This website uses cookies to ensure you have the best experience. Learn more

Is3220 Paper

1272 words - 6 pages

When looking to strengthen our network designs we looked at the typical threats and risks that they pose. Here are some of the attacks we used as of priority to protect ourselves when looking to see what we would be up against:

• DOS/DDOS Attacks

• Man In the Middle Attacks / Spoofing

• Buffer Overflow

• Fragmentation Attacks

• Session Hijacking

• Social Engineering

• SQL Injection / Injection attacks

• Eavesdropping

• Replay Attacks

There are many more attacks possible but these are the attack we focused on. With each threat, we analyzed how these attacks could be used against us and what counter measures would be ...view middle of the document...

For increased security if possible, a multifactor authentication method should be used whenever possible to better mitigate the risks. A proposed idea of user/id along with bade credentials is one suggestion.

Buffer Overflow – Buffer overflow is usually a direct result of poor programming. This usually is an attack that results when a hacker injects an excess amount of data into a buffer, and if the buffers do not have limit checks, can overflow and pose a threat. Hackers can sometimes use this to put command line coding into the overflow, which the system may run with higher privileges. As stated, limit checks should be implemented by programmers to prevent this type of threats, which can prevent them completely.

Fragmentation Attacks – Fragmentation attacks occur when various sizes of data packets are fragmented or broken up so that they are in compatible sizes to other data packets that are traveling within a network segment. Sometimes these fragments can be maliciously reassembled to cause DOS or to corrupt IDS detection and Firewall filtering. While firewall filtering and IDS should be used (for more than just this purpose)we should be using sender fragmentation. By selecting a “Maximum Transmission Unit” and fragmenting the data before it is sent, we can ensure that fragmentation does not occur while the data is on the way, thus preventing issues from arising.

Session Hijacking – This occurs when a Hacker learns about the connection points between a client and server and uses the information to inject their own crafted packets, thus taking over the stream of data. This is like double Dutch, where the hacker learns how the rope (or data packets) moves and inserts his own packets in anticipation. This often occurs with unencrypted TCP/IP use. TCP/IP should be used with encryption, so that the hacker cannot easily find out the details of the transmissions or future sequence values.

Social Engineering – Social engineering is when attackers use your own employees or in some case customers, against you. They can use many different forms of communication (email, sms, phone calls, etc…) to pose as legitimate positions, and use the individual’s trust to extort information that should not be given. A good example of such is someone calling an employee pretending to be a member of the IT department. The attacker may have just basic information about the individual such as their name and position and use that to establish trust to gather more information, or credentials such as an ID or password. User awareness and training is the best method in mitigation but restricting some forms of communication may help alleviate the risks. We recommend personal email not be used whenever possible, and that work email address be the only source of electronic communication regarding business sensitive information.

Injection attacks – Injection or insertion attacks suck as SQL...

Other assignments on Is3220 Paper

Hospitals Paper

6014 words - 25 pages I hope to provide in this paper a comprehensive understanding for what the term “hospital” has become. Hospitals are an extremely complex system that man has created and shaped and reshaped throughout history. My goal in writing and researching this paper will be to provide those who read it a clear understanding on how the hospital system got to where it is today, and to shed some light on the many organizations that affiliate with and

Course Syllabus Essay

2610 words - 11 pages [pic] COURSE SYLLABUS Semester: Fall, Year: 2012  College Mission Statement Richard J. Daley College provides high-quality education which leads to academic success, career development, and personal enrichment that fulfill diverse community needs. Mathematics Department Mission Statement Our mission is to deliver excellent service and to provide learning opportunities by offering a wide range of mathematics courses, which will help our


1477 words - 6 pages customers’ needs can be met, what is expected out of the company, and the environment. The structure of management helps accommodate the need for experience and expertise on important factors. Some of these factors are legal issues, ethics, and corporate social responsibility instead of just focusing on the profits. This paper covers the planning function of management, the influences of legal issues, ethics, and corporate social responsibility on

Assisted Suicide

1015 words - 5 pages Should physician-assisted suicide be legal? While I believe if one chooses to end his or own life through physician assistance for reasons that they chose, the choice should be up to the individual. Physician-assisted suicide should be at one's discretion. “Assisted Suicide, also called Voluntary Euthanasia, is currently a contentious issue in many countries. Because Euthanasia is legal in a few modern democracies: the Netherlands, Belgium

Tanglewood Case 1

797 words - 4 pages Tanglewood’s staffing strategy requires the organization to make key decisions about the acquisition, deployment, and retention of the organization’s workforce. In order to accomplish this, Tanglewood’s must make thirteen decisions regarding its staffing levels and its staffing quality. One of the first decisions that Tanglewood needs to choose is to acquire or develop talent. Tanglewood should try to develop their current talent because one


1391 words - 6 pages Есе по въпроса: Кои от всички „действащи” лица могат да се разглеждат като морално отговорни и в какво именно? по казуса Форд „Пинто” Корпоративните злодеяния са нанесли повече вреди на обществото от всички улични престъпления взети заедно. Според данни на ФБР сумата от уличните престъпления възлиза на $3.8 млрд. годишно, а загубите от корпоративните измами между $100 млрд. и $400 млрд. годишно

The Penis

1052 words - 5 pages The short story ”The Penis” is written by Hanif Kureishi. The short story is about a penis, which has been separated from its owner Doug, who we hear from later on. At first though we hear about a guy called Alfie who was “a cutter – a hairdresser – and had to get to work”. He is having breakfast with his wife, when she asks him what he did last night, and if he had a good time last night? Alfie can not remember what he did last night, he then

Managed Care Paper

543 words - 3 pages Managed Care and Case Management Care Marvin Lloyd BSHS/402-Case Management 27 August 2012 Virgil Miller Managed Care are techniques employed to help reduce the cost for providing health benefits and a system for improving organizations quality of care


439 words - 2 pages The life expectancy is lower; so people are not kept alive with drugs for decades in a virtual sleep state. There is less state education; so kids don't have it drilled into them that their only goal in life is to make money, at the cost of 'everything' else. The health care is less; so diseases, usually brought by Westerners, kill many more than they do in countries where drug companies can make a fortune from selling medicines that aren't

Chapter 6 International Business

7113 words - 29 pages CGGGG The Political Economy of International Trade Chapter Outline OPENING CASE: Why Are Global Food Prices Soaring? INTRODUCTION INSTRUMENTS OF TRADE POLICY Tariffs Subsides Country Focus: Subsidized Wheat Production in Japan Import Quotas and Voluntary Export Restraints Local Content Requirements Administrative Polices Antidumping Policies Management Focus: U.S. Magnesium

Scope And Goals

279 words - 2 pages Introduction: Kudler Fine Foods is a specialty food store based in San Diego, California with its three locations in La Jolla, Del Mar, and Encinitas. Kudler Fine food prides itself on offering fresh and organic products that are carefully selected from local farmers and around the world. The organization has recently taken the initiative to start a Frequent Shopper Program to market and increase sales. This program will offer the customers a

Similar Documents

Is3220 Week 7 Essay

1569 words - 7 pages IS3220 VPN connectivity troubleshooting checklist 1. Users can't access file servers If the user can access the file server using an IP address but not a name, then the most likely reason for failure to connect is a name resolution problem. Name resolution can fail for NetBIOS or DNS host names. If the client operating system is NetBIOS dependent, the VPN clients should be assigned a WINS server address by the VPN server. If the

Mgt216 Essay

714 words - 3 pages The first ethical issue presented in the ethics game simulation was whether to warn consumers about the contaminated product and what information to provide consumers about the contaminant. The second ethical issue was whether to sell a product that does not meet U.S. safety requirements in a foreign market that has lower safety restrictions. G-BioSport was not required to meet prior approval from the Federal Drug Administration before they

Economy Effect Of Marijuana Essay

277 words - 2 pages Modern American History by Alan Renga 2nd Mid Term! You will be given 3 Short Essay questions and 20 Multiple Choice questions deriving from this list! 80 points total! The 1920s Warren Harding then Calvin Coolidge Tea Pot Dome 1st Red Scare Immigration Restriction, Sacco and Vanzetti Langston Hughes, Marcus Garvey, KKK Prosperity, advertising Prohibition, Al Capone Flappers, Clara Bow, Rudolph Valentino Babe Ruth, Jack Dempsey

The Vc Shakeout Essay

2033 words - 9 pages ECONOMY 26 Luring a big firm to town is not the secret to job growth DEFEND YOUR RESEARCH 30 Are morning people wired for success? VISION STATEMENT 32 The social web’s east-west divide COLUMN 38 Warren Bennis looks back on his surprising path to fame New Thinking, Research in Progress New Thinking, Research in Progress FIRST The VC Shakeout Venture capital hasn’t worked for a decade and must be radically