Preview

IS3440 Lab 1

Good Essays
Open Document
Open Document
364 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
IS3440 Lab 1
For this kind of scenario, I would have to create a server from scratch so I can be able to identify any types of vulnerabilities on any of these server requirements stated below. Any of these can be at risk at any time, so creating a new server from scratch would be most recommended. Because it is kind of safer than Windows because most viruses and worms are written for Windows but it doesn’t mean Linux can be attacked.
Server Requirements:
A Web Server
A database server
A Simple Mail Transfer Protocol (SMTP) server
A file server customers’ loan applications and other personal data files
First of all, since Linux is mostly an open-source type of software running server, it is very vulnerable to any kinds of attacks, or as Linux calls them, crackers. Many malicious attacks on Linux and related applications will also grow. The Web Server isn’t much of a risk because but it is still an important software that can have a high risk of being attacked because it’s known as an open-source, so having any personal information stored inside it, can be at risk of being exposed to a cracker (hacker).
The Database Server is a very high risk of vulnerabilities because this is where important data and files are being stored in. Again, this is still an open-source software so protecting this kind of software is important to the company. A Simple Mail Transfer Protocol (SMTP) and a file server for customers’ loan applications and other personal data files are a must protect! These are open-sources too, so basically all of these server requirements are open source, no surprise. But protecting all these will require a lot of attention especially the SMTP, file server for customers’ and the database server.
Here are some steps/tools that you can use to stop any kinds of attacks upon these servers:
Identify any risks/vulnerabilities these servers have
Open ports
Nessus
OpenSSH/PuTTY/SSH
Burp Suite
There’s more of these but these are the basics of protecting your Linux
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Powerful Essays

    IS3220 Lab 9 Chris Wiginton
    • 1518 Words
    • 5 Pages

    IS3220 Lab 9 Chris Wiginton

    Pktstat displays a real-time list of active connections seen on a network interface, and how much bandwidth is being used by what. Partially decodes HTTP and FTP protocols to show what filename is being transferred. X11 application names are also shown.…

    • 1518 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Good Essays

    Is3110 Unit 4
    • 406 Words
    • 2 Pages

    Is3110 Unit 4

    If the project is completed on time then there is no risk for completion. All of the regular risks that apply to a project built on time apply to this one regardless of whether you are building a new infrastructure or modifying an older one. If the project is finished one month early, the quantitative risk really does not exist. It is basically comparable to completing the project on time. Since the project is quoted at 3 million dollars it will stay the same regardless of how fast the project is finished. However, you may see differences. When you rush a project this large you could possibly cut corners or receive poor quality results. If the project is finished two months late there are additional risks. If the company expects to make $20 million dollars annually, and assuming that the 4% penalty is levied against this yearly figure and not within smaller period of time, one month late means that US Industries Incorporated loses $800,000 annually. There doesn't appear to be any additional risk, however, further penalties and the possible eventual loss of the contract to a competitor could result in a poor product. There again appears to be no real quantitative risk involved if the project is finished a month early with the security requirements. If the originally quoted $3 million dollars remains the same regardless of how fast the project is finished and not coupled with hourly or daily wages, then there is nothing to lose financially. However the companies go beyond the required 1.5% completion benchmarks that the contract demands. Rushing a project of this scale also comes with rushed results possibly cut corners or poor quality. The credibility of the company is at stake with such a high profile, high income project such as this, and it is important to use all of the time available to ensure the best product is on display for any customer. The finished project should meet both the time and security requirements but not the service agreement. There does not…

    • 406 Words
    • 2 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Is418 Lab8
    • 309 Words
    • 2 Pages

    Is418 Lab8

    How can one ensure a download tar ball is legitimate and hasn’t been tampered with?…

    • 309 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    IS3220 Identify Services and Their Uses
    • 438 Words
    • 2 Pages

    IS3220 Identify Services and Their Uses

    After reviewing the port scan results for the indicated hosts, one can readily see that some of these services must be disabled. Authentication services are necessary, I recommend configuring the system to pass or allow this service. The three services I know to be unnecessary, based on our network topology are the Secure Shell (SSH), Microsoft Remote Procedure Call (MSRPC), File Transfer Protocol (FTP). Simple Mail Transfer Protocol (SMTP) is essential to email communications in a Windows network, this service allows users within the network to send and receive emails. We do not allow remote users at this time, due to this MSRPC should be disabled, this protocol was heavily used in Windows 2000 environments, but is now highly vulnerable, and most networks have it disabled.…

    • 438 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    It 244 Appendix B
    • 3468 Words
    • 14 Pages

    It 244 Appendix B

    Awareness of these kinds of attacks is the key and to be prepared on the part of management and the user. They must be made aware of the consequences of their actions while using the network and accessing the data. The users of the network and system need to be prepared in case of an attack and have knowledge of…

    • 3468 Words
    • 14 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    IS4680 Lab 4 Q&A
    • 1180 Words
    • 4 Pages

    IS4680 Lab 4 Q&A

    1. What is a PHP Remote File Include (RFI) attack, and why are these prevalent in today’s Internet world?…

    • 1180 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Good Essays

    Lab 3 nt2580
    • 321 Words
    • 2 Pages

    Lab 3 nt2580

    . What are the three fundamental elements of an effective access control solution for information…

    • 321 Words
    • 2 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    IS3445 Lab 7
    • 371 Words
    • 2 Pages

    IS3445 Lab 7

    Yes, although such tools like these would automatically find security flaws with high degree of confidence that what it found was a flaw.…

    • 371 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Linux Security
    • 449 Words
    • 2 Pages

    Linux Security

    IS3440 Final Exam Review IS3440 Final Exam Review skong@itt tech.edu skong@itt‐tech.edu CIA triad CIA triad Remote Access Remote Access Virtualization OSSTMM WINE Access control Access control Authentication Databases Authentication Databases Firewall support Firewall support /etc/sudoers /etc/passwd /etc/login.defs PAM Edit /etc/sudoers Edit /etc/sudoers file FHS FHS recommended to locate configuration files in the /etc/ path FHS /etc/fstab Samba Encrypted Partitions and Volumes Encrypted Partitions and Volumes…

    • 449 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Magneto Essay
    • 551 Words
    • 3 Pages

    Magneto Essay

    First you must establish the level of security that would be required on your server. If you sell products online and receive payments from credit cards using the online portal then it becomes extremely important for you to choose a server that would equip you with level of security that is capable of protecting the sensitive data of your customers. Usually PGP and GNU security protocols are considered to be enough for a server running Linux or Windows. Magneto servers also use 128-bit encryption capabilities that provide enough security features for users to remain protected online.…

    • 551 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    IS3110 Week5 Lab
    • 503 Words
    • 2 Pages

    IS3110 Week5 Lab

    1 How do documented back-up and recovery procedures help achieve RTO? By recording and applying backup and recovery procedures that are listed, the recovery process is a lot smoother of a process, helping with the time portion of RTO. By having effective backup and recovery procedures you should have the necessary resources to restore systems from backups and a repeatable process that is known to succeed in achieving RTO.…

    • 503 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Information and Content Management Coursework
    • 3075 Words
    • 13 Pages

    Information and Content Management Coursework

    Investigate and evaluate different Enterprise Content Management Systems based on their total cost of ownership and make appropriate recommendations.…

    • 3075 Words
    • 13 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Cyber Security
    • 312 Words
    • 2 Pages

    Cyber Security

    knew about, now you have a problem. Everything you tried to keep a secret is now about to be…

    • 312 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Network Enterprising
    • 5765 Words
    • 24 Pages

    Network Enterprising

    The purpose of this assignment is to design and recommend a full network infrastructure for China Steel Ltd, a steel works organisation in China. The company have plants in every province throughout the country but up to now each has worked in isolation. Due to recent procurement problems and other issues, the company would like to connect all sites to a network so that ordering of raw materials, distribution and reporting becomes easier. In particular the network should support:…

    • 5765 Words
    • 24 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Computer Virus and Server-based Virus Protection
    • 20671 Words
    • 83 Pages

    Computer Virus and Server-based Virus Protection

    On 07/21/1999, I sent the first patch to the maintainer of the AMaViS project (A Mail Virus Scanner, http://www.amavis.org/, GPL’ed1 ) fixing the AntiViral Toolkit Pro/Linux call. Since then - among other stuff - I wrote and maintained several anti-virus modules (and still do). So, with the help of other people, AMaViS supports a wide range of anti-virus products. But wouldn’t it be easier to maintain only one anti-virus module, implementing a common protocol, to support all those anti-virus scanners? Also, back in 1999, I was looking for an on-access virus scanning solution for Samba fileservers2 , receiving a first Linux kernel-based solution via email in June ’99. More than a year later, I came across the Samba Virtual File System (VFS)3 . A half year later, I digged into the Samba VFS and started to work on a small piece of code which eventually became the samba-vscan project: onaccess file scanning directly integrated into Samba (GPL’ed, too). As nearly all the code I wrote past years was put under an Open Source License, I decided to release this thesis under the terms of the GNU Free Documentation License.…

    • 20671 Words
    • 83 Pages
    Powerful Essays
    Read More

Related Topics