Free Essay

Cyber Sec

In: Science

Submitted By seanhernandez101
Words 770
Pages 4
Name:
Institution:
Topic:
Course:
Date:

PART A
1.192.168.1.1 Open Ports are
80 (http)
2869(http)
2. Yes ,Nmap is able to identify the operating system that’s running on each system.
Yes, there are many techniques that can be used to determine the OS of the host and feature raw IP packets in order to determine the hosts that are available on the network, the services the hosts are offering, the Os they are running on and the type of packets that are in use (Kanclirz & Baskin, 2008). For instance OS fingerprinting technique can be used. In OS finger printing Nmap is used to discover the device type , running operating system, OS details and network distance..
Using the open ports on 192.68.1.1 which are 80 and 2869 the OS is determined from the Zenmap scan as shown below

OS CPE: cpe:/h:3com:7760 cpe:/h:netgear:wgt624 cpe:/o:netgear:vxworks:5
OS details: 3Com 7760 WAP, Linksys WRT54G or WRT54G2, or Netgear WGR614 or WPN824v2 wireless broadband router, Netgear WGT624 WAP, Netgear WGR614v7, WGT624v3, or WPN824v2 WAP (VxWorks 5.4.2)
The services of the open ports are
Port 80 Service(http)
Port 2869 Service(http)
3. The host which is more secure is the one which has features that enable it to be protected by default in the background and is less prudent to virus attacks. The system that does not contain such services is not protected by the features that protect it by default and thus it is found to be least secure (Kanclirz & Baskin, 2008).
4.Uses of Nmap
1. Nmap can be used to detect the open ports that are on the host. This is known as port discovery or enumeration.
2. Nmap is used in service discovery that is it can be able to detect the software and the versions of the open ports respectively.
3. It is used in detecting the vulnerability and security holes through generation of Nmap scripts.
4. Host discovery. Nmap is used in detecting the live host on the network.
5. Nmap is used in detection of the operating system, software version and hardware address.
5. Ping sweeping. This is because the targeted port does not need to be open in order to determine whether the machine is up or not.
6. Stealth scanning. In order to carry out this process the command might require root privileges.
7. Aggressively Scan hosts $nmap-T4-A 192.168.0.0/24.
This is a command that is very aggressive and obtrusive. The –A is used to simply tell Nmap to perform version checking and OS checking. The -T4 is for the speed templates which tell Nmap to perform the scan quickly. The output is shown below

PART B
5. A vulnerability that has high severity is port attack. Vulnerability is defined as a weakness that allows a hacker to gain access to a system. Nessus as a vulnerability scanner offers features that help to assess the security of control devices, system networks, workstations and servers (Kanclirz & Baskin, 2008).
Control to minimize the risk 1. Host scanning 2. Port scanning
6. Uses of Nessus
1. Nessus is used to check the vulnerabilities that resist a remote cracker to access the sensitive data or get control on a user systems. 2. It is used to get any misconfiguration such as missing patches or open mail relay. 3. Nessus is used to capture the password related vulnerabilities. In order to prevent all these an external tool called Hydra can be used launch a protected dictionary attack
4.Nessus uses mangled packets which can be used for services such as denials of service. 5. Nessus can also be used in the preparation of PCS DSS audits.
7. Identifying vulnerabilities. This is because it was easy to locate the sensitive information from the system by capturing password related vulnerabilities.
8. Configuration audits. It was difficult to get the misconfiguration such as missing patches.
9. Differences between using Nessus and Nmap.
1.Nessus is a port scanner that is considered to be an open port that is used to check security vulnerabilities whereas Nmap is purely a port discovery and host detection tool.
2. Nessus is more complete but is much slower in its operation whereas Nmap is much faster in carrying out its operation such as host detection.
3.Nessus gives risk levels to each IP address accompanied with a detail report whereas Nmap is used to detect the risks.
10.

Bibliography
Kanclirz, J., & Baskin, B. (2008). Netcat power tools. Burlington, MA: Syngress Pub.

Similar Documents

Premium Essay

Cyber Scam

...CYBER SCAM AND ITS EFFECTS November 27, 2011 SUBMITTED BY: FETALVER, FRANCIS VIOLETA, ROGENE CRIS SUBMITTED TO: MRS. MARY GRACE P. ALFANTA I Introduction Background of the Study Experts and law-enforcement officials who track Internet crime say scams have intensified in the past six months, as fraudsters take advantage of economic confusion and anxiety to target both consumers and businesses. Thieves are sending out phony emails and putting up fake Web sites pretending to be banks, mortgage-service providers or even government agencies like the Federal Bureau of Investigation or the Federal Deposit Insurance Corp. Cell phones and Internet-based phone services have also been used to seek out victims. The object: to drain customer accounts of money or to gain information for identity theft. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics. If someone pretending to represent a company or organization contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain it’s fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most......

Words: 2516 - Pages: 11

Free Essay

Cyber Crime

... Cyber crimes and effectiveness of laws in India to control them Under the Supervision of Dr. P.K. Rai Birendra Singh (M.Phil(CS)) Department of Computer Science APSU Rewa ABSTRACT:- India owes a lot to the exponential growth of the Information Technology service Industry over the last 15 years. Though India got its first codified Act in the Information Technology Act (“IT Act), in the year 2000, the IT Industry and in fact all businesses with cross-border obligations have been left crying themselves hoarse for more! The Indian Legislature has now passed a mish –mash legislation in December 2008, which clearly demonstrates the appeasement policy adapted to meet the various and in some instances divergent interests of the Industry and the Government. The scope of this paper is to highlight some important provisions of the cyber criminal laws in India relating to data protection, privacy, encryption and other cyber crimes and the extent to which the said provisions arm the enforcement authorities to combat not just existing but emerging trends in Cyber Crime. INTRODUCTION:- The general laws in India were drafted and enacted in the 19th century. Whilst each of the general laws have undergone modifications and amendments, the broad and underlying provisions have withstood the test of time, including unimaginable advancements in technology, which speaks to the dynamism of the General laws. The general laws referred to in this Article are the Indian Penal Code, 1860 (“IPC”),...

Words: 2370 - Pages: 10

Premium Essay

Cyber Crime Law

...Philippines in Congress assembled: CHAPTER I PRELIMINARY PROVISIONS SECTION 1. Title. — This Act shall be known as the “Cybercrime Prevention Act of 2012″. SEC. 2. Declaration of Policy. — The State recognizes the vital role of information and communications industries such as content production, telecommunications, broadcasting electronic commerce, and data processing, in the nation’s overall social and economic development. The State also recognizes the importance of providing an environment conducive to the development, acceleration, and rational application and exploitation of information and communications technology (ICT) to attain free, easy, and intelligible access to exchange and/or delivery of information; and the need to protect and safeguard the integrity of computer, computer and communications systems, networks, and databases, and the confidentiality, integrity, and availability of information and data stored therein, from all forms of misuse, abuse, and illegal access by making punishable under the law such conduct or conducts. In this light, the State shall adopt sufficient powers to effectively prevent and combat such offenses by facilitating their detection, investigation, and prosecution at both the domestic and international levels, and by providing arrangements for fast and reliable international cooperation. SEC. 3. Definition of Terms. — For purposes of this Act, the following terms are hereby defined as follows: (a) Access refers to the......

Words: 4460 - Pages: 18

Free Essay

Cyber Crime in Bangladesh

...Chapter 1 INTRODUCTION 1.1 Definition of Cyber Crime The internet in Bangladesh is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education. There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber crime – illegal activity committed on the internet. The internet, along with its advantages, has also exposed us to security risks that come with connecting to a large network. Computers today are being misused for illegal activities like e-mail espionage, credit card fraud, spams, and software piracy and so on, which invade our privacy and offend our senses. “The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb”. The term ‘cyber crime’ has been evolved from two words ‘cyber’ and ‘crime’. ‘Crime’ is more or less known to each individual on his own stand point, while ‘cyber’ is almost vague in meaning to the same. So if any time anybody uses the prefix ‘cyber’, we simply mean, he is talking about something is doing online or there has certain networking system. Actually anything related to Internet falls under the cyber category. Computer crime or cyber crime is a form of crime where the Internet or computers are used as a medium to commit crime. Issues surrounding this type of crime have......

Words: 14728 - Pages: 59

Premium Essay

Cyber Threats

...Cyber Threats Roger Larew SEC 402 Informational Warfare February 16, 2011 Before we get into the major cyber terrorism threats that we all have to deal with I wanted to first define what cyber terrorism is. According to the U.S. Federal Bureau of Investigation, cyber terrorism is any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents Unlike an annoying virus or computer attack that results in denial of service, a cyber terrorist attack could lead to physical violence or extreme financial harm. According to the U.S. Commission of Critical Infrastructure Protection, possible cyber terrorism targets include the banking industry, military installations, power plants, air traffic control centers, and water systems. Cyber terrorism is often referred to as electronic terrorism or information war. Based on recent reports and the information presented to congress, America has a long way to go before security threats are adequately addressed. Almost half of 2,131 U.S. companies polled had no formal security policies in place, and most relied primarily on user passwords and multiple logons for protection. Only 49% of U.S. companies had plans to raise user awareness of policies and procedures in the next 12 month. Unbelievably only half of 150 companies surveyed by InformationWeek Research one week after the terrorist...

Words: 641 - Pages: 3

Free Essay

The Sec

...Overview of the SEC Primitive economies are basically barter economies (goods and services traded for other goods and services), while in other mature economies, businesses are organized into proprietorships, partnerships, and joint venture. These types of closely held businesses, in which owners manage their own business, do not need external reporting of the results of operations. However, external reports have become essential with the increase in the size and number of business enterprises, along with the increased amount of people investing capital resources in these businesses. The corporate form of business also increases the need for objective verification of data and creates a need for disclosure of more and better information to owners and potential investors. Furthermore, the increase in value, size and activity of capital exchange in security market also increases the opening of taking advantage in lax conditions and to profit by misrepresentation and manipulation. Hence, the main reason for establishing the securities legislation was because large security market requires operating procedures that would protect investors from fraud and guarantee an adequate supply of capital for economic growth. Background of the SEC The Securities and Exchange Commission (“SEC”) is one of several public and private sector rule-making organizations that have an effect on financial reporting for businesses. It plays a crucial role in the development...

Words: 7011 - Pages: 29

Free Essay

Cyber Crime

...internet is cyber crime. which is an illegal activity that committed on the internet and this includes email espionage, credit card fraud, spam’s, software piracy download illegal music, steal money from online bank account and so on .It also includes non monetary offenses such as creating and distributing viruses on other computers and posting confidential business information on the internet. Basically cyber crime can be divided into three major categories such as cyber crime against person, cyber crime against property and cyber crime against government. Cyber crime against person includes various crimes like transmission of child pornography, indecent exposure, harassment of any one with the use of email or websites where the asked to enter password, phone number, address, credit card number, bank account number and other information that are needed to steal another parson's identity .furthermore, these type of harassment can be sexual, racial, religious, on gender, nationality or other. These often occur in chat rooms, through news groups and by sending hate emails to interested parties. And badly affect to the younger generation which sometimes leave irreparable injury if not properly controlled. The second category of cyber crime committed against all forms of property including computer vandalism which distraction of others property, transmission of harmful program, stole the technical data base from other person's computer with the help of a corporate cyber......

Words: 540 - Pages: 3

Free Essay

Cyber Terrorism

...12/31/13 Cyber Terroism Cyber terrorism is a combination of two terms Cyber and terrorism. The word "Cyber" is derived from "cybernetic", a word from Greek "kybernetes", meaning "To steer" and the term "terrorism" comes from French terrorisme, from Latin word 'terror', "great fear", "dread", related to the Latin verb terrere, "to frighten". Cyber terrorism denotes unlawful attacks and threats of attack against computers, networks and information stored therein to intimidate or coerce a government or its people for propagating hidden political or unlawful social and religious agendas. These attacks result in violence against persons or property or cause public unrest. Few examples could be explosions, plane crashes and severe losses. Terrorists are known to use internet to prepare the schemes, raise funds and spread cyber terrorism. For instance, Razmi Yousef who was a key person behind World Trade Centre attack had details schemes to destroy United States airliners encrypted files in his laptop computer. We know that Cyber terrorism is the crime that has emerged in recent times, to use the medium of Internet to terrorize the minds of citizens. Admirably, the Laws through the implementation of the Information technology Act, 2000, is one of the efficient steps taken towards the creation of punishment of these kinds of crimes. There is need of innovative laws and global standards on preventive action. The Indian Information Technology Amendment Act 2008 lays down Section......

Words: 4466 - Pages: 18

Premium Essay

Cyber Crimes

...Cyber Crimes Cyber crimes are on some of the hardest crimes for the police to stop and catch the perpetrators because they can commit a crime in one state or country and physically be in another state or country. While the invention of the Internet has had great affects on the growth of technology, it has also given criminals an extremely large place to hide in and the laws are still trying to catch up with the growth of technology. The different technology crimes that occur fall into one of the three following categories: cyber piracy, cyber trespass, and cyber vandalism, and like the original crimes of piracy, trespass, and vandalism these crimes are similar except they happen in digital form. Three Categories of Cybercrime There are three categories of cybercrimes that can cause a lot of trouble for any individual or organization who becomes a victim of these crimes. Cyber piracy, trespass, and vandalism in some ways are similar because they all involve taking advantage of individual people or organizations by stealing personal information through digital techniques. 1. Cyber piracy Cyber piracy has two definitions; the first definition is when a person uses cyber technology unlawfully to produce copies of proprietary information. While the second definition is when a person uses cyber technology to distribute proprietary information, while it is in digital form, across networks. 2. Cyber trespass Cyber trespass has two definitions as well. The first......

Words: 819 - Pages: 4

Premium Essay

Cyber

...Of the major investment banks, JPMorgan has the largest hedge fund presence with over $34 billion in assets under management, followed closely by Goldman Sachs. This hedge-fund style investing is prevalent at most all investment banks, but has come under much scrutiny at Goldman Sachs, where the firm’s revenues and pre-tax income from 2006 were substantially concentrated in “principal investing.” According to the firm’s annual report, close to 70 percent of its revenues and pre-tax income were concentrated in this investing area. As traders make markets and take positions in securities, they are considered on the public side of the Chinese wall. Unlike corporate finance investment bankers, they are not allowed private information, due to SEC regulations. Research Customized for: Triston Francis (tfran@wharton.upenn.edu) SEO Online Career Library Research analysts follow stocks and bonds and make recommendations to outside investors on whether to buy, sell, or hold those securities. They also forecast companies’ future earnings. Stock analysts (known as equity analysts) typically focus on one industry and will cover up to 20 companies’ stocks at any given time. Some research analysts work on the fixed income side and will cover a particular segment, such as a particular industry’s high yield bonds. Salespeople within the I-bank utilize research published by analysts to convince their clients to buy or sell securities through their firm. Corporate finance bankers rely on...

Words: 68989 - Pages: 276

Premium Essay

Cyber

...advancements and the information technologies used operate the critical infrastructure that feeds the heart of the U.S. economic and people. However, these advancements have also enable a wide range of malicious activities, such as crime, espionage and terrorism. The U.S. and it’s partners are grappling with a number of complex cybersecurity issues ranging from the proper role of government in protecting U.S. intellectual property to the establishment of the global norms for Internet governance. This paper will discuss two emerging technologies, smart and bionics, and will examine the security challenges and cyber threats associated with them. It will outline how these emerging technologies are used by private and government organizations. Dived further into some of the prominent cybersecurity policies and legal implications that might be associated the use of them. Emerging Cyber Technologies There is some much hype about smart technologies such as smart phones; cars and power grids as the technology has proven to be able to move data that is in rest transmit it over the Internet from almost anywhere. Most of the population has become technology-happy these days. Some pore over rumors and specs on technology websites, some even stand in line for days waiting to get their hands on the newest gadgets. Our world has moved from anticipating the new technologies to now demanding it. Most consumers are ill informed when it comes to understanding the number of......

Words: 2506 - Pages: 11

Premium Essay

Cyber Crime

.....................................................6 3.1 Cybercrime Legislation ............................................................................7 3.1.1 Federal Laws .................................................................................7 3.1.2 State Laws ......................................................................................9 3.2 Cybercrime Law Enforcement Agencies ................................................11 3.3 Classifying Cybercrime ............................................................................16 3.4 National Levels of Cybercrime ................................................................19 3.4.1 Business Cyber Victimization ......................................................20 3.4.2 Individual Cyber Victimization ...................................................22 4. A REVIEW OF THEORIES..........................................................................26 4.1 Self-control Theory ...................................................................................27 4.2 Routine Activity Theory ...........................................................................33 5. AREAS FOR FUTURE RESEARCH ...........................................................38 6. CONCLUSION ...............................................................................................44 7. ACKNOWLEDGEMENTS ...........................................................................45 8.......

Words: 13816 - Pages: 56

Free Essay

Cyber Security: Cyber Terrorism

...Introduction Cyber security refers to the practices and processes that are used in technologies such as networks, computers, information and programs from damages by unwarranted entities (Ahmad, Yunos & Sahib, 2012). There are different attacks towards technology which may distort information or be used to create tension in an organization. Information stored in computers has some level of privacy and this depends on the level of sensitivity that such information may have towards that organization. Business strategies, political discussions and government documents are some of the documents that require a higher degree of privacy. However, there are individuals who cause deliberate attacks on the information systems of organizations and governments in order to unlawfully access information or distort the meaning of such data. The intention of cyber attacks has led to the classification of these attacks into particular classes. For example, we have cyber bullying and cyber terrorism. Under cyber bullying, the attackers use technology to abuse and intimidate their targets. Cyber bullying has been common through the presence of the social media where an individual will use pseudo-accounts to publish half truths about others with a bid to embarrass them. On the other hand, cyber terrorism involves the use of technology to access vital government sites in order to cause harm and fear in the society through terrorism activities. Brunst (2010) indicates that cyber terrorist......

Words: 1810 - Pages: 8

Premium Essay

Cyber

... CYBER WARFARE Student’s Name Institution of Affiliation CYBER WARFARE Cyber warfare is also commonly referred to as the cyber attack. It involves both the attacks and the counter cyber warfare. By definition, it is an intentional breaching of a person’s or community computer system with an intended to fraud money or steal knowledge from the system. Therefore, it involves manipulation of the computer systems, disabling or to wipe out the aggregate information contained in the system of equipment. It has thus been a stern challenge in the economic and national and the world security. As thus, it has become a primary concern for all business people protecting their ideas not to be leaked, in the military due to the protection of national security and also by the government which has to keep it a secret of all what is happening within it. The issue of the cyber attacks has not been one event but something that has occurred over time as a result of inventions and innovations by the governments and security agencies. It was triggered by the need to safeguard one's interests and at the same time keep secrets that if they leak the competitors or the enemies can use them against you. One of the periods that can be credited to giving birth to the period of developments that led to cyber attacks is 1918 all the way to 1939 whereby there was increased military revolution. One of these......

Words: 1263 - Pages: 6

Free Essay

Cyber

...HTTP, FTP, IMAP, SMTP, POP3, CIFS/NetBIOS and TCP Stream.”(Best Practices, 2014) User awareness training is the keystone to all of this: if you are not educating them, they will show you they are the weakest link in the chain. A multilateral defense strategy is necessary to defend against this and other threats as they evolve over time; if you aren’t vigilant in the cyber realm, you are as good as hacked. References Alert (TA13-309A). (2013, November 5). Retrieved June 24, 2015, from https://www.us-cert.gov/ncas/alerts/TA13-309A Best Practices to protect against CryptoWall and CryptoLocker (SW12434). (2014, November 11). Retrieved June 25, 2015, from https://support.software.dell.com/kb/sw12434 Ducklin, P. (2013, October 18). CryptoLocker ransomware - see how it works, learn about prevention, cleanup and recovery. Retrieved June 24, 2015, from https://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/ Jarvis, K. (2013, December 18). CryptoLocker Ransomware - Dell SecureWorks. Retrieved June 24, 2015, from http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker- ransomware/ Kostadinov, D. (2014, February 6). RansomWar(e) - InfoSec Institute. Retrieved June 24, 2015, from http://resources.infosecinstitute.com/ransomware/ ...

Words: 833 - Pages: 4