Penetration Testing and Advanced Hacking Techniques - Case Study Example

PENETRATION TESTING AND ADVANCED HACKING TECHNIQUES Penetration Testing and Advanced Hacking Techniques Affiliation Table of Contents Table of Contents 2 Countermeasures 3 Countermeasures 4 Countermeasures 5 Countermeasures 7 Countermeasures 7 Countermeasures 9 References 10 Distributed Denial of Service Attacks Basically, a DOS (denial of service) attack is one of the most critical security threats in which an organization or individual is unable to access services that should be accessible in normal conditions. Additionally, a distributed denial of service (DDOS) attack is a kind of DOS attack in which a large number of hacked computers (also known as a botnet) are used to attack a single target (an individual or an organization) (Rouse, 2007). In DDOS attack, a large number of computers take part to launch a strong attack against a victim. However, the systems that take part in this attack are also the victims of this attack since they have already been infected through a virus or a Trojan. In this scenario, in a DDoS attack, a target is attacked through a heavy data traffic flooding the target coming from a large number of different locations and systems. In fact, sometimes these attacks are launched using thousands of compromised computer systems. As a result, it becomes almost impossible for the system administrator to avoid the attack by not allowing a single system. In addition, as a result of this attack a system administrator cannot differentiate between attack traffic and authentic user traffic because of a large number of points of origin. Countermeasures There are many countermeasures that can be adopted by a system administrator to deal with this attack. A system administrator can apply a variety of restrictions on the amount of traffic that can be processed by their server. However, it also makes difficult for system administrator to differentiate between legal and illegal traffic. Additionally, the system administrator can also filter the traffic if they can identify the source of the attacks. In addition, a variety of other techniques can also be applied such as the use of intrusion detection systems, firewalls, and so on (Webopedia, 2014; Strickland, 2014). Session Hijacking Session hijacking is also a very common security threats in which an attacker takes control over the session of a Web user by secretly attaining the session ID and using their ID to demonstrate themselves as an owner of that ID. The basic purpose of this attack is to access a legal account illegally and making use of this account to carry out illegal activities. For instance, once an attacker is able to access an account illegal, he can use this account to conduct different acts such as using the network services, copying or destroying data and a wide variety of other tasks. Basically, an attacker gets this session ID from URL (universal resource locator) in which a cookie stores this session ID. Whenever a communication procedure is launched between a client and a server, an authentication process is established and an attacker takes advantage of this process by interfering online. In addition, this kind of attack can be detected or undetected depending on the nature and strength of the attack and the knowledge of the user. However, when a user feels that a web site is not responding in a normal way in response of a user’s input or not working, it can be due to session hijacking (Rouse, session hijacking (TCP session hijacking), 2006). Countermeasures Basically, in this attack, an attacker makes use of cookies so first of all there is need for protecting system cookies and setting their values as unpredictable. In addition, various other steps can also be taken such as distributing session cookies through SSL, setting the HTTP characteristic of the session cookie to accurate, making it uncomplicated to finish sessions, and restricting the path and domain as much as conceivable. Additionally, system administrators should put considerable effort to secure cookies (Gooch, 2013). SQL Injection SQL Injection is one of the most critical web based security attacks in which an attacker exposes a database connected with a web application by sending a SQL command to a web application. Additionally, in a SQL Injection attack a web application makes use of the user input without applying appropriate encoding or validation mechanism on a database query or command. In fact, this input is transferred to the SQL interpreter as an SQL query without any validation. By launching this attack, an attacker attempts to get access to the database that is connected to a web application. In this scenario, the basic objective of an attacker is to get access to a database in which significant data is stored regarding the customer or an organization. This attack allows an attacker to build, update, copy, read, modify, or remove data stored in the database. The majority of SQL Injection attacks are launched to access private data like that credit card number, social security numbers or other monetary data. Moreover, an attacker uses high level mechanism to transfer user input to the SQL interpreter and force it to complete illegal actions (DuPaul, 2014). Countermeasures There are many ways to deal with a SQL Injection attack. This attack can be avoided by implementing appropriate input validation procedures. For instance, user’s input should be validated in contrast to predefined type, rules for length and syntax as well as against business scenarios. Additionally, access to a database should be privileged and it should be strictly monitored. In addition, a database user should be assigned to a particular web application as well as they should not be able to access other applications. Moreover, all the stored procedures that are not occupied should be removed (DuPaul, 2014). Hacking a Web Server When a web server is hacked it does not remain under the control of an owner and hacker has a complete or partial control over the server. As a result, a hacker can have partial or complete control over server in order to make use of it for carrying out illegal activities. Normally, a hacker hacks a web server for carrying out a wide variety of illegal activities such as (Media Temple, Inc., 2014): A hacker can use hacked server to launch attacks against other systems. In this scenario, a hacker uses server’s CPU, bandwidth, memory and other resources. A hacker can hack a server to send a large number of spam emails to others using the details of hacked server. A hacker can use this server to install a phishing website in an attempt to get access to private data. Normally, there are two ways that can be used by a hacker for hacking a server (Media Temple, Inc., 2014): One of the basic causes of a server being hacked can be misplacement of the password. In this scenario, a hacker may access the server by guessing or stealing a password of a user who uses the server. In other case a hacker gains access to a server by detecting and exploiting a security hole in various applications like that Joomla, WordPress or Drupal. Countermeasures In order to avoid such attacks, the users must set strong password that are difficult to guess. They should use a mixture of alphabets and special characters such as @, # or %. In addition, whenever a user needs to use a service they must make sure that their connection is secure through a proper security mechanism. Moreover, system administrators must backup their data on a regular basis (Media Temple, Inc., 2014). Hacking a wireless network Basically, a wireless network uses wireless channel for the communication instead of wired channel and it operates through a number of access points. As a result, these communications can face a wide variety of security attacks. A wireless network can be hacked through a wide variety of security attacks. For instance, a hacker can launch a DOS attack against a wireless network by forcing APs (access points) to disclose their services set identifiers (SSIDs) during the network connection and communication. In this scenario, a hacker factually blocks the radio frequency (RF) signal of an access point and force the users to connect to a fake access point. In fact, a wireless network can be hacked through a number of ways. The basic objective of hacking is to get access to a network and make illegal use of its resources. In addition, this hacking also allows a hacker to access some of the critical information associated with a business and customers (Beaver, 2014). Countermeasures In view of the fact that a hacker can launch a variety of hacking attacks against a wireless network, hence there is not a specific way to deal with these multidimensional security attacks. However, users can adopt a mixture of security countermeasures in order to deal with these attacks (Beaver, 2014): First of all, the network users must make sure that their passwords are secure and no one can have access to their passwords. They should regularly switch off their service set identifiers A virtual private network can be established to secure a wireless network The firm should implement an effective encryption technique to secure traffic flowing through the network (Beaver, 2014). Hacking a Mobile Platform Since the beginning of mobile application platforms they have been a source of attraction for the hackers. In fact, the security is believed to be a critical aspect of mobile platforms. Unluckily, at the present there are a large number of hackers who want to hack and break mobile platform security in an attempt to get hold of valuable secret data. In fact, it is even impossible to make mobile platforms un-hackable for the hackers. In view of the fact that the mobile platforms are based on the wireless networks so they use the similar communication mechanisms. In this scenario, a large number of hacking attacks appear in the similar fashion. For instance, these networks also go through under DOS and Man-In-Middle attacks. The purpose of these attacks similar to wireless security attacks. A hacker wants to get access to a mobile platform in order to make illegal use of this network or steal personal data and information stored on the network. In addition, the majority of mobile platforms experience more than 50% attacks due to third party apps (DuPaul, Android Hacking, 2014). Countermeasures Some of the countermeasures for mobile platforms are similar to wireless networks. For instance, the mobile communications can also be encrypted to secure them from the hackers. Without a doubt, users send their usernames and passwords through the wireless medium, so the use of encryption can secure their personal information. In addition, effective testing should be performed on third party apps before they are being used. Moreover, the communications should be limited to only known users and the users should not communicate with unknown source (DuPaul, Android Hacking, 2014). References Beaver, K. (2014). Countermeasures for Wireless Network Hack Attacks. Retrieved from http://www.dummies.com/how-to/content/countermeasures-for-wireless-network-hack-attacks.html DuPaul, N. (2014). Android Hacking. Retrieved from http://www.veracode.com/products/mobile-application-security/android-hacking DuPaul, N. (2014). SQL Injection Tutorial: Learn About Injection Attacks, Vulnerabilities and How to Prevent SQL Injections. Retrieved from http://www.veracode.com/security/sql-injection Gooch, A. (2013, March 01). Help Prevent Session Hijacking. Retrieved from http://blog.8thlight.com/adam-gooch/2013/03/01/help-prevent-session-hijacking.html Media Temple, Inc. (2014). Working with a hacked or compromised server. Retrieved from http://kb.mediatemple.net/questions/1577/Working+with+a+hacked+or+compromised+server#gs Rouse, M. (2006, September). session hijacking (TCP session hijacking). Retrieved from TechTarget.com: http://searchsoftwarequality.techtarget.com/definition/session-hijacking Rouse, M. (2007, October). denial of service (DoS). Retrieved from TechTarget.com: http://searchsoftwarequality.techtarget.com/definition/denial-of-service Strickland, J. (2014). How Zombie Computers Work. Retrieved from HowStuffWorks.com: http://computer.howstuffworks.com/zombie-computer3.htm Webopedia. (2014). DDoS attack - Distributed Denial of Service. Retrieved from http://www.webopedia.com/TERM/D/DDoS_attack.html Read More