Assignment 6.docx - Sara Dalba 11/09/2018 IT-549 Scenario...

This preview shows page 1 - 3 out of 10 pages.

Sara Dalba11/09/2018IT-549Scenario AssignmentSpoofingSpoofing is “a fraudulent or malicious practice in which communication is sent from anunknown source disguised as a source know to the receiver. It is the most prevalent incommunication mechanism that lack a high level of security (Technopedia, 2018)”. The mostcommon type of spoofing is through emails. Since a lot of SMTP fail, especially when it comesto authentication, it is very easy for attackers to impersonate emails.By accessing emails, theattacker can gain access to the victim’s bank account or even change some of their details. Butthe biggest thing that comes from spoofed emails is Trojans and other viruses, which can do a lotof damage by deleting files, random unexpected activities or worse gain access into a server. Onaverage, over 121 emails on a daily basis contain viruses that sometimes can slip throughsecurity filters and go unnoticed. Statically, over “54.8 and 66.4 percent of U.S companies havepoor SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) practices,respectively (Musk. E, 2018)”.There are three types of spoofing methods used today: ARP, IP and DNS. Addressresolution protocol (ARP) is the when the attack just waits on the network that you are on andattempts to take a crack at your network’s IP address. Essentially the attacker tries to play tworoles at once; you and the router. What they would do is “intercept – and yes, evenmodifies/stops – information to and from your computer and the router (Musk. E, 2018)”.
Essentially the attack would only get caught if a spoofing detection software picks up on it andeven then, they could have still got enough to cover up their tracks by overloading your system.“As many as one-third of networks suffered at least on DoS attack within the last two years(Musk. E,2018)”.The best method to avoid having these types of spoofing is to routinely havewebsite stat checks to see if there are any unusual traffic spikes to prevent DoS attacks. IPspoofing is the most common online sneak attacks because this is when an attack is trying to hidetheir identity and impersonate someone else. They send multiple packets in order to try to floodthe servers and trigger a crash in order to pull off a successful DoS attack. Companies shouldknow something is wrong when a website is slow or completely unresponsive and be preparedfor an attack. Make sure all-important data is backed up, whether it’s on an external hard drive orto the cloud, to prevent the loss of data in an attack. Lastly, domain name system (DNS) is “adatabase made up public IP addresses and corresponding hostnames (Musk. E, 2018)” and theattacks come from when attackers try to mix the two up. An example is when you are trying toget to a search engine like Yahoo or Bing and the attackers try to direct your search to a spoofedversion of it. Most security systems will pick up when you’re being direct to a spoofed by askingyou if you want to proceed to the site or turn back.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 10 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
Dr. Lopez
Tags
IP address, Denial of service attack, attack

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture