Answer To: Unit 19 Homework: Protecting VSI from Future Attacks Scenario In the previous class, you set up your...
Breeze Prakash answered on Jul 28 2021
Unit Q1 Ans:
A distributed denial of service (DDoS) attack is a malicious attempt to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server.
A DDoS attack is launched from numerous compromised devices, often distributed globally in what is referred to as a botnet. It is distinct from other denial of service (DoS) attacks, in that it uses a single Internet-connected device (one network connection) to flood a target with malicious traffic. This nuance is the main reason for the existence of these two, somewhat different, definitions.
Volume Based Attacks
Includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).
Protocol Attacks
Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in packets per second (Pps).
Application Layer Attacks
Includes low-and-slow attacks, GET/POST floods, attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second (Rps).
Question 2
· VSI has insider information that JobeCorp attempted to target users by sending "Bad Logins" to lock out every user.
· What sort of mitigation could you use to protect against this?
Ans:
A wide range of technologies are available to web application developers when implementing authentication mechanisms:
· HTML forms-based authentication
· Multifactor mechanisms, such as those combining passwords and physical tokens
· Client SSL certificates and/or smartcards
· HTTP basic and digest authentication
· Windows-integrated authentication using NTLM or Kerberos
· Authentication services
Administrative passwords may in fact be weaker than the password policy allows. They may have been set before the policy was in force, or they may have been set up through a different application or interface.
In this situation, any serious attacker will use automated techniques to attempt to guess passwords, based on lengthy lists of common values. Given today's bandwidth and processing capabilities, it is possible to make...