Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Insider attack

Insider attack 10 years 2 months ago #16923

  • skyware
  • skyware's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
I am a senior in computer engineering. I have been assigned as my senior capstone to create a program to detect and prevent insider attacks. I am not very skilled in computer networking/hacking.

We have several computers with unpatched Operating systems that we are supposed to 'attack'. I have no idea what to do.

Please anyone who knows how i can attack these computers give me suggestions/how to do it.

This includes port scanning, packet gathering, spoofing. im not really sure where to go with this.


Thanks
The administrator has disabled public write access.

Re: Insider attack 10 years 2 months ago #16947

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Struggling to post my answer, comes up with an error so something in the answer that isn't liked. Dont have time to work it out as i have to go to Milton Keynes to watch Robbie so when i return on Tuesday i will post what you need to know.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: Insider attack 10 years 2 months ago #16951

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Still not letting me post ????
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

attack 10 years 2 months ago #16952

  • Arani
  • Arani's Avatar
  • Offline
  • Moderator
  • Posts: 745
  • Thank you received: 10
  • Karma: 4
hi,
try running this http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym as a first line of approach.
in the mean time. read up on attack, how they are done, and how you can detect them. your objective is to find out the vulnerability of your network or computers. hence you will have to achieve a reverse learning curve to start with.
it's a pity that you have been assigned a project which you know nothing about how to handle it. in short you are not wise enough in this field. but let me tell you, according to socrates, knowing that you don't know anything is knowledge in itself. half the battle is won by acknowledging the lack of knowledge, and admitting it.
i am sure you will be able to handle this. try surfing the internet and look for articles on these issues. i am sure you will come across sites where they actually teach you how to hack or spoof or even register attacks on computers or networks
Picking pebbles on the shore of the networking ocean
The administrator has disabled public write access.

Re: Insider attack 10 years 2 months ago #16994

  • Rockape
  • Rockape's Avatar
  • Offline
  • Moderator
  • Posts: 330
  • Karma: 0
I am a senior in computer engineering. I have been assigned as my senior capstone to create a program to detect and prevent insider attacks. I am not very skilled in computer networking/hacking.

We have several computers with unpatched Operating systems that we are supposed to 'attack'. I have no idea what to do.

Please anyone who knows how i can attack these computers give me suggestions/how to do it.

This includes port scanning, packet gathering, spoofing. im not really sure where to go with this.


Thanks

Skyware, please don't take this the wrong way, but your request seems a bit strange to me!!!!

Firstly, why would you need to internally attack your own PCs? If your machine are all correctly patched, and all your users have accounts with permissions, I don't understand why you want to internally attack the PCs?

And, if you believe that people are trying to internally attack your PCs, and if you accept everything I've said above. Then the people doing the attacking have all the permissions needed to hide what they are doing, so it's unlikely that you would see anything.

However, if this is a legimate project for work or school. Then please accept my apologies if I seem a bit over the top. I would suggest that the best way to resolve this issue is mentioned above. Patch the PCs and make sure that everyone who uses the system has an account with appropriate permissions should solve your problems. Then if you have any "issues" with a PC etc you can use the internal event viewer facility to try and track any activity.

Cheers

Rockape
The administrator has disabled public write access.

Re: Insider attack 10 years 2 months ago #16997

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
Do you have to write your own software to do this, or can you use software already available? Writing your own is 'reinventing the wheel', but the following apps will give you an idea of how to do it.

Look at snort and hogwash. Snort is an intrusion detection system and hogwash is an intrusion prevention system that rides on top of snort.

it has the ability to detect an attack, then act on it, with the action being a dynamic firewall rule, an email, an snmp trap, or anything else that you can find that is supported.
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.084 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup