Remote Access Attacks



Remote Access Attacks

Introduction

Today we enjoy increased sophistication in computer and internet technologies, in terms of power, storage capacity and communication speed. Various sorts of applications including personal, business and government continue to multiply on the Internet. The Internet has undoubtedly become essential for the world's economic competitiveness, innovation and well being. Though, advanced internet technologies have many advantages, However, the growth in technology also increases the opportunity of cyber crime (Edward, 2006). The network-based applications often pose security risks to individuals as well as to the information resources of companies and governments.

Like many other companies, Quick Finance Company has deployed the IT infrastructure in order to automate its business operations and to improve the overall productivity. However, the company does not invest much in security protection as it is a small business. This paper analyses the network diagram of the company, indicates the assumptions that would be required for to identify vulnerabilities and finally recommends the mitigation techniques.

Discussion

Quick Finance Company has deployed the IT infrastructure with the belief that advanced information technology infrastructure remarkably helps the business in improving the performance and better management of the resources (Rainer & Turban, 2008). The company is a small business and thus it has never invested much in security of its IT infrastructure. The infrastructure utilized the System 1000 for hosting the employee payroll system as well as for the customer database. The administration has become much concerned about the security issues over the period of past two years as only during this month, the web-server was defaced twice, which resulted in huge loss. Also, the VPN server of the company has been suffering from the critical attacks such as Denial-of-Service (DOS) and hijacking numerous time over last two years. One of the major reason of such attacks are the existing vulnerabilities in the network, lack of expertise in the employees, in fact the company does not have staff trained for IT or network security management. In addition, the company does not utilize the password policies or any other effective means of security. As the company mainly deals with financial activities, there is an immense need of deploying effective information and network security measures. In the following, an analysis of company's network diagram is presented.

Analysis of Network Diagram

Figure 1 shows the network diagram of the company.

In order to figure out the vulnerabilities in the It infrastructure of the company, it is essential to consider each access point.

First vulnerability becomes evident as the VPN server is directly connected to the web, without making use of any security measure; this is the reason why DOS attack was faced by this server. Secondly, all systems should be installed with encryption and firewalls which is not found in the diagram.

Possible Security Attacks

According to the analysis of the network diagram of the company, it becomes clear that the highest probable attack is the Denial of Service. The risk has been proved in past, as the company has suffered from this ...