Færdiggjort

Academic Writing - response tcp security

short response to these two statements:

1.

TCP-IP Security

One of the more interesting TCP-IP vulnerabilities is its ability to guarantee the location of where a packet is coming from. RIP is an essential component of a TCP/IP network. RIP is the Routing Information Protocol which is used to distribute routing information within networks, such as shortest-paths, and advertising routes out from the local network, (CHAMBERS, DOLSKE, & IYER, n.d.). The flaw in RIP is that it doesn’t have built in authentication much like TCP/IP. This attack is significant because RIP attacks change where the data may go to unlike common attacks that change where data has come from. When an attacker is able to compromise RIP addresses and send them from anywhere in the world this poses a huge security flaw. Attackers can forge RIP packets claiming that they are another host and they have the fastest route or path out of the network. This is troubling as there is a higher level DDOS attack that uses the RIPv1 protocol called Reflection Amplification Attacks. (Mimoso, 2015) says, “Reflection attacks happen when an attacker forges its victim’s IP addresses in order to establish the victim’s systems as the source of requests sent to a massive number of machines.” Because the attacker is in control of the RIP it can send many requests on behalf of a network. The recipients of the request issue an overwhelming flood of responses back to the victim’s network thus crashing that network, (Mimoso, 2015).

I chose this vulnerability because it’s very current in the landscape of DDOS attacks and Threat post by Kapersky Labs suggest that this is only going to grow into the coming years. The easiest way to stop this is to use routers with RIPv2 and above. Unfortunately, a large number of the routers that have been compromised using this deprecated technology comes from AT&T and BellSouth and they are regularly distributed in the United States.

2,

Cross site scripting (XSS) is a common web application injection vulnerability. Cross site scripting is used to impersonate users and bypass access controls. Hackers inject malicious code on the client side web applications to gather data from users. Hyperlink is usually the method used to gather the information that contains malicious content within it (Incapsula). To make it look less suspicious to the user, the hacker will encode the malicious part of the link in HEX. XSS differs from other web attacks such as SQL injection, in that it does not directly target the application itself. Instead risk is to the web application users. By hijacking a logged in users session, the hacker can change the password and if the administrators session is hacked, the hacker will have full admin privileges of that web application (Netsparker). After collecting data from the web application, the malicious code sends a results page to the hacker but in a manner that appears legitimate to the user. Attackers often inject ActiveX, HTML, Flash, JavaScript or VBScript into vulnerable applications.

This form of attack can best be detected by using a web application firewall (WAF). Although WAF's use various methods to counter attacks, most use signature based filtering in blocking and recognizing attacks to and from HTTP web applications. Websites using SSL (https) encryption are no more safe than sites not encrypted. The attacks would work in the same manner except its taking place in an encrypted connection. Unlike network firewalls, with customization, WAF can prevent XSS, SQL injection, session jacking and buffer overflows by inspecting every HTML, HTTPS, SOAP and XML-RPC data packet (cgisecurity). Websites using SSL (https) encryption are no more safe than sites not encrypted. The attacks would work in the same manner except its taking place in an encrypted connection.

APA FORMAT and use of resources

Evner: Computer Sikkerhed, Research Writing

Se mere: writing academic response, academic writing information technology, writing academic business plan, scientific writing academic writing, writing academic research project, writing academic article software, writing academic profile, writing articles technology magazines, writing academic story, writing academic report case studies, writing academic proposal, writing academic companies experience, technical writing academic writing, security tcp ip steganography vc, compare contrast business writing academic writing, writing academic documents, processing writing academic, writing academic assighnments, writing academic conversions, thesis writing information technology

Om arbejdsgiveren:
( 51 bedømmelser ) Silver Spring, United States

Projekt ID: #11982949

Tildelt til:

DRIsaac

I am well versed in content and academic writing. I have a unique skills in research and all the appropriate formatting styles/methods. My freelancing approach is to put the interests of all my clients first with an ai Flere

$30 USD på 1 dag
(763 bedømmelser)
7.5

7 freelancere byder i gennemsnit $42 på dette job

$25 USD på 1 dag
(798 bedømmelser)
7.9
$94 USD på 1 dag
(209 bedømmelser)
7.2
Valuesolutions

Hello, how are you? I hope you have a bright day/evening from your side. I have read the details provided, but please contact me so that we can discuss more on the project. I believe I have the required skills in this Flere

$34 USD på 1 dag
(141 bedømmelser)
6.6
TOPessayswriter

I assure you that i will give you a high quality product within your deadline or sooner and plagiarism free [login to view URL] go ahead and trust me with your work and I will deliver awesome up to PhD level academic paper.i Flere

$25 USD på 1 dag
(94 bedømmelser)
5.6
$60 USD på 1 dag
(27 bedømmelser)
5.0
sadiamaha

Hi, I am an experienced academic writer of science and business subjects who has written numerous academic writing pieces on a wide variety of subjects. I have a high command of the English language, and I am capable Flere

$25 USD på 1 dag
(0 bedømmelser)
0.0