Monday, May 20, 2019
Recommendation to Counter DoS Attack
Recommend in an executive director summary measures to counter this type of DoS Attack.The university intercommunicate was a victim of a DDoS attack. Whereby a cyber deplorable first acquired executive director access. We suspect that the attacker gained access to the network from an internal computer, approximately likely from a student PC in one of the labs. The attacker likely used keylogger software to discover administrator credentials.Once the attacker had the administrator access the systems he/she was able to create BOTs and push to many student PCs determined in various labs. The attacker then initiate a control attack by activation the BOTs in order to form a BotNet (a.k.a. Zombie Network) with the goal of intentionally causing online services to come unusable to students (ICECC, 2009). It is important to note that a single BOT alone could not have cause the fitting server unavailable. It was the combined effect of using many BOTs at once that produced the attackers desired effect of brim over the resources of the registration web server and rendering it unusable.Recommendation to Counter this type of DoS attackTo maintain or contrast the impact of keyloggers Deploy a firewall to block known keylogger software. Educate facility not to open e-mail from unknown users and not to click on links in emails from unknown users. Create a polity whereby users cannot install new software to a machine without opening a ticket with the helpdesk or requesting administrator access (ICECC, 2009). The student computers should be preloaded with all required applications.Deploy a file monitoring program, much(prenominal) as Tripwire to detect and notify if any changes have occurred to files (ICECC, 2009). Passwords should always be encrypted and never traverse the network in the clear. Harden Windows by making sure that the operating system are keep circulating(prenominal) with latest patches (ICECC, 2009). Keep anti-virus, anti-spyware programs up-to-date .Install firewall packages on all computers. Deploy an intrusion-detection (IDS) and intrusion-prevention systems (IPS). Segmenting off network with the use of routers or firewalls is some other method (Schifreen, 2006). However, the routers or firewalls will have to be configured to detect and block suspected BOT calling (please see network diagram for item with Blue Dotted Squares).ConclusionIt is important to note that there is no method that will secure a network totally from attack. However, we can prevent some of the most common attack vectors. Therefore security personnel must remain vigilant and seek to prevent the new level of attack (Schifreen, 2006).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.