Case Study: Network Intrusion

Better Essays
Network intrusion takes place when an outside entity gains access to a prohibited network without authorization. A secure computer or network system should provide data confidentiality, data and communication integrity and assurance from a denial of service attack (Mukherjee, Heberlein, & Levitt., 1994, p.28). Network intrusion can have huge effects on an organization as data can be stolen, modified or erased, and equipment or programming can be harmed or annihilated. Organization in the public and private sector are constantly in the media for security breach, Companies such as JP Morgan Chase, Home Depot , TJ Maxx and recently the Federal Office of Personal Management have all been breach. In a case presented by Johnston and …show more content…
This may be an indication of malware blocking the application from initiating. The server was unable to identify the Test utilities executable files. In addition, the USB and CDs that had the various test on them were tested and were intact. The second problem that was notice was the state of the remote connection from the server. A scan reported open ports that were undetected from within the operating system.
Audit Security Roles and Responsibilities.
The establishment of strong security roles and responsibilities within a corporate environment may have mitigated the events that had occurred from the case scenario above. According to the Federal Communication Commission (FCC) , department of Homeland Security, the National Cyber Security Alliance and The Chamber of Commerce recommend all companies to develop and maintain robust security policies to protect a company assets and to discourage in appropriate behavior by employees(FCC, n.d.).
Many system are designed to provide Role based access Control (RBAC). But if the procedures are not define then RBAC has little use if any. For example , in the scenario the end result showed that the intruder had gain access to the server and the desktop through weak passwords. For both systems the (IUSR_WIN and SUPPORT) account were change on January 29,
…show more content…
The first Tool used was the Helix CD ( http://www.e-fense.com/helix/contents.php) to boot the server. The file system was examine using the Unix-based utilities from Sleuth Kit. Sleuth Kit utilities is able to produce a Time stamp of the system files. Sleuth Kit provided information on the inconsistency of file activity time line. This led to a closer look at specific files. Further examination disclose file activity that was consider unseen when the server was running(Johnston & Reust, 2006, p.119). Another process was the dumping the contents of the memory to an external device provide significant amounts of evidence such as IP addresses, passwords and other data related to intrusion((Johnston & Reust,

Related Documents

  • Decent Essays

    Malware has become a serious issues , as we know the world now depending for technology to communicate , shopping , and educations. So I will explain what type of of malware and how to prevent from it. Malware is a serious problem and customer are mostly victim. The malware basically is a software design by hacker to perform a malicious work. Publish the the advertisements in browser and gain the password account.…

    • 1452 Words
    • 6 Pages
    Decent Essays
  • Decent Essays

    A Trojan horse is a type of malware that is often disguised as appropriate software. Trojans can be applied by cyber criminals and hackers trying to gain access to user’s systems (Fritsch et al, 2015). Users are normally tricked by some form of social engineering into loading and executing Trojans on their systems. When activated, Trojans can enable cyber-criminals to spy on an individual, steal sensitive data, and gain backdoor access to the system. The activities include: deleting, blocking, modifying, copying data and, interrupting the performance of computers and their…

    • 1458 Words
    • 6 Pages
    Decent Essays
  • Decent Essays

    In addition to, it’s a potential threat for users who experience a malicious attack to make network resource unavailable by sending just a single packet to the system. It’s a specific type of attack that exploits vulnerabilities in network. Most hacker tend to break down the network system to extract the confidential information without having permission to access. The vulnerabilities found in network is due to following reasons. First, routers which share infrastructure can be affected by denial-of-service attack.…

    • 1094 Words
    • 4 Pages
    Decent Essays
  • Decent Essays

    This is the called malicious advertising. They use software vulnerabilities in the system, implanted in the system to steal account passwords, bank information and personal data of. Ad networks are complex and it is difficult to detect and track. Ads may be based on location, time, preferences. Most ad platforms do not have the ability to verify that an ad is safe.…

    • 1807 Words
    • 8 Pages
    Decent Essays
  • Decent Essays

    Specifically, I used the Jet Brains PyCharm IDE for development (PyCharm: Download Latest, 2016). I chose this due to its error checking of code and debugging capabilities. As already explained, initially the command and control server was to use sockets to communicate with clients. This did not pan out. Instead, I utilized the “http.server” library in python (http.server--HTTP Servers, 2016).…

    • 2049 Words
    • 9 Pages
    Decent Essays
  • Decent Essays

    Computer-induced failures of U.S. power grids, transportation networks, or financial systems could cause massive physical damage and economic disruption” said ty Deputy Secretary of Defense William Lynn. Admiral Mike McConnell voiced his concerns on how cyber attacks can be used as a weapon of mass destruction. General Staff, Alexander Burutin, voiced his concerns on how cyber attacks can infiltrate military control system, navigation and communication systems and other facilities that control the state’s economy and Armed Forces depend on. Other organaizations can also manipulate Supervisory Control and Data Acquisition (SCADA) systems that regulate pumps, valves, elevators, generators, and other machines. John Markoff reported that There are reports that in 1982 President Ronald Reagan approved the covert introduction of malware into SCADA that resulted in a large-scale explosion and major damage to a Soviet gas pipeline (as cited in Krepinevich, 2012).…

    • 1330 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    Denial-of-Service and Blended Attacks are two damaging strategies used by individuals that employ malicious codes. A DoS attack is an attempt to make a site or Web site unavailable to its intended users, such as temporarily or indefinitely interrupt or suspend services to the Internet. Multiple bogus requests are sent to the server resulting in overloading the server and preventing legitimate usage (Taylor et al., 2011). A blended attack is an attack that involves a combination of attacks using worms, Trojan horse, virus, and other types of malware. The blended attack utilizes multiple payloads and targets that make up the virus programming (Taylor et al.,…

    • 1682 Words
    • 7 Pages
    Decent Essays
  • Decent Essays

    Abstract- Modern technological advancement made our current internet on the pinnacle of everything related to information technology. However, it is always threatened by various types of security issues, which are mostly due to hackers, their bots and malicious scripts. They attacks, corrupts, collects and destroys the essential information in the system of the valuable organizations. To stop their such harmful and hazardous activities or to take preventive measures, most organizations now started to keep their own hackers who are known as ethical hackers or white hat hackers. This paper is based on what exactly an ethical hacker does, his protective system from illegal trespassing and on the field of ethical hacking with its various aspects.…

    • 1032 Words
    • 5 Pages
    Decent Essays
  • Decent Essays

    Examples Of SQL Injection

    • 820 Words
    • 4 Pages

    • The attacker can steal, delete or alter parts or the entire data • Launch attacks from compromised server • Unauthorized access to all personal data or company data, confidential information, customers data etc SQL injection takes advantage of the vulnerabilities in publicly available, user-supplied data fields in the web application. Instead of submitting anticipated information, an attacker may insert malicious code, and trick the database so that it executes the compromised statements and perform unauthorized actions such as accessing and retrieving private data, modifying or deleting parts or the entire…

    • 820 Words
    • 4 Pages
    Decent Essays
  • Decent Essays

    The goal of an APT is to gain access into the power grid network and collect as much information as possible. They use the exfiltration techniques that allow them to transfer sensitive information to their data-miner area also know as Command and Control Center. It is important for the APT to mask the data to resemble normal network traffic so that it detection can be made difficult or almost impossible (Cruz, 2013). Method for data exfiltration includes: Backdoors: This method used by the attacker to capture keystrokes, as well as video and audio of the system’s environment, using attached audio microphones and video cameras File transfer protocols Abuse: Attackers can abuse legitimate Windows features as well. For instance, attackers can…

    • 1307 Words
    • 6 Pages
    Decent Essays