System under Threat



System under Threat

Introduction

The internet is not a safe place for anyone any longer. This has caused numerous industries to attain a data and information security as a plan to save themselves with the losses. Being the information security engineers of the gaming organization, it is for sure that the vulnerabilities are about to be quite high , and data theft and replication of information would be a major concern. The provided network has also some vulnerability due to the variety of equipments used. The attacks, which can be routed through the computer and laptops are surely linked with the linking mediums; like, Web/FTP servers, exchange email server, domain controllers, file servers and most importantly wireless access points. However, VoIP system does have its weaknesses, which surpass any of the equipment used within the system.

Analysis of Potential Threats, Attacking Grounds and Vulnerabilities

The devices, which are interconnected pose a greater threat to each other as all of them, is the medium of information transfer. Attacks are of four types. The first one is related to the confidentiality in which the attacker gains access to the private data and information of the company and thereby making them public. This is quite coherent to our case. Another attack compromises the aspect of integrity of the system by subsequent alteration and modification of the data without the concern of authorized personnel. They next attack alters the availability of the system's functionality and can even shutdown the system thereby enabling the denial of service to the users. This can be possible if the attacker has the intention of making the personnel deprived of their rights in the cases of extreme discontent. The last case is related to the gaining full control over the system which can lead the attacker to have privileges to all the systems , and now s/he has the authority to go on with any of the above three attacks.

NIDS

Considering the case of NIDS (Network Intrusion Detection System) includes Scanning attacks, DoS attacks, and penetration attacks. However, NIDS has proven susceptibility against the buffer overflow, input validation error, boundary condition error and most importantly access control susceptibility, (Cse.wustl.edu, 2010). Another problem with the NIDS systems is that it offers a large number of false positive warnings. Most of the time, it has been observed that NIDS raises a security threat for the harmless traffic. Moreover, the NIDS system is unable to recognize the newly developed attacks and their signatures. Nevertheless, an anomaly based NIDS system offers to deal with these types of attacks but is a constraint by the current anomaly detection algorithms.

Microsoft Exchange Server

The network also makes use of the Microsoft Exchange Server which causes the vulnerability of having remote code executive at ease. This vulnerability has the ability to cause the DoS conditions. Microsoft exchange server has the ability to provide email, contacts and calendars for the corporate environments. In this domain, three vulnerabilities have been detected and two (CVE-2013-3776 and CVE-2013-3776) ...