The Major Security Threats - Term Paper Example

Without a doubt, computer and network security has turned out to be a serious challenge for governments, organizations and individuals. Though, everyday there emerge a large number of security tools, techniques, practices, guidelines and theories to help these parties secure their computing resources however at the same time security attackers are becoming more and more knowledgeable and skilled to ditch these security measures. They always remain in search of latest mechanisms and security holes that they could exploit in order to launch a wide variety of security attacks. At the present, security professionals apply a variety of penetration testing techniques to determine the security level of various applications. This reports presents a detailed analysis of some of the major security threats by applying penetration testing techniques in order to determine the risks that these security threats pose to users and suggest the security measures that can be adopted in order to deal with these attacks. In this scenario, this report covers some of the most important security threats such as Session Hijacking, SQL Injection, Hacking a Web server, Hacking a Wireless Network and Hacking Mobile platform. This report presents the results of experiments performed with Kali Linux for web penetration testing. This experiments allow the testing of a system from the attacker’s perspective. Problem and Motivation It is an admitted fact that computer and information security is a serious issue of today’s world. No matter, someone is a common user or an employee working for a specific organization has to face serious security threats while using the Internet. In fact, these security threats and attacks are becoming more and more complicated with the passage of time. Even though, there are so many ways and techniques (such as security firewalls, IDS or Antivirus programs) to deal with these security attacks but none of them proved to be effective in dealing with these challenges. Keeping these problems in mind I have decided to choose a research area through which I could guide the users how could they deal with these security attacks. One way to deal with these security challenges is to develop web applications that are harder to break. In this scenario, some penetration testing can be performed to these applications to determine their strength against security threats. I have chosen six security threats and applied penetration testing on them with the purpose of strengthening their security. In this report I have shown the results of my experiments. Results/outcome of the experimental procedures In the above sections I have performed six different experimental procedures in order to apply the penetration test on the application. Basically, the overall experiment was broken into six different modules or procedures in order to make sure that each security threat is fully tested. First experimental procedure was applied to test for a denial of service attack on a web site. This routine was applied using IOS of Kali Linux as a platform VMware player to run virtual machines to host Kali Linux. In addition, we used a web browser with an Internet connection. This shows that we used only a few things to launch this attack and this attack successfully worked. In fact, all the settings and security measures applied by a user could not save them from this attack. In this overall experiment we utilized minimum resources such as a laptop and an Internet connection. In less than half hours we were able to launch a distributed denial of service attack. The results of this experiment also show that the users do not apply sufficient security measures in order to deal with such kind of security attacks because in this case a DDOS attack took less than half hour to break the system security. Second test was applied to test the session hijacking procedures. In this experiment the basic objective was to check the strength of a system against session hijacking attacks. Basically, in session hijacking a hacker hacks the complete session and makes illegal use of it in order to get access to the system. This attack was launched using the same equipment and resources as of DDOS. In this attack procedure, we targeted the usernames and passwords stored by Hotmail, facebook and Gmail web sites. We applied certain mechanisms to access these usernames and passwords. The basic objective of this experiment procedure was to show that how an attacker can access these usernames and passwords and later on use them to perform illegal activities. Third experimental procedure was performed to test the strength of a system against SQL Injection attack. However, with only a few resources we were able to show that how an attacker can exploit system’s vulnerability to launch security attacks. Fourth experimental procedure was applied to server hacking using Kali Linux and metasploites2. In this experimental we have shown that how an attacker can use a variety of options to launch this attack. However, an attacker can hide his tracks with no traces by using Tor a proxy. In this experiment we successfully penetrated the server and escalated to root. This experiment shows that it takes only less than 10 minutes to hack and destroy a server of an organization and steal all the information. Normally, the competitors of an organization or enemies of a country launch such attacks. Fifth attack experiment was launched using a few resources such as a computer running Backtrack 5r3, Wi-Fi device and the world-list file. However, we successfully showed that how an attacker can access and make illegal use of wireless access points in order to enter a wireless network. In the last experimental procedure we successfully performed hacking of a mobile server. This hacking practice was performed on Android devices using Metasploits Android Meterpreter Payload. This experiment was performed using a few resources such as a computer with Kali Linux, Android-x86-2.2, a web browser with an internet connection and VMware player to run virtual machines. This experiment was also completed in a few minutes. However, it allowed us to successfully hack a mobile server. Discussion It is clear from the above experimental procedures that it is very easy for an attacker to exploit any weakness or vulnerability existing in the system. These experiments clearly show that how an attacker can access a system using a wide variety of ways and options. Though, we have conducted only a limited experiments to see six different attack mechanisms however there are still a large number of attacks that can be launched by attackers to exploit systems or networks’ vulnerabilities. In this report we have carried out a variety of experiments in order to prove that an attacker can make use of a variety of options to get an entry into the system. In fact, in some cases they can fulfil their missions using a simple equipment such as a laptop and the Internet connection. In some cases it took only half hour to break into the system. Though, users apply a wide variety of security measures in order to ensure safety and security of their systems and networks. However, these measures are not enough to ensure the security of these resources. The results derived through these experiments clearly show that an attacker can easily get into the system with a minimum effort. The purpose of these experiments was not to break into the system or illegally access the system or their resources but the objective was to apply penetration testing techniques on the system. These testing techniques showed the weaknesses of the systems and allowed us to suggest some security measures against each security attacks. Given below are security countermeasures against each security attacks: Countermeasures for DDOS Without a doubt, distributed denial of service attacks have turned out to be a serious challenge for organizations and individuals. There are many countermeasures that can be adopted by a system administrator to deal with this attack. A system administrator can apply a variety of restrictions on the amount of traffic that can be processed by their server. However, it also makes difficult for system administrator to differentiate between legal and illegal traffic. Additionally, the system administrator can also filter the traffic if they can identify the source of the attacks. In addition, a variety of other techniques can also be applied such as the use of intrusion detection systems, firewalls, and so on (Webopedia, 2014; Strickland, 2014). Countermeasures for Session Hijacking Basically, in this attack, an attacker makes use of cookies so first of all there is need for protecting system cookies and setting their values as unpredictable. In addition, various other steps can also be taken such as distributing session cookies through SSL, setting the HTTP characteristic of the session cookie to accurate, making it uncomplicated to finish sessions, and restricting the path and domain as much as conceivable. Additionally, system administrators should put considerable effort to secure cookies (Gooch, 2013). Countermeasures for SQL Injection Attacks There are many ways to deal with a SQL Injection attack. This attack can be avoided by implementing appropriate input validation procedures. For instance, user’s input should be validated in contrast to predefined type, rules for length and syntax as well as against business scenarios. Additionally, access to a database should be privileged and it should be strictly monitored. In addition, a database user should be assigned to a particular web application as well as they should not be able to access other applications. Moreover, all the stored procedures that are not occupied should be removed (DuPaul, 2014). Countermeasures for a Web Server In order to avoid such attacks, the users must set strong password that are difficult to guess. They should use a mixture of alphabets and special characters such as @, # or %. In addition, whenever a user needs to use a service they must make sure that their connection is secure through a proper security mechanism. Moreover, system administrators must backup their data on a regular basis (Media Temple, Inc., 2014). Countermeasures for a Wireless Network In view of the fact that a hacker can launch a variety of hacking attacks against a wireless network, hence there is not a specific way to deal with these multidimensional security attacks. However, users can adopt a mixture of security countermeasures in order to deal with these attacks (Beaver, 2014): First of all, the network users must make sure that their passwords are secure and no one can have access to their passwords. They should regularly switch off their service set identifiers A virtual private network can be established to secure a wireless network The firm should implement an effective encryption technique to secure traffic flowing through the network (Beaver, 2014). Countermeasures for Mobile Platform Some of the countermeasures for mobile platforms are similar to wireless networks. For instance, the mobile communications can also be encrypted to secure them from the hackers. Without a doubt, users send their usernames and passwords through the wireless medium, so the use of encryption can secure their personal information. In addition, effective testing should be performed on third party apps before they are being used. Moreover, the communications should be limited to only known users and the users should not communicate with unknown source (DuPaul, Android Hacking, 2014). Conclusion and future work In the past few years, there have emerged a wide variety of security threats. In fact, the execution of these security threats requires different techniques and extensive knowledge due to which it becomes very difficult for professionals to detect these attacks using existing knowledge. Also, they need to continuously improve their skills and knowledge in order to effectively deal with these attacks. In this scenario, penetration testing can be an effective testing technique as it allows professionals to test the application from an attacker’s perspective. However, these testing techniques are used under the domain of ethical hacking. In this report penetration testing was applied to test six different security attacks such as DDSO, Session Hijacking, SQL Injection attacks, hacking of a wireless network, hacking of a web server and hacking of a mobile platform. The purpose of applying these tests was to determine the security flaws of existing applications. All these tests were performed using minimal resources such as a laptop and a particular software. However, in each case it took only a few minutes to break the security of that particular application. This report also suggests the security countermeasures that can be adopted by users to deal with these security attacks. In the future, we will consider this testing for more techniques. Read More