Network Security and Penetration Testing



Similar documents
Firewall Firewall August, 2003

Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant

Firewall Testing. Cameron Kerr Telecommunications Programme University of Otago. May 16, 2005

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Linux Network Security

Solution of Exercise Sheet 5

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Firewalls. configuring a sophisticated GNU/Linux firewall involves understanding

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Module Title: Auditing 2

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

Manage a Firewall Using your Plesk Control Panel Contents

Lab Objectives & Turn In

C)PTC Certified Penetration Testing Consultant

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Firewall implementation and testing

PROFESSIONAL SECURITY SYSTEMS

F-SECURE MESSAGING SECURITY GATEWAY

Security of IPv6 and DNSSEC for penetration testers

SCP - Strategic Infrastructure Security

Acquia Cloud Edge Protect Powered by CloudFlare

CloudFlare advanced DDoS protection

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Security vulnerabilities in the Internet and possible solutions

A perspective to incident response or another set of recommendations for malware authors

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Course Title: Penetration Testing: Security Analysis

Ethical Hacking as a Professional Penetration Testing Technique

Firewalls and Software Updates

Question: 3 When using Application Intelligence, Server Time may be defined as.

Network Security Fundamentals

SE 4C03 Winter 2005 Firewall Design Principles. By: Kirk Crane

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

Computer forensics

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)

CRYPTUS DIPLOMA IN IT SECURITY

CSCI 4250/6250 Fall 2015 Computer and Networks Security

Overview. Packet filter

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

How To Protect A Dns Authority Server From A Flood Attack

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006

Introduction of Intrusion Detection Systems

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

DDoS Attacks Can Take Down Your Online Services

z/os V1R11 Communications Server system management and monitoring

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Security Type of attacks Firewalls Protocols Packet filter

VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets

CORK INSTITUTE OF TECHNOLOGY INSTITIÚID TEICNEOLAÍOCHTA CHORCAÍ. Semester 1 Examination 2013/2014. Module Title: Strategic Finance for Agribusiness

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Lecture 23: Firewalls

ΕΠΛ 674: Εργαστήριο 5 Firewalls

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide

Firewalls and Intrusion Detection

Basic & Advanced Administration for Citrix NetScaler 9.2

Certified Penetration Testing Consultant

1. Firewall Configuration

DDoS Protection on the Security Gateway

CSE 127: Computer Security. Network Security. Kirill Levchenko

Attack and Defense Techniques

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

IPSEC for Windows Packet Filtering

Network Security. Network Packet Analysis

Configuring Security for FTP Traffic

GregSowell.com. Mikrotik Security

Hands-on Network Traffic Analysis Cyber Defense Boot Camp

information security and its Describe what drives the need for information security.

This chapter describes how to set up and manage VPN service in Mac OS X Server.

Introduction to Network Security Lab 1 - Wireshark

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

IDS / IPS. James E. Thiel S.W.A.T.

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

EKT 332/4 COMPUTER NETWORK

How To Industrial Networking

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

How To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)

Denial of Service Attacks

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

How To Understand A Firewall

This Lecture. The Internet and Sockets. The Start If everyone just sends a small packet of data, they can all use the line at the same.

Automated Vulnerability Scan Results

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Intrusion Detection. Tianen Liu. May 22, paper will look at different kinds of intrusion detection systems, different ways of

Network Load Balancing

Technical Notes TN 1 - ETG FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?

Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort

Transcription:

CORK INSTITUTE OF TECHNOLOGY INSTITIÚID TEICNEOLAÍOCHTA CHORCAÍ Semester 1 Examinations 2012/13 Module Title: Network Security and Penetration Testing Module Code: COMP9006 School: Science & Informatics Programme Title: MSc in Networking and Security Programme Code: KNSEC_9_Y5 External Examiner(s): Internal Examiner(s): Dr David Sinclair Mr V. Ryan Instructions: Answer any 6 questions Each Question is worth 20 Marks. Note that 120 Marks = 100%. Duration: 3 Hours Sitting: Winter 2012 Requirements for this examination: Note to Candidates: Please check the Programme Title and the Module Title to ensure that you are attempting the correct exaination. If in doubt please contact an Invigilator. Page 1 of 5

Question 1 a) Write a tcpdump command that will capture only DNS traffic that has the AA and TC bits set to 1. The following shows the layout of the DNS header. b) Explain how the idle host scan works and the rationale behind it. c) Detail one other approach to idle host scanning. (ref. Article from Pauldotcom.com) Page 2 of 5

Question 2 a) PoisonIvy is a backdoor trojan that allows unauthorized access and control of an affected machine. The network traffic generated by PoisonIvy begins with 256 bytes of seemingly random data after a successful TCP handshake. These bytes comprise a challenge request to see if the client (i.e., the RAT controller) is configured with the password embedded in the server (i.e., the victim). While the default port for PoisonIvy is 3460, it is most commonly seen used on ports 80, 443, and 8080 as well. After the challenge response is received, the client (i.e., controller) then sends 4 bytes specifying the size of the machine code that it will send. This value has consistently been D0 15 00 00. PoisonIvy also makes use of keep-alive requests that are 48 bytes long. These requests appear to be always of the same length, but their content differed depending on the password with which the PosionIvy client/server is configured. The default password, admin, is consistently detected. The figure below shows a capture of the 256-byte challenge request. Discuss how you would approach detecting PoisonIvy. b) Evaluate the Bell-La Padula security model. Page 3 of 5

Question 3 a) What information might be kept in the state table of a stateful firewall? Explain why this information is retained, and how the information evolves. b) Write iptables rules to allow incoming ping request to internal hosts from network 192.168.10.0/24, but only at a rate of 10 per minute. All other ping requests from this network should be logged and dropped. c) Describe one security related weakness in the design of IPv6. Question 4 a) Explore the concept of false positives as it applies to NIDS technology. As part of your answer, compare different types of NIDS as to their susceptibility to producing false positives. b) Describe and evaluate the use of hex encoding as an obfuscation technique. c) At the packet level, describe the differences between Tunnel and Transport mode in AH protocol as used in IPSec. Question 5 a) Describe in detail why it is important that DNS Queries/Responses randomize both the query-id and the source port. As part of your answer, describe in detail the cache poisoning technique which Dan Kaminsky demonstrated. [12 Marks] b) What do you understand by split-dns and why might it be employed? How can it be improved upon explain your answer in detail. Page 4 of 5

Question 6 a) What do you understand by the switch -PN as used in nmap? When and why might you use it? [5 Marks] b) How can we defend our network against port scanning? - Give details. [9 Marks] c) What is an ACK scan and what is it used for? Question 7 a) Explain how DNS can be used to amplify DDoS attacks. Detail at least two approaches using DNS. b) Explain in detail how XSS attacks work. Give details regarding how attackers can use them. Question 8 a) Discuss security issues relating to TCP port 3389. b) In the phases of incident handling, detail the purpose of the third phase and list 5 typical tasks that would normally be carried out during this phase. c) Outline how one can use netcat to create a backdoor. [4 Marks] Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information