Monday, January 6, 2020
Investigating Website
Investigating Website Introduction The advancement of technology has enabled businesses to seek technological solutions to improve operational efficiency. Companies have realized that operating on the frontiers of technology drives success and boosts the quality of service. However, regardless of the many benefits that technology brings, various challenges affect its adoption. Hacking has become a big concern for most organizations. Some of the software solutions used in businesses possess security risks as they are as vulnerable to attacks. Hackers are individuals with advanced skills in information technology and spend most of their time analyzing the vulnerabilities exposed by these solutions to find ways to penetrate the organizational systems. Established companies face the risk of hacking as the primary goal of these individuals is monetary gain by exposing sensitive company information including financial statements and trade secrets. They use sophisticated hacking tools that bypass the security perimeters put in place. Significantly, adhering to the security best practices can go a long way in discouraging hacking. Factors such turning on software updates, using the current versions, using strong antiviruses, and using monitoring tools such as IDS (intrusion detection systems) and IPS (intrusion prevention systems) can help mitigate these risks before they cause harm to the infrastructure in place. Fundamentally, the internet is considered insecure as it is not regulated. As such, users might download malware while visiting unverified sites that might compromise the system. As such, using firewalls and other monitoring tools can block the unwanted packets, thus serving as an additional layer of defense. Choosing the right network devices and software for the IT infrastructure is essential. Apart from improved efficiency, the software from recognized vendors ensures high security as they have enhanced features that block some common security threats. Software vulnerabilities and how to mitigate them Cross-scripting is one of the main attacks that affect systems in the contemporary society. This attack involves initiating malicious payloads into vulnerable web applications and software such as PAN-OS. Essentially, the hacker injects unencoded input into the output the web application generates. Most users usually visit unverified sites in the workplace during their free time to access information about entertainment, shopping experience, and general information about politics. Most of these sites might have malicious scripts injected in the web pages visited by end-user that might download into the computer. In many cases, these untrusted websites pop up with an attractive deadline to lure the end user to click on them. The hacker uses this opportunity to administer browser-side scripts to the targeted and unsuspecting end-user. Since the internet does not have security parameters to filter which content is malicious, the attackers take advantage to initiate attacks of this natur e. There exist two XSS attacks: reflected and stored attacks. For stored attacks, the injected scripts are severe and persistent as they permanently embed in the target end-users computer in the form of logs. When the user revisits the same site, the malicious script is replicated and it is permanently stored in the application database. On the other hand, the reflected attack appear when the injection is manifested in the form of error message when the end user tries accessing the website. Most of the reflected attacks are initiated by clicking web links that appear in emails. For instance, they tend to trick the user that he/she has won a prize and needs to click on the provided link to claim. The user is then prompted further to input personal details such as an email and phone number after which the script will be embedded into the target users email. Consequently, these two types of scripting attacks cause annoyance. They usually hijack the users sessions by redirecting to othe r sites that the customer did not request. This might lead to installing other malware such as Trojan horse and modifying content presented in the existing sites. There have been instances where cross-scripting attacks have resulted in changing the financial information of companies including their stock prices in the market. Other reports indicate that these attacks have compromised healthcare information by modifying prescribed dosage resulting in under-dose, or overdose. On the other hand, Synology and DSM software allow an authenticated-remote user to download any system file. The software does not consider the privileges each user as while accessing files. This possesses as a threat as the attack can use this capability to initiate cross-site scripting. However, ensuring the best practices when using the internet can help mitigate this type of attack. Firstly, users should be discouraged to access any site that is not https (secure). Http websites are untrusted as hackers use such site to initiate attacks. Also, it is advisable to refrain from clicking on any site that pop-up into the browser. Some of these attacks assume the exact links of the original site, and it is difficult sometimes to tell if they are fake. As such, always search the real company information by manually typing their links. Kerberos key distribution center (KDC) affects window server 2012 R2 and other older versions. This vulnerability grants users who sign into an active dir ectory domain system remotely administrative privileges using invalid session signature. By having administrative privileges, the hacker can access any computer belonging to the same domain. Microsoft is working countering this attack in future. On the other hand, versions of windows operating system exhibit a number of vulnerabilities including file sharing permissions, insufficient firewall protection, and lack of malware protection. Essentially, the file sharing capability in Windows 7 and 8.1 grants everyone on the network permission to access files from a file server located in another computer. This is risky as anyone on the network can access such file and inject scripts into the system corrupting all files. Also, the firewall feature present in the OS is inefficient as it cannot block all untrusted applications that masquerade as trusted. Also, it is incapable of filtering packets from the internet and blocking malicious ones. However, installing strong antivirus such as Kaspersky can help block unwanted programs. Also, installing host-based intrusion prevention software monitors malicious packets and blocks them. Hardware vulnerabilities and how to mitigate them Hardware components such as routers, PCs, Switches, Firewall, and servers also present a number of weaknesses. For instance, CAM table attack is common among switches. When the attackers gain unauthorized entry into the local area network, they flood the switch with mac-address until it becomes full; thus can listen to any frame across the network since it now acts as a hub. However, port security can help mitigate this problem by only enabling the switch to learn a specified number of mac addresses. In routers, especially, those that do not have firewall feature enabled. The attack can send requests through SQL injection to the local area network from the internet, accessing personal credentials of the users. As such using network-based honeypots and IPS (Intrusion Prevention systems) can help block such requests from the outside. Concerning the firewall, lack of creating zone to distinguish trusted zone and untrusted zone can pose a threat as anyone can easily infiltrate the system . To mitigate this problem, the administrator can implement the firewall functionality by using ACL command to filter and inspect packets. In summary, the ability to have the right measures in place for combating security vulnerabilities can help the company avoid losses. As such choosing the right software solutions and hardware is fundamental in securing the system from both the internal and external attacks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.