Study the following e-mail message. When the link in the message is clicked, it will take you to an address like: http://hacker.xsecurity.com/in.htm. Note that hacker.xsecurity.com is not an official SuperShopper site!

What attack is depicted in the below e-mail?

Dear SuperShopper valued member,

Due to concerns, for the safety and integrity of the SuperShopper community we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports.

If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to update your records will result to your account cancellation. This notification expires within 24 hours.

Once you have updated your account records your SuperShopper will not be interrupted and will continue as normal.

Please follow the link below and renew your account information.

https://www.supershopper.com/cgi-bin/webscr?cmd=update-run

SuperShopper Technical Support http://www.supershopper.com

Steven, a security analyst for XYZ associates, is analyzing packets captured by Ethereal on a Linux Server inside his network when the server starts to slow down tremendously.
Steven examines the following Ethereal captures:

The network administrator at Spears Technology, Inc has configured the default gateway Cisco Router’s access-list as below:(Exhibit)

You are tried to conduct security testing on their network. You successfully brute-force for SNMP community string using a SNMP crack tool. The access-list configured at the router prevents you from establishing a successful connection.

You want to retrieve the Cisco Configuration from the router. How would you proceed?

Exhibit:

You have captured some packets in Ethereal. You want to view only packets sent from 10.0.0.22. What filter will you apply?

How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS’s on a network?

William has received a Tetris game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Tetris.

After William installs the game, he plays it for a couple of hours. The next day, William plays the Tetris game again and notices that his machines have begun to slow down. He brings up his Task Manager and sees the following programs running (see Screenshot):

What has William just installed?

Exhibit:

ettercap NCLzs –quiet

What does the command in the exhibit do in "Ettercap"?

Spears Technology, Inc is a software development company located in Los Angeles, California. They reported a breach in security, stating that its "security defenses has been breached and exploited for 2 weeks by hackers. "The hackers had accessed and downloaded 90,000 address containing customer credit cards and password. Spears Technology found this attack to be so to law enforcement officials to protect their intellectual property.

How did this attack occur? The intruder entered through an employees home machine, which was connected to Spears Technology, Inc’s corporate VPN network. The application called BEAST Trojan was used in the attack to open a "Back Door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge.

The hackers were traced back to Beijing China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Spears Technology’s network from a remote location, posing as employees. The intent of the attacker was to steal the source code for their VOIP system and "hold it hostage" from Spears Technology, Inc exchange for ransom.

The hackers had intended on selling the stolen VOIP software source code to competitors.

How would you prevent such attacks from occurring in the future at Spears Technology?

Erik notices a big increase in UDP packets sent to port 1026 and 1027 occasionally. He enters the following at the command prompt.

$ nc -l -p 1026 -u -v

In response, he sees the following message.

cell(?(c)????STOPALERT77STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION.

Windows has found 47 Critical Errors.

To fix the errors please do the following:

1. Download Registry Repair from: www.reg-patch.com

2. Install Registry Repair

3. Run Registry Repair

4. Reboot your computer

FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION!

What would you infer from this alert?

Michael is the security administrator for the for ABC company. Michael has been charged with strengthening the company’s security policies, including its password policies. Due to certain legacy applications. Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters. He has informed the company’s employes, however that the new password policy requires that everyone must have complex passwords with at least 14 characters. Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements. Michael has just logged on to one of the network’s domain controllers and is about to run the following command:

What will this command accomplish?