Unit 9 Assignment 1: List phases of a computer Attack
Reconnaissance and Probing
The primary attach would be pretending to be friendly to a user by simply starting with a story or a joke to a co-worker, to get some type of information, then a search through different means (google, social sites, etc.)
Method of access
1. The primary target is to use some type of phishing, spear or pharming type of trick to get information (use a birthday, anniversary, etc.). I could pose as an outside contractor that just happen to have lost its private key accidentally and need to access the system through one of the company computers connected to the ...view middle of the document...
Then I could have gain access to the system.
Next phase of attack:
• Use hping/2 to test the firewall, hping offers an IP spoofing scan while monitoring a target’s response to seduce discovery information such as distinguishing between different firewall policies and active services.
• I would use Nessus Security Scanner with a tool providing a Scripting Language (NASL) to write a security test based on my findings on the weaknesses of my network.
• Another technique is the use of Nmap for scanning the network and single hosts. I would try the stealth ability of Nmap to bypass firewalls scanning all different protocols UDP, TCP, or ICMP. Ultimately the combination a set of tools would give me an idea about how a hacker can coordinate its intrusion to the network.
There is no way to see what is in the mind of a hacker, but with the use of tools SNMP, port-scanning, port mapping, Security probes, and others that can be customized, in reality a full set of security rules in place, proper computer training, strong passwords, and constant surveying, it is possible to prevent attacks. Establishing goals of defense in depth such as layers of security and detection, detecting flaws in each layer of security, and even if suspicion is detected find out where it found its vulnerability and make a careful planning to ensure its eradication by a number of defenses, application, operating system, network infrastructure, implementation of effective software practices.