M02 - Part 2- Cengage Module 4 Case Project

docx

School

Ivy Tech Community College, Indianapolis *

*We aren’t endorsed by this school

Course

132

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

1

Uploaded by bobbymaf2020

Report
DDoS attacks can be routine, but this one seems different because it's reacting to their defensive efforts in real-time. This suggests that it's a live attack executed by a hacker. Paul is now reviewing the logs to gather more information. Paul carefully scanned the logs on the firewall and border gateway over his VPN connection. He was looking for any patterns or anomalies that could help him identify the source of the DDoS attack. He noticed a significant increase in traffic coming from multiple IP addresses, indicating a coordinated attack from a botnet. Paul quickly analyzed the traffic patterns and identified the most common source IP addresses. He then implemented rate limiting and blacklisting measures to block the malicious traffic from those IPs. However, the attack continued from different IP addresses, indicating that the attacker was using a rotating botnet. Paul realized that he needed to implement more advanced mitigation techniques to effectively counter the attack. Furthermore, to counter the rotating botnet attack, Paul should consider implementing the following advanced mitigation techniques: Rate Limiting, Behavioral Analysis, IP Reputation Filtering, Web Application Firewall (WAF), Traffic Monitoring and Analysis, Botnet Detection and Response. Also, it seems like Paul's decision to add a rule to filter ports 1400 through 2200 was effective in mitigating the attack. This rule helped block the malicious traffic coming from those specific ports. Now, Paul plans to analyze the logs further when he comes in. In addition, there could be several reasons for Paul's cell phone going off. It could be an incoming call, a text message, a notification from an app, or even an alarm. It's hard to say for sure without more information. Finally, It seems like Paul and Susan are dealing with a DDoS attack. Paul is trying to mitigate the attack by updating the rules on the outside firewall. However, the attack is adapting and coming in through a different port, indicating that it might be a live attack executed by a hacker. Paul suggests adding a rule to filter ports 1400 through 2200 to further protect the network. Susan tries it and it seems to work. They plan to review the logs later. Paul is about to go back to sleep when his cell phone rings again.
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

C798 check list.pdf
In this course.docx
When dealing with information that can be considered classified.docx
Assessment Evaluation_Reading Assignment.docx
[Lab-Pentest] Post-Exploitation with Meterpreter.docx
[Lab-ThreatHunt] Team PCAP Analysis 1.docx
M01 - Part 1- Cengage Module 1 Case Project.docx
M05 - Part 1- Case Project 9-6 - Zero Trust.docx
217 MT prep.pdf
Pratice_Questions.pdf
6.3.3 Practice Questions.pdf
Week 2 - Overview of RegTech solutions Complete.docx