...Case Analysis The iPremier Company (A): Denial of service Attack Case 2—2 MIS 606- Management Information Systems 4 December 2012 Summary of the problem The case presents a specific problem that has taken place in iPremier, a Seattle based company that was founded in 1996 by two students from Swathmore College and had become one of a few success web-based commerce, selling luxury, rare, and vintage goods over the Internet. It was exactly on January 12, 2007, when iPremier Web servers were brought to a standstill. The Web site of the company was locked up; neither employees nor customers can access the site due to a distrusted denial-of-service (DDoS) hacker attack. At that time, the company CIO, Bob Turley, who was recently hired, was out of the town on a mission, and that made the situation even worse. The problem was soon spread reaching the CEO! The shocking finding was the outdated emergency procedures. Eventually after 75 minutes the problem was solved and the main champion in my opinion was luck! Unstructured actions were taken to overcome this attack. The corrective action was taken but still iPremier will need to come up with preventive action for similar situations because this might threaten its existence. The technology The case discussed different technologies: distributed denial of service (DDoS) attack, firewall, and information security mainly in case of crisis. DDoS is a type of web attack that seeks to disrupt the normal function...
Words: 1713 - Pages: 7
...Denial of service attacks in Network security introduction and short history of DoS attacks: Denial of service attacks are one of the major threat to the modern computer networks.It has been said that first DDoS attack was launched in 1999 against the IRC server of university of minnesota which affected 227 systems and server was down for several days.Another DoS attack was documented in the week of feb 7 2000.A 15 year old canadian hacker named “mafiaboy” performed a series of DoS attack against some sites like ebay and amazon.Companies suffered from 1.7 billion of damage.After that it became the best way of hacking among cybercriminals. People used to perform these attacks for profits.Hackers will follow the procedures like mafiaboy and ask for the money.In 2005 ,it became more easy to implement those attacks ,a boy of 18-yr old named Farid Essabar developed a worm called MyTob which used to open a backdoor in Ms windows hosts and connect to the remote IRC server.The computer then used to wait for the commands from the servers.Farid was arrested for distributing the worm.This was surely not the last case.DDoS attacks were used to attack and money extortion. As name suggests Denial of Service aka DoS, it’s main objective is to make the system to deny the legitimate service requests. Basically DoS attacks are performed by exhausting the resources of the computer like processing power,network bandwidth,TCP connection and service buffers,CPU cycles and so on.Hackers actually...
Words: 2218 - Pages: 9
...Chapter 2 Review Questions 1. Why is information security a management problem? What can management do that technology cannot? Managing information security has more to do with policy and enforcement rather than technology. Management must address information security in terms of business impact and the cost. 2. Why is data the most important asset an organization possesses? What other assets in the organization require protect? Data in an organization represents its transaction records and its ability to deliver to its customer. Without this the organization would not be able to carry out day to day work. 3. Which management groups are responsible for implementing information security to protect the organization’s ability to function? Both management and IT management are responsible for implementing security to protect an organizations ability to function. 4. Has the implementation of networking technology created more or less risk for businesses that use information technology? Why? Networking is usually considered to have created more risk for businesses that use information security. The reason is that potential attackers have reader access to the information system. 5. What is information extortion? Describe how such an attack can cause losses, using an example not found in the text Information extortion is the act of an attacker or trusted insider who steals information from a computer system and demand compensation for its return or for an agreement...
Words: 1152 - Pages: 5
...RLOT Task 2 With the availability of open source tools and resources to cybercriminals, it has become extremely difficult to combat distributed denial of service (DDoS) attacks. Typically DDoS attacks occur at the network layer by SYN flooding, ICMP flooding, and UDP flooding. Some times DDoS attacks fail at the network layer when this happens cybercriminals shift to application layer attacks. Application attacks occur by sending an overwhelming number of HTTP GET requests (HTTP flooding) or running a massive number of queries through the victim’s database query or search engine. This guide will address the information technology (IT) industry’s best practices to counter denial of service (DoS) and DDoS attacks. These countermeasures are patch management program, antivirus software, and host-based intrusion prevention systems. Patch Management Program One important aspect of security is patch management. Patching is software code that a vendor distributes to fix functionality problems or vulnerabilities for applications and network devices. Without a patch management program hackers could exploit vulnerabilities to gain access into the university’s information system, elevate privileges, and steal data. The amount of patches released can be overwhelming to the university’s network technicians. The patch management program will ensure that security risks are reduced to an acceptable level and reduce manpower requirements. The university will use an automated patch management...
Words: 979 - Pages: 4
...Running Head: Web Server Application Attacks Web Server Application Attacks Assignment # 1 Mariz Cebron Common web application vulnerabilities and attacks, and recommend mitigation strategies The World Wide Web has evolved into a critical delivery pipeline for institutions to interact with customers, partners and employees. Via browsers, people use web sites to send and receive information via Hypertext Markup Language (HTML) messages to web applications housed on web servers. This information, expected as legitimate messages, can be used illegitimately in unauthorized ways to compromise security vulnerabilities a.) Authentication - one of the biggest web application weaknesses is the failure to provide a means of strong authentication to verify the end user is whom he/she claims. Prior to accessing a web application, a server may require the end user to authenticate him/herself to identify the user or determine the user's access privileges. To mitigate these risks; employ strong authentication, such as HTTPS, with encrypted credentials, require authentication at specified time intervals or movement between web pages, regularly test authentication and implement authorization. b.) SQL injection - Many web applications do not properly strip user input of unnecessary special characters or validate information contained in a web request before using that input directly in SQL queries. SQL...
Words: 1656 - Pages: 7
...Name: ____________________________ 1. List (do not explain) the three sides of the traditional C.I.A triangle in information security. Confidentiality, Integrity, Availability 2. Explain what is meant by Confidentiality in the context of security. Limiting information access and disclosure to authorized users. 3. Explain what is meant by the term Integrity in the context of security. The trustworthiness of information sources. 4. Explain what is meant by Authenticity in the context of security Both parties validating their identities. 5. List the components of an Information System Software, Hardware, Data, Networks, People. 6. Explain the basic conflict between Access to Information and Securing Information, and why it is not necessarily a good idea to have the same person be the Network Administrator and also the Security Administrator. The security system must provide reasonable access, but also protect against threats. This sometimes leads to the needs of users being looked over in favor of greater protection. It is better to have separate admins due to the fact that each admin can focus solely on his appointed task and be better schooled in their particular field. 7. Explain why it is critical that programmers consider security when writing programs. Because software bugs are potential security risks, creating backdoors that can bypass security that is in place. 8. Explain the differences between Computer Security...
Words: 746 - Pages: 3
...Kaplan University Unit 2 Assignment A Denial of Service (DoS) Attack is an attempt to disrupt a company’s network and services by preventing access to resources by users authorized to use those sources like a company’s employees and customers (Dulaney, 2009). When one person attempts this from a single system it is called a DoS attack, but when a group of nodes on a network simultaneously flood the site with attack packets it is called a Distributed Denial of Service attack or DDoS. These attacks are meant to disrupt the company’s website and gain access to its computers. To accomplish this, the Attacker will recruit vulnerable machines on separate networks, mainly ones not running antivirus through different scanning techniques and will then install an attack toolkit to the machine making it a Zombie or Slave (Patrikakis, Masikos, Zouraraki, 2004). Then the infected computer will look for other vulnerable computers in which it can install the attack toolkit using the same process and creating an army of computers (Patrikakis, Masikos, Zouraraki, 2004). Once this army is assembled the attacker can wake up all of the slave computers, now on his network and have them all send attack packets to the company’s IP address and can even use spoofed source IP address. This way the slave computers IP addresses are hidden so the victim cannot trace the attack back to them. This will combine a DDoS attack with a Spoofing attack. Protecting against DDoS attacks are difficult...
Words: 1012 - Pages: 5
... | |The most damaging of the denial of service attacks can be a _______________ attacks, where an attacker uses zombie software distributed | |over several machines | | | | | |[pic] | |Bot | | | | | |[pic] | |Distributed denial of service ...
Words: 2882 - Pages: 12
...connected to the internet that interact to accomplish some distributed task. A bot is a type of malware that enables a network attacker to gain control over a computer and utilize it to launch third party attacks on the Internet. Software agents, or robots, that run autonomously and automatically. A group of computers running a computer application controlled and manipulated only by the owner or the software source. In the past, the concept of bots did not include harmful behavior by default.Bots can be very bene cial programs when they are designed to assist a human user, either by automating a simple task, or by simplifying a user's control over various programs or systems. Botnets are used for malicious activity like distributed denial of service attacks, identity theft, sending spams and phishing attacks. Typically botnets used for illegal purposes. Botnets are seen to be one of the main sources of malicious activity. Rapidly growing botnets and new methods for spreading malicious codes and launching attacks. Bots sneak into a persons computer in many ways. Bots often spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they nd an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry out a task.The very nature of botnets gives criminals plenty of power on the internet at large. With control over so many compromised systems...
Words: 1041 - Pages: 5
...Security Evaluation Matthew Williams CMGT/441 1/21/2013 Shivie Bhagan Security Evaluation My evaluation is of the paper “Why Information Security is Hard” by Ross Anderson. This paper is an evaluation that covers an economic perspective of information security in the financial industry throughout the world. Simply summed up by the statement, “The more people use a typical network, the more valuable it becomes. The more people use the phone system - or the Internet - more people there are to talk to and so the more useful it is to each user.” (Anderson, 2001) In the first paragraph Denial of Service (DOS) attacks are described as one of the issues presented by the current security incentive structure. “As an example presented the author states, “While individual computer users might be happy to spend $100 on anti-virus software to protect themselves against attack, they are unlikely to spend even $1 on software to prevent their machines being used to attack Amazon or Microsoft.” (Anderson, 2001) The statement accurately describes what I’d like to call a failure to respond to an indirect threat. Simply because a user is not directly being attacked most assume they are safe and that the statistics are in their favor. Unfortunately, this is rarely the case, like the great library in Alexandria which was destroyed and affects us all even today though indirectly. In a typical connection, the user sends a message asking the server to authenticate it. The server returns the...
Words: 495 - Pages: 2
...Report#1 Denial of Service as a Service - Asymmetrical Warfare at Its Finest Introduction Denial of service attack becomes a major problem against computers connected to the Internet. DoS attacks involves exploiting any bugs in such an operating system or any existed vulnerabilities in TCP/IP implementation. Tracking this attack becomes very serious problem, because the attacker uses many machines in order to lunch this kind of attack. On the other hand, since the attackers are human being at least one mistake will occurred by them, once the investigators discover such mistake will be very helpful to track such attacker. The attacker goal is to prevent the legitimate users from accessing their resources by taking down such a server. This report will discuss “Denial of Service as a Service Asymmetrical Warfare at Its Finest” which was given by Robert Masse, CEO of Swipe Identity Company. Robert Masse has explained the process of capturing the attacker who performed Denial of server attack (DoS) against mid-sized internet server provider (ISP). Actually, the attacker was working at Mid-sized ISP, which is considered to be the largest ISP in Canada. In addition, the attacker was one of the employees who’s working at the targeted ISP, which make the investigation process very difficult to identify him or to stop this attack. On November 25th 2012 the ISP received this attack for one week and then eventually escalate quickly. As a result, this attack cause to shut down the emergency...
Words: 3055 - Pages: 13
...known, and one of the biggest threats to information loss are undoubtedly viruses, Trojan horses, and worms. These threats are no longer only considered childish annoyances as they once were. They can cause serious damage to an organization whether it’s financially, or to their reputation. Often referred to as malware, which means malicious code, these programs infect information systems that can replicate at a rapid rate by exploiting vulnerabilities in a computer’s operating system or network. These malicious tools can be used to steal company data, destroying information completely, or bringing down an entire corporation to its knees. In addition to malware, Distributed Denial of Service (DDoS) attacks are specifically organized to bring a company down. According to "What Is DDoS Denial Of Service?" (n.d.), "A malicious hacker uses a DDoS attack to make a computer resource (i.e. – website, application, e-mail, voicemail, network) stop responding to legitimate users” (What everyone needs to know about DDoS). These attacks are distributed because there multiple computers that are being...
Words: 1137 - Pages: 5
...ICMP Vulnerabilities and its Countermeasures By Shweta Jhunjhunwala (MITS,Lakshmangarh) Kriti Goenka (MITS, Lakshmangarh) Sandeep Tanwar (GPMCE,IP University, Delhi) Abstract: To prevent distributed denial of service (dDoS) attack via ICMP (ping). 1. Introduction ICMP or The Internet Control Message Protocol is the de facto protocol used to communicate error messages reporting errors that might have occurred while transferring data over networks. ICMP messages are sent in several situations: for example, when adatagram cannot reach its destination, when the gateway does not have the buffering capacity to forward a datagram, and when the gateway can direct the host to send traffic on a shorter route. The purpose of these control messages is to provide feedback about problems in the communication environment, not to make IP reliable.There are still no guarantees that a datagram will be delivered or a control message will be returned.Some datagrams may still be undelivered without any report of their loss.The higher level protocols that use IP must implement their own reliability procedures if reliable communication is required. The ICMP messages typically report errors in the processing of datagrams.To avoid the infinite regress of messages about messages etc., no ICMP messages are sent about ICMP messages.Also ICMP messages are only sent about errors in handling fragment zero of fragemented datagrams.(Fragment zero has the fragment offeset equal zero). ICMP...
Words: 2311 - Pages: 10
...Cloud computing is an emerging technological advancement and in recent times the technology has gained popularity because of its ability to increase system performance, efficient use of computer resources and also scalability. As with any internet technology, security is a big challenge for cloud computing services. Denial of Service (DoS) attacks targeted at cloud end node systems are possible because of how vulnerable these node systems are. The level of security at the node systems is not matched to that at the server level. Cloud node networks are the major entry points for DoS attacks and other malicious attacks in a cloud computing environment. This paper will discuss various DoS attacks and techniques and also discuss the role of Distributed Denial of Service (DDoS) on distributed computer networks. I will also discuss how DoS attacks are the major threats to cloud services, entry points of DoS which are cloud end nodes and recommend how these attacks can be mitigated. DoS attacks on the cloud node computers are the major security challenges cloud services face. I will also recommend techniques that can prevent DoS on cloud node networks. Introduction Denials of Service (DoS) are malicious attacks made in an attempt to breach security by an intruder on vulnerable computer networks. Malicious messages are broadcasted to occupy the resources of a network node to disable functionality. The affected network node or server processes unwanted computing cycle and thereby network...
Words: 2565 - Pages: 11
...Web Server Application Attacks Brooks Gunn Professor Nyeanchi CIS 502 July 10, 2013 Web Server Application Attacks Many organizations have begun to use web applications instead of client/server or distributed applications. These applications has provided organizations with better network performance, lower cost of ownership, thinner clients, and a way for any user to access the application. We applications significantly reduce the number of software programs that must be installed and maintained in end user workstations (Gregory 2010). Web applications are becoming a primary target for cyber criminals and hackers. They have become major targets because of the enormous amounts of data being shared through these applications and they are so often used to manage valuable information. Some criminals simply just want vandalize and cause harm to operations. There are several different types of web application attacks. Directory traversal, buffer overflows, and SQL injections are three of the more common attacks. One of the most common attacks on web based applications is directory traversal. This attack’s main purpose is the have an application access a computer file that is not intended to be accessible. It is a form of HTTP exploit in which the hacker will use the software on a Web server to access data in a directory other than the server’s root directory. The hacker could possibly execute commands...
Words: 1620 - Pages: 7
