Paul Fischer
10/30/2016 revised: 11/11/2016
Kathleen Hyde
Steps to Secure and Map a Network
Jerry’s … Locked
Jerrys.media … Locked
MyCharterWiFi13-2G … Locked
MyCharterWiFiaa-2G … Locked and Inconsistent
MyCharterWiFiaa-5G … Locked
MyCharterWificb-2G … Locked
NETGEAR07 … Locked
NETGEAR47 … Locked
NETGEAR83 … Locked
NETGEAR83-5G … Locked
These networks are all locked. They have been mapped in this manner pursuant to a legal ruling by the Supreme Court of the United States of America in 2014 which allowed the google Fi program to map all wireless networks in the country. It is apparent that several are standardized while at least two appear to be commercial and bear the name of a local establishment. The transconnection groupings within similar names may be part of family contracts with wireless companies, which often allow multiple modems, or devices concurrent and component to the original registered device.
There do not appear to be any communications between these networks but evidence is not provided as to the nature of the networks. There may be a reference to the data communication extant in the devices, and the speed and coverage of the networks which have been connected. The average speed of the networks surveyed came to3G while the average speed of constant (not fluctuating) networks was found to be 3.5G, and these calculations also exclude the commercial connection.
To double check the results of this report, a search of the local region using google Fi reveals that the connection guaranteed for wireless devices is 4G. Speculation may commence thatanother high speed device exists without detection, that the sample is not large enough to provide a random group of devices or to determine the connection type possibilities of other local devices.
Steps a Security Firm Can Take to Protect Businesses From Cyber Attack
Security firms can be asked to help businesses with a number of different programs. Methods which can be taken to fight cybercrime in the financial sector include the use of honey nets, defensive programs, or other system structural changes. A list of such programs (Montcalm, 6) will follow along with a comprehensive step-by-step guide to preventing the ability of a Botnet program to enter into a system.
Airmagnet
SnifferWireless
Airopeeks
The Wireless Security Auditor
Netstumbler
Kismet
Methods of Intrusion
In order to understand the needs of security it is first necessary to outline the means of infection (Gibbs, 3-4). Firstly, wormlike replication indicates an evasion of intrusion detection systems by scanning a subnet using bots; malware can then be selectively inserted and replicated into unprotected networks while avoiding those with protection. Secondly, infected media such as thumbdrives and CD/DVDs can be used in the event of a physical breach. Finally, watering holes are used to instigate drive-by downloads in which undeclared downloads containing malware can insert code into a system.
While the first two are exceptionally useful in use against systems vulnerable to a physical breach or direct access, the last would be a concern only in companies with a high number of employees active on such “watering holes” that might allow a critical mass of localized traffic to obtain objective information either through a general attempt or in conjunction with wormlike replication software. It is important to remember that none of the three main methods of infection are mutually exclusive, and the presence of one likely indicates that various forms of the others are either en route or already have ben attempted.
IDPS systems of prevention
IDPS systems of prevention are recommended by the government, which will be outlined in the following section (Scarfone, 23-26). In the same way that infection techniques can build upon one another, nearly all protection services which are recommended by a government guide to intrusion detection and prevention systems are sensors. There are multiple typical components be aware of, which include appliance, software only, inline, and passive sensor systems.
Ironically enough, passive sensor systems are indeed the most effective of the systems in protection against a botnet intrusion. As was mentioned earlier, one way that aggressive attacks can enter through system protection services is by use of a reconnaissance program. Detection of these programs can be seen to be of paramount importance. An effective honey net will use information from mining techniques that have been collected into a crossplane correlation report that allows both the types of machines and the types of activities, such as “spamming or scanning” to be used in creation of the architecture of a honeynet with individualized pots to catch the onflow of attacking programs (Gibbs, 17-24).
Steps which can be recommended to secure a wireless network in a business setting:
Detection: Set up multiple forms of detection, not just one
-Mining-based Detection
-C-plane Monitoring
-DNS based detection
-Anomaly-based detection approaches
-Network based signature
This final list is an indication that the defense mechanisms outlined thus far are limited to a reaction to a detected scanning or spamming attempt to gain command and control servers which can pose a serious threat to computer resources. There is an intrinsic flow between botnet and vulnerable threat targets which also must be addressed to deactivate an attacker, and even after some command and control servers have been accessed, it may be necessary to include logging systems which can provide a critical director towards the one way flow of code which indicates the presence of a Botnet Master. It does absolutely no good, and only distributes company information and security resources to chase these attempts at taking down vulnerable threats, marked by a number of systems, so signature-based approaches allow low rates of false positives and decrease the chances that an alert or protective service will alert intruders.
References:
Gibbs, Peter. (2014), Botnet Tracking Tools. https://www.sans.org/reading-room/whitepapers/detection/botnet-tracking-tools-35347
Montcalm, Erik. (2003), How to Avoid Ethical and Legal Issues in Wireless Network Discovery. https://www.sans.org/reading-room/whitepapers/wireless/avoid-legal-issues-wireless-network-discovery-176
Scarfone, Peter (2012), Guide to Intrusion Detection and Prevention Systems.http://csrc.nist.gov/publications/drafts/800-94-rev1/draft_sp800-94-rev1.pdf
No comments:
Post a Comment