How would you compromise this system, which relies on cookie-based security?
Pearls Productions, an e-commerce website (http://www. pearl-productions-shop.com) uses a cookie to keep a user session active once a user has logged in. When a user successfully logs in to the application, a cookie is sent to the client containing the user ID, and this is referred to when the user requests certain functions from the server to make sure that the user has certain rights.
How would you compromise this system, which relies on cookie-based security?
What is Peter Smith talking about?
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, antispam systems and intrusion detection/prevention tools in your company’s network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of “weakest link” in the security chain.
What is Peter Smith talking about?
What is this technique called?
This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive task for an IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network.
What is this technique called?
?He brings up his Task Manager and sees the following programs running (see screenshot):What has William just
William has received a Tetris game from someone in his computer programming class through email.William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Tetris.
After William installs the game, he plays it for a couple of hours.The next day, William plays the Tetris game again and notices that his machine has begun to slow down.?He brings up his Task Manager and sees the following programs running (see screenshot):
What has William just installed?
Which of the following command Mason should run in Knoppix to permanently erase the data?
Mason is the network administrator of ata Machine Systems, Inc. He has been pushed aside in promotions due to office politics. He wants to take revenge on his oss, Matthew Smith. Being a disgruntled employee, Mason sneaks into Matthew’s office one night and boots his boss’s computer with the Knoppix CD-ROM and intends to erase the contents of his oss’s hard disk including the partition table without leaving any trace of his action. He intends to make the hard disk data unrecoverable even to forensics team.
Which of the following command Mason should run in Knoppix to permanently erase the data?
What technique is Shauna using here?
Shauna is the Senior Security Analyst for the Department of Defense, in charge of all aspects of the DoD’s internal network security.As one would expect, the DoD is constantly probed and scanned by outside IP addresses, trying to find an entry into the network.Shauna leads a large team of junior security analysts that make sure all entry points are closed off, unless that entry point must be kept open for business purposes.If something must be kept open, Shauna and her employees’ duty is to make sure that hole is not exploited by outside attackers.
One way that this is accomplished, is to not use traditional ports for normally used services.All employees and outside contractors that must obtain remote access for work, are notified of the non-standard ports, and thus are able to gain access.The traditional ports used for services like http are actually kept open, but they are redirected to a secure logical area and logged.These logs enable Shauna and her team to analyze who is trying to obtain unauthorized access, and prosecute if necessary.
What technique is Shauna using here?
Which of the following tools allows an attacker to intentionally craft packets to confuse pattern-matching NID
Most NIDS systems operate in layer 2 of the OSI model. These systems feed raw traffic into a detection engine and rely on the pattern matching and/or statistical analysis to determine what is malicious. Packets are not processed by the host’s TCP/IP stack allowing the NIDS to analyze traffic the host would otherwise discard. Which of the following tools allows an attacker to intentionally craft packets to confuse pattern-matching NIDS systems, while still being correctly assembled by the host TCP/IP stack to render the attack payload?
What is the obstructed IP address in the e-mail URL?
You receive an e-mail with the below message:
Hello Steve,
We are having technical difficulty in restoring user database records after the recent blackout.Your account data is corrupted. Please logon on to SuperEmailServices.com and change your password.
http://www.superemailservices.com%40c3405906949/support/logon.htm If you do not reset your password within 7 days, your account will be permanently disabled locking you out from using our e-mail services.
Sincerely,
Technical Support
uperEmailServices
From this e-mail you suspect that some hacker sent this message since you have been using their e-mail services for the last 2 years and they never have sent out an e-mail such as this. You also observe the URL in the message and want to confirm your suspicion about 3405906949, which looks like a base10 number. You enter the following at the Windows 2003 command prompt:
ping 3405906949
You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL?
How can you achieve this?
You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?
A distributed port scan operates by:
A distributed port scan operates by: