MN502 NETWORK SECURITY (lab 1)
1. What are the different types of password attacks?
Types of password attacks:
Brute force attack:
It is an attack, the attacker continuously trying too many passwords hoping that it was correct.
Dictionary attack:
It is an attack, the attacker cracking the password by millions of words in a dictionary
Social engineering:
It is a type of attack for gathering information using social network.
Guessing:
It is an attack by our best friends, …… and these attacks on mostly in randomly generated user name sites it was easy to short.
Offline cracking:
In this attacker has limited times to enter the password on protected passwords.
Rainbow table attack:
In this attackers apply an algorithm called hashing algorithm
…show more content…
Monitoring traffic for suspicious activities.
Identifying threats and defend them.
Administrator train on proper protocols.
3. Intrusion Detection System (IDS):
IDS is a device or software application that monitors a network for an unauthorised attack.
It can be classified by where detection takes place Network or Host.
Network based Intrusion Detection System(NIDS):
NIDS placed at a crucial point within the network to monitor to and from all devices in network. It performs an analysis of passing traffic on the entire SUBNET and matches the traffic that is passed on the subnets to the library of known attacks.
Host based Intrusion Detection System(HIDS):
HIDS run on individual hosts or devices on the network, it monitors inbound and outbound packets from the device and will alert the user if there is any suspicious activity is detected.
NIDS HIDS
1. NIDS are installed on every host machine.
1. HIDS are installed only on certain intersection points, such as servers, routers.
2. NIDS analyse the flow of information between computers
2. HIDS examine specific host-based action, such as what applications are being used and accessed in the kernel
I have to pull two alleles (two straws) from the bag to represent one fish because fishes like humans get two alleles one from their father and one from their mother.
2.1 What are the coordinates for the White House in Degrees, Minutes and Seconds? 38°53'51.47"N 77° 2'11.64"W
The SIEM is a log management system where every network device, server or workstation will send their logs for storage, correlation and analysis. The analysis will provide alerts similar to the NIDS and HIDS. In addition, the log correlation could be used to help track where and when malicious activity has occurred and on what system(s) the activity was seen. The combination of the NIDS, HIDS and SIEM will provide a good array of detection for malicious users, software or unauthorized system access.
As the Fig 1 showing, the node which generates the packet is the source node. There are many sensor nodes in a 3-D interest area. The packet is delivered among these sensor nodes and finally try to reach one sink node. Sink nodes are deployed on the water surface. In the figure, it is a multiple-sink topology. Multiple sinks equipped both radio-frequency and acoustic modems are fixed on the water surface.The packet is assumed delivered successfully if it reaches any one of the sink nodes because sink nodes use radio-frequency channel to communicate with each other which is several orders of magnitudes faster than acoustic channel.
The goal of this lab is to configure AD DC and PSO on the Windows 2012 previously installed. The main tasks in the lab are to create a group policy object, join the domain, and create a user and apply policy object to that user. In order to do so, I had to add a Windows 7 client to test the functionality of the GPO. The last task in the lab is to create a Password Setting Object (PSO) where we can define the policy of the passwords for all users in a certain group or the whole domain. PSOs are used to define the password requirements such as complexity, age, and repetition. By the end of the lab, we should have Active Directory installed and configured in the infrastructure with GPOs and PSOs defined and tested using a client with a domain
The attacks targets the routing information which is being exchanged among nodes. The data in the table is altered and attacker then attracts or repel network traffic, generate false error messages, increase latency or even partition the network. The next node generally depends on the previous node(s) table to create routing paths.
File servers are an important part of any business. The file server is the central location of files for a business small or big. The file server can be a cloud accessible server which grants accesses anywhere. The file server can also be a dedicated server which is only used on the business network. I am going to touch on the specifications of a file server. This means I am going to go over CPU, memory, bus, DMA, storage, interrupts, input/output peripherals, and monitors of a files server.
When people think of scientists, creativity is not always the first thing that comes to mind. Scientists are viewed as quite the opposite in fact, relying on cold, hard facts, rather than having the mind to create a colorful, bright work of art. However, nothing could be further from the truth. Scientists employ a great degree of creativity when drawing diagrams of observations, thinking of new ideas, and interpreting data in unique ways. Of course, all of the above is limited by the facts, for example you can’t just draw three extra legs on an animal because you want to be creative. However not all scientist’s drawings are going to look exactly alike because everybody is a different person. No two scientific papers are going to be the exact same either, in fact they could in fact be near complete opposites, depending on how one scientist
The first odd network behavior that was reported by the network engineers and the system administrators was an analysis that showed that a single host on the network is opening hundreds of SSH sessions to every single other host on the Aim Higher College’s network every minute. This attacker or hacker is flooding the network with the SSH sessions to bring the web servers down to get some classified information. The second odd behavior was reported that hundreds of hosts are constantly sending SYN packets only to one of the web servers on the Aim Higher college’s campus. Furthermore, this attacker is trying to flood one of the web servers just by
The Network-based IDS has a network sniffer running in a mode where the network device intercepts and reads all network packet. The sniffer is attached to a specific database of known attack signatures, the IDS then analyzes each individual packet it picks up, to check for known attacks. For example, if a web attack contains the string /system32/cmd.exe? in the URL, the IDS will try to match
This latest string of hacks have revolved around the ease at which hackers can find other computers connected to the internet, hack into those, and use their computing power for help in the attack. A company called Norse Corp. has developed ways to monitor this traffic.
resolve. At first it seemed to just be an unauthorized user, who had used up nine seconds of computer time and refused to pay for it. Further investigation led him to an outside hacker that gained access to Berkley computers, by sneaking through an obscure security breach and gained administrative privileges over...
...vantage of the overall network design and implement usable subnets with virtual local area networks. Use encryption and encapsulation to secure communications of public segments to enable extranets and cross-Internet company traffic. Use items such as intrusion detection systems and firewalls to keep unauthorized users out and monitor activity. Taken together, these pieces can make a secure network that is efficient, manageable, and effective.
Chris Davies and Ravi Ganesan [11] reviews about the weakly chosen passwords continue to be a major source of security problems and it is vulnerable to dictionary attacks. In this method BApasswd a new proactive password checker is projected and this component is used for password varying program that attempts to validate the eminence of a password chosen by the user, before the selection is finalized. When the user had given a password, this system will use statistical test to determine it with a high degree of confidence, whether the password could have been generated by the Markov Process, and if so, it rejects the password and hence it effectively filters out the bad passwords and show a warning message to choose the new password to the valid users.
Intrusion prevention system (IPS) works similar to Intrusion detection system (IDS), where both monitor traffic over the network. However, IPS is more active in nature as it takes immediate action on the attack that has occurred. The action taken by IPS is based on the rules that have been set by the network administrator.