StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security Analysis of A2Z and Redesign of its Network - Assignment Example

Cite this document
Summary
The author of this paper "Security Analysis of A2Z and Redesign of its Network" discusses the statistical network analysis on the examples of two companies, including the quantitive network analysis ranking of assets, NMAP, password cracking, policy creation, information about security policies…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.4% of users find it useful
Security Analysis of A2Z and Redesign of its Network
Read Text Preview

Extract of sample "Security Analysis of A2Z and Redesign of its Network"

Security Analysis of A2Z and Redesign of its Network Insert Insert Introduction In this report, I examine the merging of two companies to form one. ABC, which is virtual with a proprietary website, joins efforts with XYZ a brick and mortar company. ABC does a preliminary work on the invitations they get consult with their designer for a final product. XYZ, on the other hand, ensures that their customers submit designs and are in a position to track their orders. They also do management and invoicing of their system. Consequently, ABCs infrastructure will couple with XYZs network diagram. ABC moves its facilities to use XYZs data center and their systems. Both companies individually have had security loopholes in the past. As A2Z, they have agreed to address this issue by hiring me to carry out a safety analysis on their network and make recommendations on how to establish it securely. My duty will involve carrying out a reconnaissance on XYZ to find out the kind of information that is available to an attacker. I will then analyze the XYZ network diagram using their latest network diagram and nmap report chart. Further, I will ascertain the users password strength and redesign the system. In addition, I will establish system hardening procedures for both IIS and Apache. Finally, I will create a security policy and a template for future security systems. Reconnaissance Information gathering I gathered information on XYZ so as to ascertain the kind of information that was readily available to attackers. The findings included the location of the company that was One Microsoft Way, Redmond, WA 98052-6399. It also included the workers of the organization all the way from its founder. The breakdown of the workers obtained appears below: Name of the work Their duty William H. Gates III Founder and Technology Advisor, Microsoft Corporation Maria M. Klawe President, Harvey Mudd College Teri L. List-Stoll The Executive V. P and chief financial Officer, at the Kraft Foods Group, Inc. G. Mason Morfit President, ValueAct Capital Satya Nadella Chief Executive Officer, Microsoft Corporation Charles H. Noski Former Vice Chairman, Bank of America Corporation Dr. Helmut Panke Former Chairman of the Board of Management, BMWAG Charles W. Scharf Chief Executive Officer, Visa Inc. John W. Stanton Chairman, Trilogy Equity Partners John W. Thompson Chairman, Microsoft Corporation The information also revealed the IP address of the XYZ as 134.170.185.46 and 134.170.188.221. In addition, it also demystified the mail server IP as ns1.msft.net alongside with the uniform resource locator as Microsoft.com. More pertinent was the listing of sites linking to the XYZ. They included 188 internal connections and 232 outbound connections. Current Network Diagram Analysis Through the results of NMAP scan, the official network diagram of XYZ before merging with ABC is shown. It reveals that the servers used are windows server version 2003. The company uses a private IP address of 192.168.x.X where x represents variations in the different servers in the enterprise. Quantitative Analysis Ranking of Assets Assets in A2Z are grouped and listed after the two companies come together. Each company, individually owned assets(Katsaros, Dimokas & Tassiulas, 2010). After you categorize them, their market value is then established. Such information is vital to the company. The purpose is to determine proper means to ensure that assets are well taken care of and accounted NMAP Analysis NMAP analysis depends on the results of the NMAP scan done as part of an agreement for consultation with infosecwizards. It reveals vital information on the fascinating ports on XYZDomainController, XYZInviteDesign, XYZAcct, XYZPrinting and XYZChart. Further, at each of the above classifications of ports, the type of operating system and the number of filtered ports is revealed. It shows the internet protocol of the server at any given point. Nmap was able to tell 6 IP addresses alluding to six hosts present in a span of 42.27 seconds. The service information was a Linux-based operating system 2.5.25 -2.6.3 or Gentoo 1.2 Linux 2.4.19 rec1-rc7. The breakdown is as follows: Interesting ports on XYZDomainController IP address: 192.168.0.1 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or XP SP2 Port State Service Product Version Extra Info 135 TCP open Msrpc     139 tcp open netbios-ssn     427 TCP open Svrloc     445 tcp open Microsoft-s     Interesting ports on XYZInviteDesign IP address: 192.168.0.2 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or XP SP2 Port State Service Product Version Extra Info 135 tcp open Msrpc     139 tcp open netbios-ssn     427 tcp open Svrloc     445 tcp open Microsoft-ds     Interesting ports on XYZAcct IP address: 192.168.0.3 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or xp SP2 Port State Service Product Version Extra Info 135 tcp open Msrpc     139 tcp open netbios-ssn     427 tcp open Svrloc     445 tcp open Microsoft-ds     Interesting ports on XYZPrinting IP address: 192.168.0.4 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or xp SP2 Port State Service Product Version Extra Info 135 tcp open Msrpc     139 tcp open netbios-ssn     427 tcp open Svrloc     Interesting ports on XYZPrinting IP address: 192.168.0.4 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or xp SP2 Port State Service Product Version Extra Info 135 tcp open Msrpc     139 tcp open netbios-ssn     427 tcp open Svrloc     Interesting ports on XYZWebsrv IP address: 192.168.0.5 Filtered ports not shown: 997 Service information: Os: Microsoft Windows 2003 Server or xp SP2 Port State Service Product Version Extra Info 135 tcp open Msrpc     139 tcp open netbios-ssn     427 tcp open Svrloc     1025 tcp open NFS-or-IIS     Interesting ports on XYZChart IP address: 192.168.0.6 Ports that are closed are not shown but are scanned: 1656 Service information: Os: Microsoft Windows 2003 Server or xp SP2 Password Cracking Their system did not consider putting into place any password policy. Consequently, there were fragile passwords used as indicated by the md5 decrypter (Shin & Yoon, 2012). The attackers did not have to struggle to get these passwords since they were common passwords. The results are as follows: 5f4dcc3b5aa765d61d8327deb882cf99 - MD5 :password 200ceb26807d6bf99fd6f4f0d1ca54d4 - MD5 :administrator 391d878fd5822858f49ddc3e891ad4b9 – NTLM :devry a2345375a47a92754e2505132aca194b – NTLM :windows Policy Creation A2Z now needs a new policy to govern its security to avoid future breaches. They mostly involve protection from losing data, weak password policy and the computer system behaving abnormally. Further, it is to prevent the dissemination of information from its website to the attackers. It involves the use of antivirus, adware, and spyware. The policy covers how often to carry out the routine maintenance and updating computer systems. Moreover, it tastes programs that aid to eliminate malware. In addition, it blocks individual emails and determine the best antivirus for the server (Shin & Yoon, 2012). Furthermore, it includes encapsulating the firewall and how to transfer information to trusted sites. The new policy will cover the use of computer systems in the company in entirety. It encompasses bring your device. All network connections in the organization are inclusive. The antivirus should be installed computers in the organization and provide real time protection. It protects the files and the applications. Its successful use will depend on frequent updates presumably once a week and scanning of files at the terminals and the servers on a weekly basis. Spyware is a software application that collects information from the clients computer while they are online and delivers it to third parties. Use of anti-spyware is vital to detect and protect the organizations data from leaking out to other parties. There are exclusions when not mandatory. It includes systems running SQL server, dedicated mail servers or a different platform from Windows. Before that, the owners need permission to do so from the system administrators. The security manager has the mandate to remove or prevent the adware. They need to do this in the awareness of the management. They also need to narrate to the management the standards and compliance of antivirus that can remove or manage the adware. There is anti-spyware that also does the same. There are security tools to aid the company avoid these attacks. They include network-based antivirus. Malware operating at this interface will surpass firewall penetration. Host-based antivirus stops strange malware. They commonly target the servers and client Stations. Network-based web content filtering helps evade malware on the web. Include spyware to detect and removal utility (Zhang, 2005). It eliminates spyware commonly aiming at the servers and terminal points. Network-based spam filtering works to spyware that target emails and could alter vital files in the system. To monitor intrusion to the network and avoid worms, use network-based intrusion prevention. Recommendations Redesigned Network Diagram Information Security Policies The security systems will under updates, maintenance, and the authenticity. Computer systems that are allowed in the organization are those that have been tested and certified (Practical Packet Analysis: using Wireshark to solve real-world network problems, 2011). Even personal gadgets allowed in the organization have to be ascertained to avoid malicious attacks or other charges in case they are counterfeit. Maintenance in the group should be scheduled to happen after a particular period. It ensures that the lifespan of the gadgets increases and their uptime period enhanced. It avoids attacks that could come as a result of negligence. Updating the system ensures that the latest security updates and patches installs in the machines. Consequently, they cannot handle new malware and viruses that are better adapted to surpass old security systems. Web server hardening procedures IIS Administrators managing IIS need to make sure that it is locked down. It is because Internet Information services are a common target for hackers. First, you need to set up NTFS specifically for IIS application and data. You also need to set permissions on the drive according to the user level (XU, 2009). For instance, the developer has full access while the user has read and executed only permission. In addition, you use a software firewall to make sure that end users cannot have access to other ports on the IIS machine apart from port 80. Web server hardening procedures Apache There is the need to disable directory browsing especially for users of the internet. Htaaccess would allow such users to overwrite the default Apache directives that might become detrimental to the institution (Shin & Yoon, 2012). It is also very necessary to eliminate the banner showing the server version. Exposing the server version accelerates the hackers speed of speeding the reconnaissance process. It is also required to disable directory listing in browsers. It ensures that visitors do not see the files and folders you have under the root directory or subdirectory. References Airoldi, E. (2007). Statistical network analysis. Berlin: Springer. Katsaros, D., Dimokas, N., & Tassiulas, L. (2010). Social network analysis concepts in the design of wireless Ad Hoc network protocols. IEEE Network, 24(6), 23-29. doi:10.1109/mnet.2010.5634439 Practical Packet Analysis: using Wireshark to solve real-world network problems. (2011). Network Security, 2011(8), 4. doi:10.1016/s1353-4858(11)70082-4 Shin, S., & Yoon, M. (2012). Virtual vectors and network traffic analysis. IEEE Network, 26(1), 22-26. doi:10.1109/mnet.2012.6135852 XU, Y. (2009). Reconfigure ZigBee Network Based on System Design. Wireless Sensor Network, 01(03), 206-211. doi:10.4236/wsn.2009.13027 Zhang, L. (2005). Network design. New York, NY: Springer. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Security Analysis of A2Z and Redesign of its Network Assignment Example | Topics and Well Written Essays - 1500 words, n.d.)
Security Analysis of A2Z and Redesign of its Network Assignment Example | Topics and Well Written Essays - 1500 words. https://studentshare.org/information-technology/1860979-security-analysis-and-redesign-of-network
(Security Analysis of A2Z and Redesign of Its Network Assignment Example | Topics and Well Written Essays - 1500 Words)
Security Analysis of A2Z and Redesign of Its Network Assignment Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/1860979-security-analysis-and-redesign-of-network.
“Security Analysis of A2Z and Redesign of Its Network Assignment Example | Topics and Well Written Essays - 1500 Words”. https://studentshare.org/information-technology/1860979-security-analysis-and-redesign-of-network.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security Analysis of A2Z and Redesign of its Network

The Importance of Digital Security

network Threats Routers, switches and firewalls make up the infrastructure of network.... The paper aims the importance of digital security.... … Organizations are at a greater risk and more prone to digital security threats than individuals, as hackers find it more rewarding breaching their security boundaries.... The most essential need of every single organization is the digital security....
14 Pages (3500 words) Essay

Networks and System Administration

Enhancing employee productivity; the present IT infrastructure at the X Company does maximize the potential of its employees.... This term paper "Networks and System Administration" provided a description of the computer network implemented and management for Target Company.... hellip; Strategies on network scalability are essential to certain disaster recovery and business continuity, these policies are incorporated in the design to cater to the future growth of the company....
16 Pages (4000 words) Term Paper

A research strategy for a topic of security risk analysis

… The paper discusses a research strategy for a topic “security risk analysis”.... The researcher of this following essay will make an earnest attempt to evaluate the challenges of conducting quantitative research, synthesize findings and determine an appropriate quantitative research strategy for a hypothetical study on security risk management.... The researcher states that it is necessary to understand the importance of conducting quantitative research within the information security field to become familiar with the challenges one faces when addressing an issue in question....
53 Pages (13250 words) Essay

Implementation of Network Management System in the Surrey University Network

The paper "Implementation of network Management System in the Surrey University network" explores in detail the wired network, wireless connectivity of Wembley and Harrow SITES, wireless LAN design for Camden, network management system design, and network monitoring system of the named project.... The computer network incorporation is the most efficient for both the students and the University management....
30 Pages (7500 words) Term Paper

Network Security: a Vital Element in Todays Booming Commerce

This report "network Security: a Vital Element in Today's Booming Commerce" discusses some important aspects regarding maintaining a secured network connection via virtual private networks.... hellip; A Virtual Private network is an innovative concept since it allows clients to securely communicate over an insecure medium.... The History of network security seems to very vague as security was kept in low profile for most corporations....
12 Pages (3000 words) Report

How to Extract Evidence in Relation to HTTP, FTP, and SMTP Application Layer Protocols

hellip; There has been extensive research that gathers evidence by collecting and analyzing network traffic data logs.... In this paper, I present the techniques used to extract data sent from one host to another over a TCP-based network like the internet using FTP protocol, an e-mail sent over an IP network using SMTP protocol and the one sent over web-based applications using HTTP protocol.... Extracting evidence in relation to SMTP 2 Header analysis 3 Bait tactics 3 Server investigation 3 network device investigation 3 Software embedded identifiers 3 Sender Mailer Finger prints 3 4....
7 Pages (1750 words) Research Paper

The Negative Impacts of Cybercrime on Business and Society

nbsp;  … Computer crime (commonly referred to as cybercrime) is a reference to any type of criminal activity that involves the use of a computer or an internal/external network.... network security has been compromised to the point that clients and IT professionals globally has lost trust in conducting many types of electronic commerce transactions.... nbsp; It can begin as something seemingly harmless, and rise to one of the gravest threats to personal and national security that exists today....
7 Pages (1750 words) Research Proposal

Searching for a Position of IT Director

Ability to profound analysis that allows, basing on the analysis of multiple factors of the company's activity, to forecast the possibility of different issues of organisational, technological and technical character arising in the work of IT-sphere and, consequently, to take precaution measures and implement well-thought-of solutions so that to eliminate the causes for these problems.... Ability to compile and present for public discussion my own ideas aimed at increasing the effectiveness of IT-structures and its further developing and improving....
6 Pages (1500 words) Resume/CV
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us