Network security is a critical component of any firm, especially with the rising incidences of cyber espionage. Deploying and maintaining the best security exposure requires that a firm understands vulnerabilities that can be exploited on its network, and take mitigation measures to avoid being a victim of a cyber attack.
Network security is a critical component of any firm, especially with the rising incidences of cyber espionage. Deploying and maintaining the best security exposure requires that a firm understands vulnerabilities that can be exploited on its network, and take mitigation measures to avoid being a victim of a cyber attack. To understand how well a network and computers on the network are secured, it is important to carry out security scans - at a minimum - or a full penetration testing.
A number of tools can be used to scan a network for vulnerabilities. Key among them include; Open VAS,TCPdump, Metasploit, Nmap, PRTG and GFI LanGuard. For this assignment, the tools of choice are Metasploit and Nmap.
Nmap or Network Mapper is a tool for network scanning; a process that entails discovery of active hosts on a given network, as well as information about the given hosts . NMAP scans a network and builds a map of the network, informing on active hosts, operating system running on the hosts, active ports , applications and services. Nmap maps out a network by sending out well crafted packets to the host, and depending on the responses, the tool can tell the active hosts . The tool provides 4 basic scanning facilities; Network Mapping, Port Scanning, Service and Version Detection and OS Detection. Additionally, the tool can be extended to perform advanced network scanning such as evading firewalls and perimeter defences, vulnerability detection, masking the origin of the scan and timed scans which enable stealthy scans .
Information obtained through Nmap, such as open ports is used to launch attacks through the openings. For the case where Nmap reports on software versions running on a host, the information can be used to look for specific vulnerabilities for the given software version.
Metasploit is a tool for scanning a network or host for security vulnerabilities . The tool comes bundled with the ability to scan for vulnerabilities, exploits that can be used to compromise the vulnerabilities, payloads for the exploits, encoders and auxiliary modules . The exploits are OS and application specific, thus when a scan finds an application with a known vulnerability, it can easily be exploited using the bundled exploits and payload .
Network security attacks can be devastating to an organization, business or even a government. Recent attacks, such as the hack on Sony Systems, attacks on Equifax - an American credit company , and Ashley Madison just shows how devastating an attack can be. In all the attacks, the hacking follows four critical steps, as outline in  ;
Reconnaissance or Information gathering is the first stage of an attack, and is the subject of this paper. An attacker gathers information through scanning the target, Enumerating the services and foot printing the victim . Information gathering helps in identifying network vulnerabilities can be exploited on the target network or system. The attacker understands the attack environment by getting information about ports, machines on the network, services running, operating systems among other.
After gathering sufficient information, and depending on the nature of vulnerability, an attacker can launch an attack through a number of attack vectors. The most common attack types as outline in  includes; Denial-of-Service Attack, Intrusion, Virus, Worms, Trojans, Buffer Overflow attacks, Advanced Persistent Threats, Eavesdropping and Traffic analysis attacks.
With intrusion attacks, a hacker tries to gain unauthorized access to a computing resource, to access or manipulate information . With DoS attacks, the target is flooded with too many bogus requests, from other compromised hosts, to take up computing resources, thus starving genuine requests and rendering the network or computer unusable . Viruses and Worms on the other hand are used to either carry out automated exploits, send information to the attacker or used to launch attacks such as DoS attacks on other hosts .
For this exercise, we used Nmap to scan a network for hosts and vulnerabilities. Step one of this involved downloading and installing Nmap on the laptop. This was then followed by an quick ping scan of the targeted network with IP range; 192.168.43.1/24, intended to aid in discovering hosts on the network.
The next step was carrying out an intense scan to discover the ports, services and OSs running on the discovered hosts.
From the scan; two hosts were active; one of the host is the local windows machine used for scanning, while the other was an Android phone., as shown below.
The Open port 53 on the Android phone runs a domain name resolutions service dnsmasq 2.51. The software running on the port dnsmasq the most commonly used , lightweight DHCP and DNS server, which finds wide usage in home networks, for managing DHCP leases and as a caching DNS stub resolver . Many phone and network equipment manufacturers prefers to use dnsmasq as it consumes very low computing resources, is highly flexible and simple to configure . The summary of vulnerabilities for this software are as summarized below;
The version running on this device, dnsmasq 2.51, has 4 main known vulnerabilities; information leak, Segmentation fault, Stack buffer overflow and Heap buffer overflow . The most severe of the vulnerabilities can be triggered by using a malicious domain that would send DNS requests to the dnsmasq, and make it cache the replies from the domain. Carefully constructed DNS requests and responses to the dnsmasq would result in an internal buffer overflow on the heap; this has the potential of allowing the execution of the attacker's payload . A second vulnerability with dnsmasq 2.51still relates to buffer overflow, enabling an attacker to launch a DoS attack.
Since the network had only two live hosts; the host from which the scanning were being done and the Android phone on the network, the Metasploit scans were only done to confirm the findings of what was found with Nmap.
Threats related to the outdated dnsmasq software can be mitigated by updating the software or applying security patches. According to , the vulnerability was in versions lower than 2.78, after which the vulnerability was fixed. For android devices, the security patch was released in October of 2017. For this specific device, still running dnsmasq version 2.51, the urgent solution is to patch the software with the security patch or allow the device to update critical updates.
This paper has presented a theoretical analysis and practical information gathering, using Nmap and Metasploit tools. Being the first step in the hacking process, as well as being a critical step for IT security specialists, the tools used in reconnaissance are critical in ensuring maximum network security is achieved. Both Nmap and Metasploit aids in this endeavour by facilitating network scanning; identifying open ports, services, software applications, operating systems and vulnerabilities that can be exploited.
Nmap maps out a network by sending out well crafted packets to the host, and depending on the responses, the tool can tell the active hosts. It scans a network and builds a map of the network, informing on active hosts, operating system running on the hosts, active ports , applications and services. On the other hand, Metasploit scans a network or a host for vulnerabilities. Besides providing scanning capabilities, the tool comes bundled with the ability to scan for vulnerabilities, exploits that can be used to compromise the vulnerabilities, payloads for the exploits, encoders and auxiliary modules.
The practical information-gathering exercise discovered a major vulnerability on an Android phone that was serving as a Wireless Network hotspot. The outdated dnsmasq has know vulnerabilities which can be exploited through buffer overflow attacks. The vulnerability can however be fixed through patching of the application or updating the software.
Mark. "Host Discovery with nmap." Exploring nmap's default behavior1 (2002): 16.
C. Joshua. "An analysis of the ids penetration tool: Metasploit." The InfoSec Writers Text Library, Dec9 (2010).
M. Andriotis, Rapoport, and R. McMillan. "‘We’ve been breached’: Inside the Equifax hack." Editorial], The Wall Street Journal(2017).
Bhuyan, H. Monowar, D Bhattacharyya, and J. K. Kalita. "Surveying port scans and their detection methodologies." The Computer Journal54.10 (2011): 1565-1581.
H, Nazrul, et al. "Network attacks: Taxonomy, tools and systems." Journal of Network and Computer Applications40 (2014): 307-324.
H, Simon, and R Hunt. "A taxonomy of network and computer attacks." Computers & Security1 (2005): 31-43.
Bhuyan, H. Monowar, D. K. Bhattacharyya, and J. K. Kalita. "Network anomaly detection: methods, systems and tools." Ieee communications surveys & tutorials16.1 (2014): 303-336.
RedHat, dnsmasq: Multiple Critical and Important vulnerabilities. [Online] Available at https://access.redhat.com/security/vulnerabilities/3199382
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2019). Network Security. Retrieved from https://myassignmenthelp.com/free-samples/bn203-network-security.
"Network Security." My Assignment Help, 2019, https://myassignmenthelp.com/free-samples/bn203-network-security.
My Assignment Help (2019) Network Security [Online]. Available from: https://myassignmenthelp.com/free-samples/bn203-network-security
[Accessed 12 December 2019].
My Assignment Help. 'Network Security' (My Assignment Help, 2019) <https://myassignmenthelp.com/free-samples/bn203-network-security> accessed 12 December 2019.
My Assignment Help. Network Security [Internet]. My Assignment Help. 2019 [cited 12 December 2019]. Available from: https://myassignmenthelp.com/free-samples/bn203-network-security.
MyAssignmenthelp.com has become preferred online assignment help provider in Australia due to its efficiency and professionalism. Our highly skilled assignment writers work day in and day out to resolve students' doubts 'can I do my assignment perfectly' or 'will I able to write my assignment exactly in a manner that professors want' and provide them needed Assignment Help. Hence, students, who avail our services, get the chance to secure higher grades.
Answer: Introduction The specific data network or the computerized network can be defined as the digital telecommunications network, which enables various nodes to share several resources . These computer devices are responsible for exchanging the sensitive information or data with each other by taking the major help of few data connections in the nodes. These data connections can be easily established with the cable media such as wires, o...Read More
Answer: Introduction The purpose of this report is to discuss about the network of healthcare organisations. A detailed literature review discussing the network of a healthcare organisation is provided. The architecture of a healthcare network is provided in this report. A detailed discussion of the networking devices such as routers, firewalls, switches, and servers is provided in this report. The recent developments in the network of a heal...Read More
Answer: Introduction After a detailed investigation of the infrastructure of the organization and identification of the needs of the network the report is prepared. The current needs of the organization is to establish a VPN connection between remote sites of the same organization and securely transmission of the data packets in the network. The success of the development of the network depends on the successful implementation of the VPN. The V...Read More
Answer: Introduction: In this task the main objective is to perform task 1 and task 2 to have an insight about the time needed to write problems in different languages when written repeatedly. In particular at first 7 random students’ required time to write problem 1 in language A and B and problem 2 in language A is selected from a total of 14 students’ data. Then the average time is calculated for each attempt for the three task...Read More
Answer: Part 1 Set of Questionaries’ for gathering of requirement from various users What kind of software application are needed to be installed in the given workstation? How many users are needed for building a group and creating a proper network access? What are kind of network device and hardware needed for establishing proper kind of communication between several LAN in the given network? What are the present constraint encou...Read More
Just share your requirements and get customized solutions on time.
Our writers make sure that all orders are submitted, prior to the deadline.
Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.
Feel free to contact our assignment writing services any time via phone, email or live chat.
Our writers can provide you professional writing assistance on any subject at any level.
Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.
Get all your documents checked for plagiarism or duplicacy with us.
Get different kinds of essays typed in minutes with clicks.
Calculate your semester grades and cumulative GPa with our GPA Calculator.
Balance any chemical equation in minutes just by entering the formula.
Calculate the number of words and number of pages of all your academic documents.
Our Mission Client Satisfaction
Thank you for such a good job, this site has been a God sent for me. It has helped so much. God bless you all for all you do.
Good work. Assignment met my expectations. More relevant to the questions. Solution was available before the deadline.
it perfect assignment, I really want to thank you for helping me.It is a great job.
I got the assignment very fast and normally give it to me before the eariest due time.