Security in Computing and IT

399 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
399
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security in Computing and IT

  1. 1. Assignment 1 – Security In Computing & IT(COSC 2538)Question 1Criticality Level of the ApplicationVulnerability - Mozilla Firefox 4.x through 5 does not properly implement JavaScriptThe critical level is high of the application because its prone to provide the useful information to theoutsiders especially attackers or hackers. Furthermore, the specialized access is not required, thusthe attacking would be possible from anonymous and untrusted organizations.Impact including CVSS Score (10.0)According to the Base Score Metrics, the results for Exploitability shows that the application hasthe chance of being attacked or for the thread from attacker or hacker. For example, the accessvector for this application is network, that means person who are not in the organisation related tothis application may corrupt the memory or get the application to crash. Attackers may attack fromanywhere without using local access too. The access complexity also results low for this applicationmay cause the attack from anonymous and the configuration also ubiquitous. The authentication isnot required for this application. Moreover, seeing the condition of Impact Metrics asconfidentiality, Integrity, and Availability also, its not secured application by having completeresult for mentioned options increased the vulnerability score.Purpose of CVSS ScoreEach group(Base, Environmental, Temporal) produces a numeric score ranging from 0 to 10, and aVector, a compressed textual representation that reflects the values used to derive the score. Thepurpose of the CVSS base group is to define and communicate the fundamental characteristics of avulnerability. This objective approach to characterizing vulnerabilities provides users with a clearand intuitive representation of a vulnerability.Proposed Solution − Block external access at the network boundary. − The authentication is required for this application to reduce the number of attacks at one time.Australian DSD 35 StrategiesMinimise the number of users with domain or local administrative privileges, and Applicationwhitelisting to help prevent malicious software and other unapproved programs from runningThiscan prevent unauthorized or anonymous to have control on the application to get the memorycorrupt and any malware software from attackers.Network segmentation and segregation into security zones to protect sensitive information andcritical services such as user authentication and user directory information in the trem ofconfidentiality and integrity impact of application. Attckers can read all the information and dataand may modify it, this will prevent those actions.Centralised and time-synchronised logging of allowed and blocked network activity, with regularlog analysis, storing logs for at least 18 months. This will identify the anonymous and untrustedpeople who are using the application illegally. The application required unspecialized access thatenables access to a wide range of systems and users. 1
  2. 2. Question 2I had selected four top anti-virus companies that are McAfee, Avira, Symantec, Trend Micro. Thesesites offer virus listings till the latest but the information is differ from one another. The most up-to-date company is McAfee, because there are numbers of threat types on a day unlike other sites.Symantec also deliver the listings about threats with discovered and updated equipped with time,but it lacks of the information of the up-to-date threat listings compared to McAfee. Avira andTrend Micro seems like providing similar data but they do not provide updated virus listings asMcAfee. The similarity of all sites are they are giving summary, characteristics of the threat, andremoval instructions.However, Symantec only provide threat summary included time but othercompanies does not provide the detail about time of the threat,thus we cannot compare the timedifference. Moreover, McAfee also had tracked Top Virus Listing and Regioanl Virus Tracker thatcan track viruses which could attack in 24 hours, and so on according continents. 2
  3. 3. Question 3Criticality Level of the SoftwareVulnerability - Microsoft Windows DNS Server NAPTR Query Remote Heap Memory Corruption.An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges.Successful exploits will result in the complete compromise of affected computers, hence theseverity is high too.Impact including CVSS Score (10.0)According to the Base Score Metrics, the results for Exploitability shows that the application hasthe chance of being attacked or for the thread from hacker. For example, the access vector for thisapplication is network, that means outsider or people who are not in the organisation related to thisapplication may corrupt the memory or get the software to crash. Attackers may attack fromanywhere without using local access too. The access complexity also results low for this applicationmay cause the attack from anonymous and the configuration also ubiquitous. The authentication isnot required for this software. Moreover, seeing the condition of Impact Metrics as confidentiality,Integrity, and Availability, its not secured application by having complete result. Furthermore, theattacker can have control over the files by having chance to read all the systems data, and able tomodify the data or files in order to corrupt the memory or system.In the term of availability, therewill be a total shutdown of the resource may be done by possible attacker.Purpose of CVSS ScoreEach group(Base, Environmental, Temporal) produces a numeric score ranging from 0 to 10, and aVector, a compressed textual representation that reflects the values used to derive the score. Thepurpose of the CVSS base group is to define and communicate the fundamental characteristics of avulnerability. This objective approach to characterizing vulnerabilities provides users with a clearand intuitive representation of a vulnerability.Proposed Solution − Block external access at the network boundary, unless external parties require service. − Deploy network intrusion detection systems to monitor network traffic for malicious activity.Australian DSD 35 StrategiesMinimise the number of users with domain or local administrative privileges, and Applicationwhitelisting to help prevent malicious software and other unapproved programs from running.Thiscan prevent unauthorized or anonymous to have control on the application to get the memorycorrupt and any malware software from attackers.Network segmentation and segregation into security zones to protect sensitive information andcritical services such as user authentication and user directory information in the trem ofconfidentiality and integrity impact of application. Attckers can read all the information and dataand may modify it, this will prevent those actions.Centralised and time-synchronised logging of allowed and blocked network activity, with regularlog analysis, storing logs for at least 18 months. This will identify the anonymous and untrustedpeople who are using the application illegally. The application required unspecialized access thatenables access to a wide range of systems and users. 3

×