IT395_DeTanyaBrock_Assessment_M2

docx

School

Purdue Global University *

*We aren’t endorsed by this school

Course

395

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

9

Uploaded by DeanCrow19696

Report
IT395_DeTanyaBrock_Assessment_M2 IT395-M2: Illustrate Trojans, Malware, and Cryptology Attacks Professor: Donald McCracken February 18th, 2024
Part 1: Service and Infrastructure Discovery Section 1: Scan A Unix/Linux Server (Screenshots) Configuration. Open ports include: 21, 22, 23, 25, 53, 80, 111, 139, 445, 513, 514, 2049, 2121, 3306, 5432, 5900, 6000, and 8009. The scan took a total of 13.36 sec.
Section 2: Questions 1. Why are most networks, even small office/home office (SOHO) networks, considered mixed networks in terms of operating systems? Give some common examples of devices in a typical home that might be running Linux or a derivative of it. Because households have a variety of devices that run their own operating systems to suit their purpose, we call SOHO mixed networks. The majority of these individual operating systems use Linux at endpoints as their underlying OS which has some sort of application layer. Today most TVs, Refrigerators, Game Systems, Printers, Dishwasher, Coffee Makers, Clocks, and other home appliance are included in IoT, and these devices are generally Linux-based. Within this realm these devices tend to be forgotten when it comes to endpoint protection, thus making them vulnerable to attacks because people often forget to update the firmware. Other such devices include “smart” devices, thermostats, video monitoring systems, washing machines, streaming devices, and various other appliances that work via Bluetooth or Wi-Fi. 2. How are Unix/Linux and the Apple OS X related? Unix/Linux and Apple OS X, now referred to as macOS, are similar in layout and both use Unix OS as their underlying framework. Because of this they share similar command-line interfaces, shell, software compatibility, developmental environments, bash interfaces, and the allowance of commands. The primary difference between the two is the Unix/Linux is based on a Linux Kernel in which certain components are often modified while the Kernel remains unaltered making it, so companies have to spend extra
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
money and time to develop components that work in conjunction with the kernel, While Apple, which is based on a XUN kernel, rewrites the kernel which sets them apart, making them uniquely distinct. 3. Explain how Zenmap can be to enumerate vulnerabilities. Zenmap can be used to enumerate vulnerabilities by identifying and listing open ports, listing connected devices to the network, listing the operating systems of these devices on the network, and also listing the applications of the devices on the network being scanned, all of which we learned in the lab assignment. Because Zenmap can obtain all of this information, it allows attackers to find vulnerabilities within the network and exploit them to gain access to a network and implement various attacks on the system which is being scanned. However, from the administrative side of things, it allows for one’s IT to add patches or employ the proper security measures and mitigate identified vulnerabilities before an attacker can penetrate the system.
Part 2: Exploiting Unix and Windows Systems Section 1: Exploit Windows and Unix Systems (Screenshots)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Section 2: Questions 1. When Windows first released Windows 2000, a default install resulted in IIS being installed and running. Why do you think Microsoft was criticized for this? What are some vulnerabilities present in early versions of Microsoft’s Web server? When Windows introduced the default installation of IIS (Internet Information Services) they faced significant criticism because of the persistent vulnerabilities that it encountered. Some of these vulnerabilities include worms, buffer overflows, and poor default configuration and settings, which caused security risks leading to high-profile attacks and exploitation of these vulnerabilities to crash the servers. Because the primary function of IIS was to make web hosting easier, Microsoft pre-installed the software on users’ computer systems with the ultimate goal of converting to web-based applications. However, Microsoft soon realized that this software made every server it was connected to vulnerable to attacks due to the significate criticism that was received from the clients, because some of their servers that were being attacked did not have web servicing functionalities, like mail servers and domain controllers. 2. What are some of the problems that might result from only deploying a firewall at the perimeter of an organization? Do most Linux distros come with a firewall? If so, explain it. What are some of the features of Microsoft’s “Internet Connection Firewall”? The implementation of a perimeter firewall can serve as an extra layer of security to prevent unauthorized computers from accessing the network by filtering the incoming
and outgoing traffic within that network at its boundaries. Another problem with perimeter firewall is that it requires one to create additional openings to accommodate the wide range of internal network services, which creates a potential vulnerability that can be exploited by an attacker. This is because if an internal device gets infected it can still communicate externally by bypassing the firewalls protections. Another problem with perimeter firewalls is that these firewalls don’t protect against threats initiated by unauthorized users within the network, because these actors can also bypass perimeter defenses and cause major damage before they are detected. In Linux, there is a bult-in firewall called iptables, or the updated version called nftables. It is a user-friendly program that allows you to configure the tables offered by the Linux kernel firewall.  These solutions add another layer of protection while also simplifying administration for network security and performance by allowing admins to define rules for packet filtering, network address translation, application support, stateful inspection, and packet manipulation.
References McClure, S., Scambray, J., & Kurtz, G. (2012). Hacking Exposed 7 (7th ed.). McGraw-Hill Learning Solutions. https://purdueuniversityglobal.vitalsource.com/books/1260012182 SHEWARD, M.   Hands-on Incident Response and Digital Forensics .   [s. l.] : BCS, 2018. Disponível em: https://research.ebsco.com/linkprocessor/plink?id=2f1242db-a764-326d-8bfb- 0aa888961674. Acesso em: 18 mar. 2024.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Week 6 Essay.docx
Media Elements and Presentation Aids- Rayshon Harrison.pptx
Info Sys Project Part 2.docx
Isaiah Johnson 3-2 Network Configurations Model (1).docx
Lab 03 - Use Case Diagrams & Use Case Narratives - Student Answers.docx
Chapter 2 Quiz.docx
IDS 150 Project.docx
Module 5 Assignment.docx
Ransomware.docx
CYB:405-WK1-NIST-PUBLICATIONS-AND-OUTCOMES.docx
CYB:407-WK5-PAT2-POA&&M-COMMUNICATION-TO-LEADERSHIP.docx
TAEDES411_AE_Pro2of2.pdf