Rookkit

Describe in your own words what a rootkit is along with how you can detect and remove it.

An initial post must be between 250-300 words and is due by Thursday

Don't use plagiarized sources. Get Your Custom Essay on

Rookkit

Just from $13/Page

Order Essay

not urgenttwo days

Fundamentals of Information Systems Security

Lesson 3

Malicious Attacks,

Threat

s, and Vulnerabilities

8 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

Page ‹#›

Fundamentals of Information Systems Security

www.jblearning.com
All rights reserved.
1

Learning Objective(s)

Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.

Key Concepts

Malicious software

and countermeasures

Common attacks and countermeasures

Social engineering and how to reduce risks

Threats and types of attacks on wireless networks

Threats and types of attacks on web applications

Malicious Activity on the Rise

Examples of the malicious attacks are everywhere

Data breaches occur in both public and private sectors

In 2013, China was top country of origin for cyberattacks, at 41 percent

United States was second at 10 percent

What Are You Trying to Protect?

Customer data

IT and network infrastructure

Intellectual property

Finances and financial data

Service availability and productivity

Reputation

What Are You Trying to Protect?

Black-hat

hacker: Tries to break IT security and gain access to systems with no authorization in order to prove technical prowess. Black-hat hackers generally develop and use special software tools to exploit vulnerabilities. May exploit holes in systems but generally do not attempt to disclose vulnerabilities they find to the administrators of those systems.

White-hat

hacker: Also called an ethical hacker, is an information systems security professional who has authorization to identify vulnerabilities and perform penetration testing. Difference between white-hat hackers and black-hat hackers is that white-hat hackers will identify weaknesses for the purpose of fixing them, and black-hat hackers find weaknesses just for the fun of it or to exploit them.

Gray-hat

hackers: A hacker who will identify but not exploit discovered vulnerabilities, yet may still expect a reward for not disclosing the vulnerability openly.
Cracker: Has a hostile intent, possesses sophisticated skills, and may be interested in financial gain. Crackers represent the greatest threat to networks and information resources.
9/3/2019
(c) ITT Educational Services, Inc.
7

Hackers

Black-hat

White-hat

Gray-hat

Attack Tools
Protocol analyzers (sniffers)
Port scanners
OS fingerprint scanners

Vulnerability

scanners
Exploit software
Wardialers
Password crackers
Keystroke loggers

9/3/2019
(c) ITT Educational Services, Inc.
8

What Is a Security Breach?
Any event that results in a violation of any of the C-I-A security tenets
Some security breaches disrupt system services on purpose
Some are accidental and may result from hardware or software failures

9/3/2019
(c) ITT Educational Services, Inc.
9

Activities that Cause Security Breaches

9/3/2019
(c) ITT Educational Services, Inc.
10

Denial of service (DoS) attacks

Distributed denial of service (DDoS) attacks

Unacceptable web-browsing behavior

Wiretapping

Use of a backdoor to access resources

Accidental data modifications

Denial of Service Attack
A coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks
Logic attacks
Flooding attacks
Protect using
Intrusion prevention system (IPS)
Intrusion detection system (IDS)
Attacks launched using
SYN flood
Smurfing

Overloads computers and prevents legitimate users from gaining access

More difficult to stop than a

DoS attack

because DDoS originates from different sources

Unacceptable Web Browsing
Define acceptable web browsing in an acceptable use policy (AUP)
Unacceptable use can include:
Unauthorized users searching files or storage directories
Users visiting prohibited websites

Between-the-lines wiretapping

: This type of wiretapping does not alter the messages sent by the legitimate user but inserts additional messages into the communication line when the legitimate user pauses.

Piggyback-entry wiretapping

: This type of wiretapping intercepts and modifies the original message by breaking the communications line and routing the message
to another computer that acts as a host.
9/3/2019
(c) ITT Educational Services, Inc.
14

Active

Between-the-lines wiretapping

Piggyback-entry wiretapping

Passive

Also called sniffing

Backdoors
Hidden access included by developers
Attackers can use them to gain access
Data

Modifications

Data that is:
Purposely or accidentally modified
Incomplete
Truncated

Spam and spim

Hoax

Risk

s, Threats, Vulnerabilities

Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Threats exploit vulnerabilities, which creates risk.
You cannot eliminate risk.
You can minimize the impact of threats.
You can reduce the number of vulnerabilities.
Minimizing threats and reducing vulnerabilities lessens overall risk.
Threats, risks, and vulnerabilities negatively impact the CIA triad.
9/3/2019
(c) ITT Educational Services, Inc.
17

Risk

Probability that something bad is going to happen to an asset

Threat

Any action that can damage or compromise an asset

Vulnerability

An inherent weakness that may enable threats to harm system or networks

Most Common Threats

Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Vulnerability covers a wide range of system and network weaknesses.
Insecure servers or services include outdated packages, poorly programmed software, and cleartext protocols where encrypted protocols should be used.
Exploitable applications and protocols include programming flaws that can be manipulated by attackers.
Unprotected systems or network resources include development servers left in the open.
Traffic interception and eavesdropping reveals private communications to snooping eyes.
Lack of preventive or protective measures allows malware to infiltrate the network.
9/3/2019
(c) ITT Educational Services, Inc.
18

Malicious software

Hardware or software failure

Internal attacker

Equipment theft

External attacker

Natural disaster

Industrial espionage

Terrorism

Threat Types

9/3/2019
(c) ITT Educational Services, Inc.
19

Disclosure threats

Sabotage

Espionage

Alteration threats

Denial or destruction threats

DoS attack

Unauthorized changes

What Is a Malicious Attack?

Fabrications

: Fabrications involve the creation of some deception in order to trick unsuspecting users.

Interceptions

: An interception involves eavesdropping on transmissions and redirecting them for unauthorized use.

Interruptions

: An interruption causes a break in a communication channel, which blocks the transmission of data.
Modifications: A modification is the alteration of data contained in transmissions or files.
9/3/2019
(c) ITT Educational Services, Inc.
20

Four categories of attacks

Fabrications

Interceptions

Interruptions

Modifications

Types of Active Threats
Birthday attacks
Brute-force password attacks
Dictionary password attacks
IP address spoofing
Hijacking

Replay attacks

Man-in-the-middle attacks
Masquerading
Social engineering
Phishing
Phreaking
Pharming

9/3/2019
(c) ITT Educational Services, Inc.
21

What Is Malicious Software?

Software that:

Causes damage

Escalates security privileges

Divulges private data

Modifies or deletes data

Virus
Attaches itself to or copies itself into another program on a computer
Tricks the computer into following instructions not intended by the original program developer
Infects a host program and may cause that host program to replicate itself to other computers
User who runs infected program authenticates the virus

Modifies or replaces one or more existing programs to hide traces of attacks

Many different types of rootkits

Conceals its existence once installed

Is difficult to detect and remove

Spyware

Type of malware that specifically threatens the confidentiality of information

Monitors keystrokes

Scans files on the hard drive

Snoops other applications

Installs other spyware programs

Reads cookies

Changes default homepage on the web browser

What Are Common Types of Attacks?

Attacks on availability

: These attacks impact access or uptime to a critical system, application, or data.

Attacks on people

: These attacks involve using coercion or deception to get another human to divulge information or to perform an action (e.g., clicking on a suspicious URL link or opening an email attachment from an unknown email address).

Attacks on IT assets

: These attacks include penetration testing, unauthorized access, privileged escalation, stolen passwords, deletion of data, or performing a data breach.
9/3/2019
(c) ITT Educational Services, Inc.
28

Attacks on availability

Attacks on people

Attacks on IT assets

Social Engineering Attacks

Authority

: Using a position of authority to coerce or persuade an individual to divulge information.
Consensus/social proof: Using a position that “everyone else has been doing it” as proof that it is okay or acceptable to do.

Dumpster diving

: Finding unshredded pieces of paper that may contain sensitive data or private data for identity theft.
Familiarity/liking: Interacting with the victim in a frequent way that creates a comfort and familiarity and liking for an individual (e.g., a delivery person may become familiar to office workers over time) that might encourage the victim to want to help the familiar person.
Hoax: Creating a con or a false perception in order to get an individual to do something or divulge information.

Impersonation

: Pretending to be someone else (e.g., an IT help desk support person, a delivery person, a bank representative).
Intimidation: Using force to extort or pressure an individual into doing something or divulging information.
Trust: Building a human trust bond over time and then using that trust to get the individual to do something or divulge information.
Scarcity: Pressuring another individual into doing something or divulging information for fear of not having something or losing access to something.

Shoulder surfing

: Looking over the shoulder of a person typing into a computer screen.
Tailgating: Following an individual closely enough to sneak past a secure door or access area.
Urgency: Using urgency or an emergency stress situation to get someone to do something or divulge information (e.g., claiming that there’s a fire in the hallway might get the front desk security guard to leave their her desk).

Vishing

: Performing a phishing attack by telephone in order to elicit personal information; using verbal coercion and persuasion (“sweet talking”) the individual under attack.

Whaling

: Targeting the executive user or most valuable employees, otherwise considered the “whale” or “big fish” (often called spear phishing).
9/3/2019
(c) ITT Educational Services, Inc.
29

Authority

Dumpster diving

Hoax

Impersonation

Shoulder surfing

Vishing

Whaling

Wireless Network Attacks

Bluejacking

: Hacking and gaining control of the Bluetooth wireless communication link between a user’s earphone and smartphone device.
Bluesnarfing: Packet sniffing communications traffic between Bluetooth devices.

Evil twin

: Faking an open or public wireless network to use a packet sniffer on any user who connects to it.

IV attack

: Modifying the initialization vector of an encrypted IP packet in transmission in hopes of decrypting a common encryption key over time.
Jamming/Interference: Sending radio frequencies in the same frequency as wireless network access points to jam and interfere with wireless communications and disrupting availability for legitimate users.
Near field communication attack: Intercepting, at close range (a few inches), communications between two mobile operating system devices.
Packet sniffing: Capturing IP packets off a wireless network and analyzing the TCP/IP packet data using a tool such as Wireshark.
Replay attacks: Replaying an IP packet stream to fool a server into thinking you are authenticating to it.
Rogue access points: Using an unauthorized network device to offer wireless availability to unsuspecting users.
War chalking: Creating a map of the physical or geographic location of any wireless access points and networks.

War driving

: Physically driving around neighborhoods or business complexes looking for wireless access points and networks that broadcast an open or public network connection.
9/3/2019
(c) ITT Educational Services, Inc.
30

Bluejacking

Evil twin

IV attack

Packing sniffing

Replay attacks

War chalking

War driving

Web Application Attacks

Buffer overflow

: Attempting to push more data than the buffer can handle, thus creating a condition where further compromise might be possible.

Client-side attack

: Using malware on a user’s workstation or laptop, within an internal network, acting in tandem with a malicious server or application on the Internet (outside the protected network).
Cookies and attachments: Using cookies or other attachments (or the information they contain) to compromise security.
Cross-site scripting (XSS): Injecting scripts into a web application server to redirect attacks back to the client. This is not an attack on the web application but rather on users of the server to launch attacks on other computers that access it.
Directory traversal /command injection: Exploiting a web application server, gaining root file directory access from outside the protected network, and executing commands, including data dumps.

Header manipulation

: Stealing cookies and browser URL information and manipulating the header with invalid or false commands to create an insecure communication or action.
Integer overflow: Creating a mathematical overflow which exceeds the maximum size allowed. This can cause a financial or mathematical application to freeze or create a vulnerability and opening.

Lightweight Directory Access Protocol (LDAP) injection

: Creating fake or bogus ID and authentication LDAP commands and packets to falsely ID and authenticate to a web application.
Local shared objects (LSO): Using Flash cookies (named after the Adobe Flash player), which cannot be deleted through the browser’s normal configuration settings. Flash cookies can also be used to reinstate regular cookies that a user has deleted or blocked.
•

Malicious add-ons

: Using software plug-ins or add-ons that run additional malicious software on legitimate programs or applications.
•

SQL injection

: Injecting Structured Query Language (SQL) commands to obtain information and data in the back-end SQL database.
• Watering-hole attack: Luring a targeted user to a commonly visited website on which has been planted the malicious code or malware, in hopes that the user will trigger the attack with a unknowing click.
•

XML injection

: Injecting XML tags and data into a database in an attempt to retrieve data.
• Zero-day: Exploiting a new vulnerability or software bug for which no specific defenses yet exist.
9/3/2019
(c) ITT Educational Services, Inc.
31

Buffer overflow

Header manipulation

Lightweight Directory Access Protocol (LDAP) injection

Malicious add-ons

SQL injection

XML injection

Client-side attack

What Is a Countermeasure?

Countermeasures

Detect vulnerabilities

Prevent attacks

Respond to the effects of successful attacks

Get help from

Law enforcement agencies

Forensic experts

Security consultants

Security incident response teams (SIRTs)

Countering Malware
Create a user education program
Post regular bulletins about malware problems
Never transfer files from an unknown or untrusted source (unless anti-malware is installed)
Test new programs or open suspect files on a quarantine computer
Install anti-malware software, make sure it remains current, and schedule regular malware scans
Use a secure logon and authentication process

Firewall

Program or dedicated hardware device

Denies or permits traffic based on a set of rules

Inspects network traffic passing
through it

Summary
Malicious software and countermeasures
Common attacks and countermeasures
Social engineering and how to reduce risks
Threats and types of attacks on wireless networks
Threats and types of attacks on web applications

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

Order Now Talk to Us

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

Most Qualified Writer $10FREE
Plagiarism Scan Report $10FREE
Unlimited Revisions $08FREE
Paper Formatting $05FREE
Cover Page $05FREE
Referencing & Bibliography $10FREE
Dedicated User Area $08FREE
24/7 Order Tracking $05FREE
Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

On-time Delivery
24/7 Order Tracking
Access to Authentic Sources

Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

Call Us +1 (877) 657-8180 Discuss Order Details Now

See How We Helped 9000+ Students Achieve Success

We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

Clear elicitation of your requirements.
Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

Proactive analysis of your writing.
Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

Thorough research and analysis for every order.
Deliverance of reliable writing service to improve your grades.

Place an Order Start Chat Now

Rookkit

What Will You Get?

Premium Quality

Experienced Writers

On-Time Delivery

24/7 Customer Support

Complete Confidentiality

Authentic Sources

Moneyback Guarantee

Order Tracking

Areas of Expertise

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Areas of Expertise

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Trusted Partner of 9650+ Students for Writing

Preferred Writer

Grammar Check Report

One Page Summary

Plagiarism Report

Free Features $66FREE

Our Services

Academic Writing

Professional Editing

Thorough Proofreading

Thorough Proofreading

Delegate Your Challenging Writing Tasks to Experienced Professionals

Check Out Our Sample Work

It May Not Be Much, but It’s Honest Work!

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate

Process as Fine as Brewed Coffee

Share Your Requirements

Place Order & Deposit Funds

Release Payment to Your Writer

See How We Helped 9000+ Students Achieve Success

We Analyze Your Problem and Offer Customized Writing

We Mirror Your Guidelines to Deliver Quality Services

We Handle Your Writing Tasks to Ensure Excellent Grades