A distributed port scan operates by:
A distributed port scan operates by:
What are the alternatives to defending against possible brute-force password attacks on his site?
Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his
firewall to block password brute force attempts on his network. He enables blocking the intruder’s
IP address for a period of 24 hours’ time after more than three unsuccessful attempts. He is
confident that this rule will secure his network from hackers on the Internet.
But he still receives hundreds of thousands brute-force attempts generated from various IP
addresses around the world. After some investigation he realizes that the intruders are using a
proxy somewhere else on the Internet which has been scripted to enable the random usage of
various proxies on each request so as not to get caught by the firewall rule.
Later he adds another rule to his firewall and enables small sleep on the password attempt so that
if the password is incorrect, it would take 45 seconds to return to the user to begin another
attempt. Since an intruder may use multiple machines to brute force the password, he also
throttles the number of connections that will be prepared to accept from a particular IP address.
This action will slow the intruder’s attempts.
Samuel wants to completely block hackers brute force attempts on his network.
What are the alternatives to defending against possible brute-force password attacks on his site?
What is the countermeasure against XSS scripting?
Consider the following code:
URL:http://www.certified.com/search.pl?
text=<script>alert(document.cookie)</script>
If an attacker can trick a victim user to click a link like this, and the Web application does not
validate input, then the victim’s browser will pop up an alert showing the users current set of
cookies. An attacker can do much more damage, including stealing passwords, resetting your
home page, or redirecting the user to another Web site.
What is the countermeasure against XSS scripting?
An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.
An nmap command that includes the host specification of 202.176.56-57.* will scan _______
number of hosts.
What type of Trojan is this?
What type of Trojan is this?
What can you infer from this information?
A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of
the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets
had an ICMP ID:0 and Seq:0. What can you infer from this information?
which step would you engage a forensic investigator?
Maintaining a secure Web server requires constant effort, resources, and vigilance from an
organization. Securely administering a Web server on a daily basis is an essential aspect of Web
server security.
Maintaining the security of a Web server will usually involve the following steps:
1. Configuring, protecting, and analyzing log files
2. Backing up critical information frequently
3. Maintaining a protected authoritative copy of the organization’s Web content
4. Establishing and following procedures for recovering from compromise
5. Testing and applying patches in a timely manner
6. Testing security periodically.
In which step would you engage a forensic investigator?
Which of the following commands runs snort in packet logger mode?
Which of the following commands runs snort in packet logger mode?
which of the following registers gets overwritten with return address of the exploit code?
In Buffer Overflow exploit, which of the following registers gets overwritten with return address of
the exploit code?
Which of the following command line switch would you use for OS detection in Nmap?
Which of the following command line switch would you use for OS detection in Nmap?