Group Activity Reflection and Script Creation

For the group activity during unit 3, you read a fictitious case study of an attack against a web server. Your group scoped a penetration test by answering the relevant questions within the ‘Scoping a Penetration Test’ document under unit 3.

The important aspect for the group task was not necessarily answering all the questions in the scoping document, but how you worked as a team in a high-pressure scenario.

Using the notes you took during the group activity, discuss and reflect upon your group exercise using no more than 250 words.

Information gathering script writing exercise

Create a script called my_new_whois.sh that utilises the provided whois_yahoo_mnt.txt file to create a script that prompts the user to perform the following tasks:

1.Obtain all unique people in the file sorted in alphabetical order and place them in the specified file.

2.Obtain all inetnums in the file sorted in ascending numerical order and place them in the specified file.

3.Obtain all unique netnames sorted in alphabetical order and place them in the specified text file.

Your script should take as arguments the whois_yahoo_mnt.txt file and a user-specified output file name to save the output of your script. An example of how your script should execute from the shell is shown below:

Your script should also

·Provide an adequate level of input validation. For example, if the user enters ‘4’ as an option (an invalid option) they should be prompted to enter a valid input.

·Remove leading white space from any lines of text. You will need to research sed and/or awk in order to achieve this.

·Append the date and time to the bottom of the file you created.

Script accepts two arguments or terminates the script with a ‘usage error’ otherwise.

User friendly menu of options for the user to select from.

Read user input and ensure a valid value has been entered.

If a valid value has been entered, display to the user their response and what they are searching for.

Using appropriate commands, parse the text file based on what the user requires to be searched.

Trim leading white spaces from any lines of text.

Redirect output to the user-defined file and place date and time stamp appended to file. Quality of script (indentation, comments, general good scripting practices, etc).

MITIGATION STRATEGY

1) To prevent the DOS attack, the Apache server should be upgraded to the latest version and also excessive page view requests should be blocked. The firewall should be configured to reject the bogus traffic and prevent the DOS attack.

2) The PHP version should be updated to the latest version to prevent from such attacks.

3) The user credentials file should be properly encrypted and not available for the general public as to put in a private machine.

4) The read/write operation must be restricted to prevent from such attack so if someone steals the credentials even than the integrity of the system files remains there.

5) Bind MySQL to local host and also give privilege to a specific user rather than all users.

6) The weak algorithms should be disabled and better algorithm should be used i.e. AES, which provides the same actual speed than RC4 with better security.

7) There is no specific solution to this issue but to prevent from such attack general solution is to upgrade to newer release, disable the respective features and remove or replace the product by another.