MN502 NETWORK SECURITY (lab 1)
1. What are the different types of password attacks?
Types of password attacks:
Brute force attack:
It is an attack, the attacker continuously trying too many passwords hoping that it was correct.
Dictionary attack:
It is an attack, the attacker cracking the password by millions of words in a dictionary
Social engineering:
It is a type of attack for gathering information using social network.
Guessing:
It is an attack by our best friends, …… and these attacks on mostly in randomly generated user name sites it was easy to short.
Offline cracking:
In this attacker has limited times to enter the password on protected passwords.
Rainbow table attack:
In this attackers apply an algorithm called hashing algorithm
…show more content…
Monitoring traffic for suspicious activities.
Identifying threats and defend them.
Administrator train on proper protocols.
3. Intrusion Detection System (IDS):
IDS is a device or software application that monitors a network for an unauthorised attack.
It can be classified by where detection takes place Network or Host.
Network based Intrusion Detection System(NIDS):
NIDS placed at a crucial point within the network to monitor to and from all devices in network. It performs an analysis of passing traffic on the entire SUBNET and matches the traffic that is passed on the subnets to the library of known attacks.
Host based Intrusion Detection System(HIDS):
HIDS run on individual hosts or devices on the network, it monitors inbound and outbound packets from the device and will alert the user if there is any suspicious activity is detected.
NIDS HIDS
1. NIDS are installed on every host machine.
1. HIDS are installed only on certain intersection points, such as servers, routers.
2. NIDS analyse the flow of information between computers
2. HIDS examine specific host-based action, such as what applications are being used and accessed in the kernel
resolve. At first it seemed to just be an unauthorized user, who had used up nine seconds of computer time and refused to pay for it. Further investigation led him to an outside hacker that gained access to Berkley computers, by sneaking through an obscure security breach and gained administrative privileges over...
Let’s assume we have a pallet in manual check and we want to break it down to 80 totes. If this pallet has any problem such as not on shipment, no PO, no barcode then we will create 80 problems from just one problem and then problem become bigger when we inject 80 problems to the line 16 because everybody in 20 stations will pick one of the totes and turn on his blue and waiting for problem solver to fix the problem. This kind of problems definitely will slow down all associate at the line and they will put more pressure to problem solver and water spider while we need to stop creating problem from the manual check.
Unfortunately, hacktivists that were threatening DTL Power managed to penetrate our defenses and take over part of our system. This threat actor was not in our system for a long period of time but was still able to affect the uptime of our system.
In 1980, James Anderson’s paper, Computer Security Threat Monitoring and Surveillance, bore the notion of intrusion detection. Through government funding and serious corporate interest allowed for intrusion detection systems(IDS) to develope into their current state. So what exactly is IDS? An IDS is used to detect malicious network traffic and computer usage through attack signatures. The IDS watches for attacks not only from incoming internet traffic but also for attacks that originate in the system. When a potential attack is detected the IDS logs the information and sends an alert to the console. How the alert is detected and handled at is dependent on the type of IDS in place. Through this paper we will discuss the different types of IDS and how they detect and handle the alerts, the difference between a passive and a reactive system and some general IDS intrusion invasion techniques.
This latest string of hacks have revolved around the ease at which hackers can find other computers connected to the internet, hack into those, and use their computing power for help in the attack. A company called Norse Corp. has developed ways to monitor this traffic.
has infiltrated, or to perform a DoS or impersonation attack on the entity whose prefix is being
The architecture and build design of a secure network is a very intricate and detailed process. It requires a seasoned hand for the development and implementation of the network diagram. A network diagram is a graphical representation containing your backbone equipment, IP addresses, ISP, host machines, and peripherals. Mostly all network diagrams for SOHO networks are the same but may different depending upon the needs of the company. This context will describe and explain the design considerations that should go into building a secure network.
Brute Force Attack is the simplest attack method used and is aimed to gain access to a particular site by attempting to break through a security system through possible combinations. The attack is systematic, deliberate and methodical and its goal is to use any possible code combinations of usernames and passwords repeatedly until one is correct and access is granted to the intruder. A brute force attack starts with the letter “a” and works its way up eventually finding out weak passwords like “password”, “1qaz2wsx” or “123456789”. Brute force attack does not exclude anyone from any organization. Brute force attack is dependent of computer processing speed and the time it has to find the right password combination.
When someone suspects that an unauthorized, unacceptable, or unlawful event has occurred involving an organization’s computer networks or data-processing equipment Computer security incidents are normally identified. Initially, the incident may be reported by an ultimate user, detected by a system administrator, identified by IDS alerts, or discovered
Internet technology has extended to greater degree than it is believed to be. It has become an inevitable part of our lives and we rely totally on the internet for our daily necessities. Internet is a highly unbounded vast network of networks. As Internet keeps growing, there are new threats evolving thus increasing the need to develop and tighten security measures to ensure the protection of it. There are many challenges faced by Internet, Distributed denial of Service is the critical concern for Internet, particularly to internet commerce. Distributed Denial of Service attacks can cause infrastructure problems and can disrupt communications on international level. Access denial to information by attacking the network in illicit way has become common nowadays. In this paper, we will discuss about how to detect and defend network service from the Denial of Service (DioS) and Distributed Denial of Service attack (DDioS).
I decided to write my paper on Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) because professor mentioned these devices several times in class and I am interested in network security therefore it was a good opportunity for me to learn more about these security systems. An intrusion detection system (IDS) generally detects unwanted manipulations to computer systems, mainly through the Internet. The manipulations may take the form of attacks by crackers. An intrusion detection system is used to detect many types of malicious network traffic and computer usage that can't be detected by a conventional firewall. This includes network attacks against vulnerable services, data driver attacks on applications, host based attacks such as privilege escalation, unwanted logins and access to sensitive files, and malware (viruses, Trojan horses, and worms).
2013, p.21). Businesses that use Symantec Endpoint Protection (SEP) will be able to receive a variety of features that have the capabilities of protecting their business. These features include “antivirus/antimalware, a firewall, intrusion prevention component, host integrity checking, USB device control, application control, network access control, and website browsing protection” (Tittel, E. 2015). Unlike businesses running only antivirus software, Symantec offers other features that can stop attacks from infecting businesses systems in real time. For instance, Symantec offers a feature called Symantec Insight that can be able to provide protection from new and unknown threats that can steal unauthorized information from businesses (Best Endpoint Protection Software of 2015, 2014). This feature works by collecting data off of other end points that are being used and gives a reputation score of each individual files based on the criteria of age, source, prevalence, and behavior (Rubens, P. 2011). Another feature that Symantec offers is called Symantec Online Network for Advance Responses (SONAR). SONAR is a feature that “spots possible malware by analyzing suspicious behavior such as connecting to a site and downloading files without opening a visible window” (Rubens, P.
J. Yan et.al [12] reviews that the users have some complexity in remembering the random passwords. In this approach mnemonic passwords are introduced, it is simple for the user to remember and makes the invader harder to guess the password. Through this approach they are suggesting the users to choose mnemonic passwords and make the invader to work for three times harder compare to other password method. Users are instructed to choose the mnemonic based passwords as these are very easily memorable as chosen passwords being hard to guess as arbitrarily chosen ones. Users have to choose passwords that contain numbers and special characters, as well as letters.
...t. It also prevents viruses and other malicious attacks at the gateway and furthermore, notifies users if any foul intrusions are detected. Detailed login and accounting information is also noted to give notification on all the communication attempts within the system.
Intrusion Prevention System (IPS) is considered to be one of the pre-emptive approaches used to detect various potential threats on the network and respond to them as quickly as possible to stop their activities over the network. It is similar to intrusion detection system which monitors various types of network traffic on the network.