{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

case18soln

case18soln - ESD264/1.264 Lecture 18 case studies Fall 2006...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
ESD264/1.264 Lecture 18 case studies Fall, 2006 3. Network attack and defense Many (most?) companies guard against network attacks by using firewalls and SSL encryption on their financial traffic on the World Wide Web. Use the ‘Top vulnerabilities’ slide from lecture 18, which is more up to date than Anderson’s list in chapter 18, as one of the sources of information to answer this question. a. List at least four significant risks that this strategy does not address. 1. Weak passwords. 2. Program bugs, particularly stack overflows: Operating systems (Windows, Linux) Middleware (Microsoft COM, ActiveX in particular; Windows libraries) Office suites (MS Office, Outlook, but others also) Applications (including antivirus software) Web software (Internet Explorer, PHP) Databases (SQL injection) 3. Instant messaging, P2P networks, media players: programs likely not authorized to be on corporate or organization machines, introducing viruses, worms, etc. (Your firewall may block some of
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 2

case18soln - ESD264/1.264 Lecture 18 case studies Fall 2006...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon bookmark
Ask a homework question - tutors are online