SlideShare a Scribd company logo

Analyze a DoS Attack and Recommend Protections

Download as DOCX, PDF
H
HarrisGeorg69

This document provides guidance for a lab assignment on selecting and designing a secure wireless network for a small office/home office (SOHO) environment. The student is instructed to identify the hardware and software needed to support the network security policies and user requirements defined in an earlier lab. Key elements of the response include outlining the requirements of the secure wireless network, providing an overview of the proposed technical solution, and illustrating the logical network design. Citations for any external resources must also be included.

Education
1 of 11
SEC 572 Week 1 iLab Denial of Service Attacks For more classes visit www.snaptutorial.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will
be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report **************************************************
SEC 572 Week 2 Network Security For more classes visit www.snaptutorial.com SEC 572 Week 2 Network Security ************************************************** SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more classes visit www.snaptutorial.com
SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications. Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA- 1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct.
************************************************** SEC 572 Week 4 iLab Intrusion Detection Systems For more classes visit www.snaptutorial.com SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs.
Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2 Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs. In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot.
An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False-positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy- networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information. Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law- enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs— on your network or in the cloud.
The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ************************************************** SEC 572 Week 5 iLab VPN For more classes visit www.snaptutorial.com SEC 572 Week 5 iLab VPN Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may
take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ************************************************** SEC 572 Week 6 iLab For more classes visit www.snaptutorial.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points.
• Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. **************************************************
Analyze a DoS Attack and Recommend Protections

Recommended

SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comBromleyz38
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comBaileya109
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comrobertlesew79
 
Sec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comSec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comBaileyabl
 
Sec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comSec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comBartholomew99
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEWshyamuopiv
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injectionCARMEN ALCIVAR
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithmsCARMEN ALCIVAR
 

Recommended

SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comBromleyz38
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comBaileya109
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comrobertlesew79
 
Sec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comSec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comBaileyabl
 
Sec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comSec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comBartholomew99
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEWshyamuopiv
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injectionCARMEN ALCIVAR
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithmsCARMEN ALCIVAR
 
Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysisCARMEN ALCIVAR
 
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramIDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramDigit Oktavianto
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsPriyanka Aash
 
Reconnaissance not always about resources
Reconnaissance not always about resourcesReconnaissance not always about resources
Reconnaissance not always about resourcesidsecconf
 
Databse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachDatabse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachSuraj Chauhan
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemAM Publications
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data miningbalbeerrawat
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsRod Soto
 
Machine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggleMachine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondogglePriyanka Aash
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionWei-Yu Chen
 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)ENOInstitute
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET Journal
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detectionbutest
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsHappiest Minds Technologies
 
Secure Software Engineering
Secure Software EngineeringSecure Software Engineering
Secure Software EngineeringRohitha Liyanagama
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI JoAnna Cheshire
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxronnasleightholm
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 

More Related Content

What's hot

Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysisCARMEN ALCIVAR
 
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramIDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramDigit Oktavianto
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsPriyanka Aash
 
Reconnaissance not always about resources
Reconnaissance not always about resourcesReconnaissance not always about resources
Reconnaissance not always about resourcesidsecconf
 
Databse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachDatabse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachSuraj Chauhan
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemAM Publications
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data miningbalbeerrawat
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsRod Soto
 
Machine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggleMachine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondogglePriyanka Aash
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionWei-Yu Chen
 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)ENOInstitute
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET Journal
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detectionbutest
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsHappiest Minds Technologies
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI JoAnna Cheshire
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 

What's hot (20)

Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysis
 
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramIDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documents
 
Reconnaissance not always about resources
Reconnaissance not always about resourcesReconnaissance not always about resources
Reconnaissance not always about resources
 
Databse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachDatabse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining Approach
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection System
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
 
Machine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggleMachine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggle
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training brief
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest Minds
 
Secure Software Engineering
Secure Software EngineeringSecure Software Engineering
Secure Software Engineering
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 

Similar to Analyze a DoS Attack and Recommend Protections

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxronnasleightholm
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attacknewbie2019
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comamaranthbeg113
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comamaranthbeg53
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comamaranthbeg73
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inmaribethy2y
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAPNIC
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Laura Arrigo
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxmccormicknadine86
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical HackingJennifer Wood
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applicationsijtsrd
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 

Similar to Analyze a DoS Attack and Recommend Protections (20)

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attack
 
security onion
security onionsecurity onion
security onion
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
Network Security
Network SecurityNetwork Security
Network Security
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
 
APT - Project
APT - Project APT - Project
APT - Project
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applications
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 

Recently uploaded

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 

Recently uploaded (20)

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 

Analyze a DoS Attack and Recommend Protections

  • 1. SEC 572 Week 1 iLab Denial of Service Attacks For more classes visit www.snaptutorial.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will
  • 2. be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report **************************************************
  • 3. SEC 572 Week 2 Network Security For more classes visit www.snaptutorial.com SEC 572 Week 2 Network Security ************************************************** SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more classes visit www.snaptutorial.com
  • 4. SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications. Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA- 1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct.
  • 5. ************************************************** SEC 572 Week 4 iLab Intrusion Detection Systems For more classes visit www.snaptutorial.com SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs.
  • 6. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2 Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs. In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot.
  • 7. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False-positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy- networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information. Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law- enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs— on your network or in the cloud.
  • 8. The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ************************************************** SEC 572 Week 5 iLab VPN For more classes visit www.snaptutorial.com SEC 572 Week 5 iLab VPN Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may
  • 9. take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ************************************************** SEC 572 Week 6 iLab For more classes visit www.snaptutorial.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points.
  • 10. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. **************************************************