Nt1330 Unit 3

We will first look at some known flaws in Windows 7 and Windows 8. An Information Security Engineer at Google had decided to reveal a flaw that affected two of Microsoft’s newest operating systems that allowed attackers to obtain higher privileges on an unpatched computer. The vulnerability was caused due to an error within the ‘win32k.sys’ when it processes

Cyber attacks of a nature similar to the DoS attack are a real threat to the operations of any networked system. Prudent planning and preparation can help the organization to minimize the impact of these potentially damaging attacks. The following recommendations can help the company transform from a level where such attacks could cause a total system shutdown to a level where such attacks could cause a slight inconvenience:

The greatest area of vulnerability and potential for damage or data loss of web applications and

This report is containing four tasks and the aim of this report is to discuss vulnerabilities which are existed in Microsoft Windows Vista over the whole year 2008. In this report I will provide a reasonable level discussion of the history and vulnerabilities of Microsoft Windows Vista. The main sections are:

With the increasing use of technology today with computers, there are better ways we can came up with to stop vulnerabilities in a network. As organizations increase their reliance on, possibly distributed, information systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. Network security is the becoming more important to a business because of the networks and applications. You never know when someone is coming for your business system. Looking at every strategy you have going on for your business. Need to have the set of tools for the security walls to be high. When dealing with hackers or competition all servers not to be access easily. There is a large amount

patching cycle to ensure the security of the operating system code. The focus of this exercise is

Threat 2 - The server is using an unpatched operating system and web server. Securing a server begins with hardening the operating system by turning off or removing unused services/programs, as well as patching any known holes in the software. This helps to reduce the attack surface of the system.

Server administrators are required to maintain a broad range of security safeguards in order to secure a server. While backups are a valuable tool, it is not a replacement for preventative measures meant to protect the server. If the administrator is not diligent or sufficiently knowledgeable they can introduce a broad range of security issues. When an administrator does not configure and monitor logs, an attack in progress can be missed, as well as reviewing any evidence left behind after an attack to develop new procedures to block future incidences. Failing to implement a patch policy for the system and software installed can leave the server open to attack. Server administrators who do not change settings from default settings also leave the server open to unused services that are not needed being left open, and default passwords in place.

Navigating vulnerable unpatched client-side workstations through the Internet super highway can lead to computer security

Five essential services provided by a secure system are Authentication, Authorization, Integrity, Privacy and Non-repudiation. So we can use security measures like use a strong password, Protect confidential information, Make sure our operating system and virus protection are up-to-date, Use secure and supported applications, Beware of suspicious e-mails, store confidential information only on HSU servers, backup our data and make sure we can restore it, protect information in all its forms, learn to be security aware [1].

The system proved itself to work very effectively, and now is being expanded. Rather than simply test for specific problems, it will be testing computers against a large list of known exploits. Any unpatched systems, whether infected or not, will not be allowed full network access. The hope is to raise diligence in patching software, and prevent future virus outbreaks. The implementation of these anti-attack measures requires the use of port scanning and traffic sniffing tools, and for tools to be effective in detecting a remote vulnerability, a decently large amount of detail regarding the vulnerability much be available.

The reason for system security, essentially, is to ensure the system and its part parts from unapproved get to and abuse. Systems are powerless as a result of their inborn normal for encouraging remote access. Case in point, if a programmer needed to get to a machine not on a system, physical access would be crucial.

Over the decades information and communication technologies have revolutionized our access to information and our communication bases. The increase in our dependence on internet has made information and communication systems more vulnerable to security attacks. Many regular incidents demonstrate this vulnerability, like the rapid propagation of sophisticated malwares, denial of service attacks on socio-economical organizations ,business and government portals and the against the power grid system. Fortunately, these move forward in technology also originated an increasing number of security concerns that were served as examples by recent incidents.

According to John Desmond, there are many dangerous application attacks which provides the access for end user to view system resources and private information’s by breaking the network firewalls (John Desmond, 2004).

Networks are only as good as their admins perform, the overall structure and integrity of a network lies in the hands of network and system administrators. Without these unsung heroes patching and protecting our digital frontier, our networks would be susceptible to any number of cyber attacks