Createareportexploringthestagesinvolvedinaspecificattack(ofyourchoice)againsta computingsystem.

Createareportexploringthestagesinvolvedinaspecificattack(ofyourchoice)againsta computingsystem.Selectandresearchanattackofyourchoice.Theattackshouldbetechnicalinnatureand exploitavulnerabilitytocompromisethesecurityofaprocess,service,system,ornetwork. Youarerequiredtoshowevidencethatyouhavesuccessfullycarriedoutthisexploitwithin alabenvironment.Ifyouwish,youmaychoosetouseoneofthevulnerabilitiesthatyou exploitwithinthelabexercises:forexample,theRPCDCOMorWebDavexploit.However, selectinganattackthatisnotcoveredinthelabexercisescanresultinhighermarks,as describedinthemarkingcriteria.Youarerequiredtouseattacksoftwareofyourchoice(suchasMetasploit,Armitage, sqlmap,astand-alonecustomexploit,orothersoftwareofyourchoosing),andtake screenshotsdemonstratingeachofthestagesintheattack.Thesescreenshotsareusedto illustratethecontentofyourreport.Again,youmaychoosetouseattacksoftwarecovered in thelabs;however,usingsoftwarethatisnotcoveredinthelabexercisescanresultin highermarks.Allocationofmarksaredescribedbelow.Markingwillbeconductedusingaspreadsheetthatgeneratesmarksbasedonperformanceineachofthemarkingschemeareas.For example,eachrequirementwillhaveanumberofcommentsdescribingpossibleoutcomes (suchas“CorrectHarvardreferencingstyle”,or“Harvardreferencingstylecontainserrors”, or“Noreferencing”).Markingwillinvolveselectingorcreatingappropriatefeedback. Asa consequence,youcanexpectdetailedfeedbackonceyourassignmenthasbeenmarked.YourreportshouldincludeHarvardreferencing.Referto http://skillsforlearning.leedsmet.ac.uk/Quote_Unquote.pdfforLeedsMetreferencing guidelines. Abibliographictool,suchasZotero,maybehelpful.Yourreportshouldhavethefollowingoutlineandcontent:FrontmatterTitle,studentdetails,wordcount,andtableofcontents.IntroductionBeginyourreportwithabriefparagraphnotingtheattacksoftwareused,andthe vulnerabilityandexploitcoveredinyourreport.Descriptionofthevulnerability,exploit,andattacksoftwareDescribethevulnerabilitythattheattackexploits,includinghoworwhythe vulnerabilityexists,whatversionsofsoftwarearevulnerable.Includeatechnicaloverviewofthecategoryofvulnerability(forexample,SQLInjection,bufferoverflow, orotherasappropriate).Thenintroducetheexploitandattacksoftwareyouhave chosentouse,andgiveadetaileddescriptionintechnicallow-leveltermsofhowtheattacksoftwareisabletoexploitthevulnerability.Besuretodescribeand differentiatebetweenthevulnerability,exploit,andtheattacksoftware.AnatomyofanattackDescribeeachofthestepsoftheattackusingtheattacksoftwareofyourchoiceto exploitthevulnerabilityyouhavechosen.Thiswilltypicallyincludeinformation gathering(suchasfootprinting,scanning,andenumeration),exploitation,andpost- exploitation.Throughoutthissectionusescreenshotsdemonstratinghoweach ofthestagesofattackarecarriedout,andtoillustratethepracticalimplications oftheattack.Informationgathering:Howcananattackergatheralloftheinformationneededto identifyatarget,determinethatitisvulnerabletoattack,andgainalltheinformation neededtoattackthetarget?Exploitation:Howcananattackerexploitthevulnerabilitytoimpactaprocess, system,ornetwork?Describethetechnicalgoingsonbehindthestepstakenbythe attacker.Post-exploitation:Whatmaliciousactionsarepossibleafterasuccessfulattack?For example,cantheattackermodifyauser’sfile,adduseraccounts,modifysystem files/programs,modifythekernel,andsoon?Whatarethelimitationsofwhatthe attackercando?Whatactionscouldtheattackertaketomaintainaccessandcover theirtracks?Notethattherearemarksallocatedfordescribingandillustratingeachoftheabove stagesofattack.RecommendationsforpreventingtheattackInthissection,describerecommendationsthatyoubelieveshouldbeimplemented forasystem/organisationthatisvulnerabletothisattack.Brieflydescribethe various layersofsecuritycontrols(suchasfirewalls,accesscontrols,anti-malware, IPS,orasappropriate)thatcanbeusedtomitigatetheriskposedbytheattack, andexplainwhichstagesoftheattackcanbethwartedbythosesecuritycontrols. Provideanyotherrecommendationsformitigatingtherisk,(forexample,choosing differentsoftware,ortrainingusers).Onlymakerecommendationsthatapplyto defendorpreventagainsttheattackyouhavedescribed.Provideascreenshotdemonstratingafailedattackattemptagainstaprotected(or notvulnerable)system.Foradditionalmarks,showevidencethatyouhavesecured theoriginallyvulnerabletargetagainsttheattack.RelatedsoftwareProvideasummaryoftheattacksoftwareyouhaveused,andfurtherdescribethe scopeoftheattacksoftware:whatelsecanthesoftwarebeusedtodo?Briefly describeotherattacksoftwarethatcanbeusedasanalternativetoachievethe attacksdemonstratedinthereport.Criticalreflection(L6)Describewhatyouthinktheunderlyingdeficiencyisthathasresultedinthis vulnerability.Whatimpactcouldthishaveonbusinessesandorganisationsthatare vulnerable?ConclusionConcludeyourreportwithasummaryofyourattack,software,andtheimplications forICTsecurity.ReferencesHarvardreferences,eachofwhichshouldbecitedwithinyourreport.Irecommend usingabibliographictool,suchasZotero.Yourreportshouldbe2000-3000words.


Last Completed Projects

# topic title discipline academic level pages delivered
6
Writer's choice
Business
University
2
1 hour 32 min
7
Wise Approach to
Philosophy
College
2
2 hours 19 min
8
1980's and 1990
History
College
3
2 hours 20 min
9
pick the best topic
Finance
School
2
2 hours 27 min
10
finance for leisure
Finance
University
12
2 hours 36 min