...team of Advanced Research (AR), Reston, VA | From: | Samuel Majekodunmi, IT Manager. | Date: | Aug. 30th 2015 | Subject: | The Reasons Advanced Research needs Kali Linux to Enhance and Test Security. | | Purpose | | The purpose of this proposal is the present the executive team of Advance Research (AR) a solution to recent strings of security breaches. The goal of the proposal is to persuade the executive team of Advanced Research to invest personal for the sole purpose of constant testing of network security and vulnerability; therefore ensure AR’s safety of intellectual property. Table of Contents Executive Summary……………………………………………………………………….2 Introduction………………………………………………………………………………..2 Recommendations…………………………………………………………………………3 Budget……………………………………………………………………………………...4 References………………………………………………………………………………….4 Executive Summary Advanced Research (AR) is on its way to becoming a major player in the medical research and development industry. However, suspicion that the corporate network infiltrated from unauthorized sources more than once, indicated the lack of solid security measures. The false allegations of unethical research and development practices are proof of such accesses. Despite the security troubles and false allegations, AR has experienced a 40% increase in business and as result of the increase AR has hires more stuff. The increase traffic is another indication that AR needs a sure and...
Words: 1213 - Pages: 5
... Introduction In the war zone that is the modern Internet, manually reviewing each networked system for security flaws is no longer feasible. Operating systems, applications, and network protocols have grown so complex over the last decade that it takes a dedicated security administrator to keep even a relatively small network shielded from attack. Each technical advance brings wave after wave of security holes. A new protocol might result in dozens of actual implementations, each of which could contain exploitable programming errors. Logic errors, vendor-installed backdoors, and default configurations plague everything from modern operating systems to the simplest print server.Yesterday’s viruses seem positively tame compared to the highly optimized Internet worms that continuously assault every system attached to the global Internet. To combat these attacks, a network administrator needs the appropriate tools and knowledge to identify vulnerable systems and resolve their security problems before they can be exploited. One of the most powerful tools available today is the vulnerability assessment, and this chapter describes what it is, what it can provide you, and why you should be performing them as often as possible. Following this is an analysis of the different types of solutions available, the advantages of each, and the actual steps used by most tools during the assessment process.The next section describes two distinct approaches used by the...
Words: 9203 - Pages: 37
...Importance of ethical hacking Chapter 1 Introduction Ethical hacking is an emerging tools used by most of the organizations for testing network security. The security risks and vulnerabilities in a network can be recognized with the help of ethical hacking. This research completely concentrates on ethical hacking, problems that may occur while hacking process is in progress and various ethical hacking tools available for organizations. Information is the important source for any organizations while executing business operations. Organizations and government agencies have to adopt ethical hacking tools in order secure important documents and sensitive information (Harold F. Tipton and Micki Krause, 2004). Ethical hacker professionals have to be hired in order to test the networks effectively. Ethical hackers perform security measure on behalf of the organization owners. In order to bring out the ethical hacking efforts perfectly a proper plan must be executed. Ethical hacking has the ability to suggest proper security tools that can avoid attacks on the networks. Hacking tools can be used for email systems, data bases and voice over internet protocol applications in order to make communications securely. Ethical hacking can also be known as penetration testing which can be used for networks, applications and operating systems (Jeff Forristal and Julie Traxler, 2001). Using hacking tools is a best method for identifying the attacks before it effect the entire organization. Ethical...
Words: 9223 - Pages: 37
...growing areas in network security, and certainly an area that generates much discussion, is that of ethical hacking. The purpose of this study is to examine the literature regarding how private sectors and educational institutions are addressing the growing demand for ethical hacking instruction. The study will also examine the opportunity for community colleges in providing this type of instruction. The discussion will conclude with a proposed model of ethical hacking instruction that will be used to teach a course in the summer semester of 2006 through the continuing education department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically important. One area that is very promising is penetration testing or Ethical Hacking. The purpose of this paper is to examine effective offerings within public and private sectors to prepare security professionals...
Words: 6103 - Pages: 25
...“Three Linux Security Tools” Charles Huhn ITT-Technical Institute Abstract: UNIX/Linux operating system have hundreds of security tools out there for protecting valuable information. Out of the many tools on the market, I’ve researched three and wrote about them. The three tools that I’ve research are Nmap, Nessus, and Chkrootkit. In this paper I’ll go over how they enforce security, what threats these tools are designed to eliminate, and what organization is behind the tool. The first security tool I researched is called Nmap Security Scanner. Nmap stands for “Network Mapper”. It can be downloaded for free and comes with a full source code that you can modify and redistribute. Nmap has been used to scan huge networks of literally hundreds of thousands of machines and also works fine with a single host. Not only is it used for Linux, but it runs on all other major computer operating systems like Windows and Mac OS X. Nmap allows you to explore and audit a network. It uses IP packets to determine what hosts are available on the network, what services those hosts are offering, what operating systems they are running, what type of firewalls are being used, and many other characteristics. Network administrators find it useful for tasks like network inventory, managing service upgrade schedules, and monitoring host or service uptime. In addition to the classic command-line, the Nmap suite includes an advanced GUI called Zenmap. Nmap comes with no warranty and there...
Words: 1070 - Pages: 5
...been very successful in developing new and innovative devices and medicines for the health care industry. ARC has expanded to two locations, New York, NY and Reston, VA which has led to an expanded computer network in support of business communications and research. ARC has been the victim of cyber-attacks on its network and web site, as well as false alegations of unethical practices. ARC’s network is growing, with over two thousand devices currently and reaching from VA to NY. ARC needs to ensure better security of communications, intellectual property (IP) and public image, all of which affect ARC’s reputation with the public and investors. ARC has previously limited information technology (IT) expenditures to desktop computers and network infrastructure hardware such as routers, firewalls and servers. It is imperative that ARC considers information security (IS) and begins to invest in products that will allow the IT department to better protect the network and the information stored and passed through it. Metasploit Pro is a software product that will allow the IT department to assess and analyze vulnerabilities on virtually all parts of the network, to include users. It can assist the IT department in performing audits of all hosts or devices operating on the network, to...
Words: 2593 - Pages: 11
...Resolutions Introduction A Computer Network has many benefits to a company. However, it also puts a company at security and privacy risks if they are not tackled with a profound technical know-how. When a computer on a network is hacked, there is a possible threat to other systems getting effected as well. These security breaches can be severe to the organization information and privacy and resolve into a loss of information, leak of confidential data such as bank accounts, and loss of goodwill and trust. Ping Sweeps and Port Scans Intro Ping sweeps and port scans are two methods commonly used by hackers to detect vulnerabilities on computer networks (InfoSoc, 2014). Hackers use ping sweeps to check on which computers are active and being used; while they use port scan to find open ports which can be used to breach a network. If these two methods are used by knowledgeable hackers, they can jeopardize personal data and cause severe effects on the entire computer network. Ping Sweep Ping is the abbreviation for Packet Internet Groper. It is a service to check if a machine on the network is up and running. In ping sweep, an Internet Control Message Protocol (ICMP) echo request is sent to a machine to see if it responds. If a machine is live, it will send an echo ICMP response. Hackers use this facility to seek targets in large networks. They use ping sweeps to continuously ping addresses, leading to a slowdown in the network. “It’s a bit like knocking on your neighbors’...
Words: 1279 - Pages: 6
...Enterprise network across the world are always looking for the easiest ways to manage their networks with a more automated process that can assist network administrators with troubleshooting and maintaining these networks. As a whole network management tools are a huge benefit to these networks and consist of five essential categories that are a must have across the board. The standard is called FCAPS which stands for: Fault, Configuration, Accounting, Performance, and Security. Fault management is one of the most essential parts of a network management tool. The purpose of the Fault Management tool is to find and repair any faults that occur within a network. It has the ability to alert to critical alerts and monitor various servers within the network. This management tool continuously checks CCM servers, unity/exchange servers as well as ensuring that they are backed up completely. Fault management also provides an overview or topology of the network to show what is running smoothly and where active faults are occurring. Configuration is essentially the way that the management software and devices are setup. Configuration will ensure that the network administrators get the alerts they want to see, setup auto fault alerts and ensuring that they can be automatically repaired if possible. Configuration is an essential part of a network management tool and allows customization for network administrators to operate the tools the way they need to for the company needs...
Words: 600 - Pages: 3
...answer the following questions: ■ ■ What are the basics concepts of network security? What are some common network security vulnerabilities and threats? ■ ■ What are security attacks? What is the process of vulnerability analysis? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary at the end of the book. Unstructured threats Structured threats External threats Internal threats Hacker Cracker Phreaker Spammer Phisher page 21 page 21 page 21 page 21 page 21 page 20 page 20 page 20 page 21 White hat Black hat page 21 page 21 page 28 page 28 Dictionary cracking Brute-force computation Trust exploitation Port redirection page 28 page 29 page 30 Man-in-the-middle attack Social engineering Phishing page 30 page 30 2 Network Security 1 and 2 Companion Guide The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset. Network security is the process by which digital information assets are protected. The goals of network security are as follows: ■ ■ ■ Protect confidentiality Maintain integrity...
Words: 13317 - Pages: 54
...The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction ..................................................................................................................................................................... 3 CSC 1: Inventory of Authorized and Unauthorized Devices ............................................................................ 8 CSC 2: Inventory of Authorized and Unauthorized Software ....................................................................... 14 CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers ....................................................................................................................................... 19 CSC 4: Continuous Vulnerability Assessment and Remediation ................................................................. 27 CSC 5: Malware Defenses .......................................................................................................................................... 33 CSC 6: Application Software...
Words: 31673 - Pages: 127
...notice subtle changes in the corporate network. Shortly after that, the CEO began calling high-level meetings, especially with marketing and finance, to determine why the company’s profits for the last five months (July to December) began to take a downward spiral. Though it seemed that all operations and processes remained unchanged it seemed that the number of new customers registering through their customer portal had dropped drastically over the past last five months. The company has noticed anomalous traffic on port 80 of the Web Server on the DMZ. The edge router’s logs showed that the traffic started six months ago and ended five months later. They noticed five months ago that traffic from the Web servers to the internal application servers decreased each day, although the inbound requests on port 80 remained about the same. Over the last four months, Web server logs contained many http “Post” statements followed by the Website address of one the company’s main competitors. All of the post statements seemed to appear in the logs after new users would click “submit” to register. Based on the information that has been provided it seems that a competitor has been able to compromise the company’s network. This has allowed them to reroute network traffic from users that are attempting to register through the company’s portal to their competitor’s site. The next step in investigating the issue would be to complete an assessment of the network. A review of the traffic that is produced...
Words: 1289 - Pages: 6
...Hackers who do intentionally tamper with the company's network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form of technical protection (Control Data, 1999). Firewalls, antivirus programs and packet filtering devices are used to protect access to the network at the LADWP. But these tools alone do not provide adequate system security policy for system users, as mentioned above, that is based on the identification and prioritization of threats and assumed threats helps to maintain the network's health. The key feature of the policy is an ongoing training program that teaches all users the importance and value of including safe system user practices in their daily routine. Users are more likely to follow security practices if they understand the purpose of the practice and the consequences when these practices aren't used. Added to the training is a physical and electrical restriction of access to sensitive information and areas to users who have no business purpose for using such access. To ensure that the preventive measures are functioning effectively, regular audits of the security policy are performed. Log-on IDs are checked to verify...
Words: 1357 - Pages: 6
...made use of technological innovation and automation of their systems. However, as GFI experienced a steady growth in its financial operation, a significant security risk lack within its network. GFI relies on its application servers; the Oracle database and the email system that are the backbone of the GFI financial operations. The financial and cash flow system of the company solely depends on the network, any network breakdown, and system failure would be catastrophic for the business and its clients. The recent multiple cyber attacks on the GFIs network and the 2012 Oracle server attack that left the company integrity, confidentiality and availability venerable for several days. Although the servers were restored, the damage was extensive and lead GFI to pay for clients damages in their loss of data confidentiality. Another attack left the entire GIF network down that lead to losses in revenues and intangible customer confidence to the tunes of over a million US dollars. Risk Assessment Purpose The aim of this risk assessment is to evaluate the details of GFI network security. Further, the risk assessment is to come up with a structured qualitative assessment of GFIs network environment and provide possible solutions for mitigating the sensitivity, threats, vulnerabilities, risks and safeguards of the GFIs network. Besides, the assessment will recommend on a potential cost-effective assurance that will combat the threats and associated exploitable...
Words: 2661 - Pages: 11
...IT for Decision Makers NETWORKING AND SECURITY ISSUES Handout 1 Overview Introduction Many organizations have invested vast amount of money in computer networks, only to find out that although it is providing means of improving the efficiency and productivity of the organization but it also exposes the Organization to possible attacks and threats. Such attacks have been the most challenging issue for most network administrators and a worrying topic for administrators. Organizations need to share services resources and information but they still need to protect these from people who should not have access to them, while at the same time making those resources available to authorized users. Effective security achieves these goals. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service attack...
Words: 5140 - Pages: 21
...capture and analysis. Which tool is preferred for each task, and why? While both Wireshark and NetWitness Investigator can be used to capture network traffic, the freeware version of NetWitness Investigator has a limitation of 1G of protocol capture per session. Wireshark does not have a limitation on the size of the capture file, which makes it better suited to protocol capture. Wireshark can be used to analyze capture files, but NetWitness Investigator is a seven-layer protocol analyzer that provides detailed protocol analysis and protocol behavior analysis and is much more user-friendly in terms of understanding protocol behavior and protocol analysis. 2. What is the significance of the TCP three-way handshake for applications that utilize TCP as transport protocol? A three-way handshake (SYN > SYN-ACK > ACK) is performed between the IP source and IP destination to establish a connection-oriented connection. 3. How many different source IP host address did you capture in your protocol capture? 8 including 0.0.0.0, otherwise 7 4. How many different protocols did your protocol capture session have? What function in Wireshark provides you with a breakdown of the different protocol types on the LAN segment? There were 10 protocols that the protocol capture session have. Click on: Statistics → Protocol Hierarchy In order to see the breakdown of the different protocol types on the LAN segment. 5. How and where can you find Wireshark network traffic packet size counts...
Words: 625 - Pages: 3
