Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
LECTURER: MR P. KAIRA
TABLE OF CONTENTS
CHAPTER 1
1.0 ABSTRACT……………………...…………………………2
2.0 THREAT SHANDLED USING CRYPTOGRAPHY.......2
2.1 Man In The Middle………………………………….2
2.2 Physical Theft………………………..………………2
2.3 Dns Spoofing………………………………………….2
2.4 Piracy…………………………………………………3
3.0 VECTORS………………………………………………….3
3.1 Cases Where Vectors Were Diploid………………..3
3.2 Equifax………………………………………….……3
3.3 The Computer Breach At Jpmorgan Chase ………3
3.4 Talk Talk……………………………………….…….4
4.0 SOFTWARES USED TO HACK……………...…..4
4.1 Metasploit Framework…………………………...….4
4.2 John The Ripper……………………………….…….4
4.3 N-Mapcain And Able………………………….……..5
4.4 Hydra…………………………………………………5
5.0 THREATS…………………………………………….……5
6.0 SOLUTIONS…………………………………………...…….5
pg. 1
NETWORK THREATS
CH 1.0 ABSTRACT
This research is done to make finding on threats handled using cryptography, vectors and where
vectors where diploid due to negligence, and softwares used to hack, threats they carry as well as
the solution used to counter against them. Videos and reports to more finding can be obtain using
the hyperlinks created,
TEAM
The research was done by the following members
MEBBERT CHIYANGI ID-1913556
NIZA SINKAMBA ID-1913682
ELIJAH SOKONI ID-1913617
MAJOR MWANSA CHAMPO-1913637
CH 2.3 DNS Spoofing: DNS (Domain Name System) is the technology that translates
domain names to the IP addresses of the server it corresponds to. DNS spoofing is a type
of attack in which an attacker intercepts a DNS request and returns the address that leads
to its own server instead of the real address. The use of encrypted communications can
pg. 2
prevent against this. An attacker might stage a DNS spoofing an attack, they will find it
difficult to spoof the encryption certificate. The victim of the attack will then get a
warning telling them that the certificate could not be verified.
Video
CH 2.4 Piracy: Using digital signatures can prevent against illegal replication of
documents, files or software. Digital signatures are created using Public-Key Encryption.
Digital signatures require each user to have public and private keys that are
mathematically linked. When a document is signed, it creates a crypto code which is
embedded in the document. At the time of verification, the signers public key is used to
reveal the digital code and to verify the document. report
CH 3.0 VECTORS
(Stevens, 2016) An attack vector is a path or means by which a hacker can gain access to a
computer or network in order to deliver a payload or malicious outcome, Hackers use these
vectors to exploit vulnerabilities in the systems in order to take control over sensitive data
Many types of cybersecurity breaches that affect the three principles of security fall into three
different attack vectors:
Phishing Attacks
SQL Injection Attacks
DDOS Attacks
Bad actors use these attack vectors to infiltrate a network or disrupt access to sensitive data,
whether that is personally identifiable information (PII), payment card information, health care
information, intellectual property, or another type of data.
CH.3.2 EQUIFAX
In the First cases we are looking at Equifax data breach that resulted in 140 million which was
preventable but was venerable due to their failure to modernize the technologies, failed to patch system
when vulnerabilities were detected and data was stored on outdated subpar system. A video and report
shows more about the case.
Click the hyperlinks to get more insight videos and reports.
pg. 3
the largest intrusion of an American bank to date — might have been thwarted if the bank had installed a
simple security fix to an overlooked server in its vast network, new York times report and video 1 also
video 2 shows more investigations
pg. 4
CH 4.3 N-map
This is a network mapper, flexible an powerful tool, it can bounce TCP and UDP packets around
like a pinball wizard, also slicing open misconfigured firewalls
CH 4 .5 HYDRA
A fast network logon which support many different services, it is a paralised login cracker which
supports numerals protocols to tack
CH 5.0 THREATS
A threat is any activity that can lead to data loss/corruption through to disruption of normal
business operations. These include
Virus, Trojans, Worms, Spyware, Key loggers, Adware, Denial of Service Attacks, Distributed
Denial of Service Attacks Unauthorized access to computer systems resources such as data and
Phishing.
CH 6.0 SOLUTIONS
To find more on each of the solution click the hyperlinks
To protect computer systems from the above-mentioned threats, one must have logical security
measures in place. The following list shows some of the possible measures that can be taken to
protect cyber security threats.
To protect against viruses, Trojans, worms, etc. you need anti-virus software. In additional to the
anti-virus software and put port access control measures on the usage of external storage devices
and visiting the website that is most likely to download unauthorized programs onto the user’s
computer.
Unauthorized access to computer system resources can be prevented by the use of authentication
methods. The authentication methods can be, in the form of user ids and strong passwords, smart
cards or biometric, key log scrambler , also other resolution to phishing and adware are licked
Here etc.
Intrusion-detection/prevention systems can be used to protect against denial of service
attacks.There are other measures too that can be put in place to avoid denial of service attacks.
(Guru, 2019)
pg. 5
References
Guru, 2019. Guru99. [Online]
Available at: https://www.guru99.com/potential-security-threats-to-your-computer-systems.html#3
[Accessed 5th June 2019].
Stevens, M., 2016. bitsights. [Online]
Available at: https://www.bitsight.com/blog/attack-vectors-types-of-security-breaches%3fhs_amp=true
[Accessed 6th June 2019].
Williams, C., 2017. Centrify. [Online]
Available at: https://blog.centrify.com/the-uber-data-breach/
[Accessed 4th June 2019].
pg. 6