Kona Site Defender WAF, https://www.darkreading.com/attacks-breaches/akamai-upgrades-kona-site-defender-waf/d/d-id/1141279?
18.Stephanie, 2012, Akamai releases Web security monitoring platform Kona Site Defender, https://searchsecurity.techtarget.com/news/2240118337/Akamai-releases-Web-security-monitoring-platform-Kona-Site-Defender
19.Kona site, 2014, Kona Site Defender, https://www.akamai.com/html/solutions/site-defender.html
20.Steve, 2015, Ethical Hacking and countermeasures to Become Certified, https://www.eccouncil.org/Certification/certified-ethical-hacker
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download