Introduction
In this coursework, the main aim is to compare two network security software tools using Kali Linux to carry out a type of attack which helps build and develop an awareness to protect computers from varies password attacks.
The chosen software tools are offline password attack (John the Ripper) and (RainbowCrack) which they both are from similar Cyber Security attacks under password cracking tools. John the Ripper is free on multi-platform as it combines various password cracking features in one package. RainbowCrack uses rainbow crack tables that are updated periodically. After calculations, the results are stored, which were obtained in the tables is called a rainbow table. The process of creating rainbow tables takes very long time, but when the program works it’s done very fast.
Any hackers will attempt to violate this three element of security (CIA) Confidentiality, Integrity and Availability:
Confidentiality is to prevent the disclosure of information to unauthorised persons to look at it.
Integrity: is to make sure that the content of the information has not been properly adjusted or tampered with.
Availability: The goal of any information system to serve its purpose which is to make sure that the information is available when you require them.
Description of the cyber security attack
What is a Password Attack?
It is the term to describe the attacks targeting their results or position, let’s say the denial of service
Confidentiality means keeping information given by or about an individual in the course of a professional relationship secure and safe from others. There are eight principals of good practice and anyone processing personal information must comply with them.
One of the other failures that the book presents us is the user’s weak password practice and how the intruder took advantage of this is to gain super user privileges and created several user accounts by gaining root privileges. All it takes is a one-time access as super user to establish his base into the defenders zone. This book describes how the intruder took advantage of brute force method to hack user accounts and password. Also, the intruder was smart enough to steal the password information file and even managed to encrypt all the dictionary words by using the same encryption algorithm and then compared those words with the stolen encrypted passwords file to find out passwords of user accounts. The scientists/ researchers at the laboratories who are not aware of such kind of exploitations made intruder’s work easy by having easy to guess passwords, never bothered to change the passwords from time to time or in fact did not realize the importance of having strong passwords in order to maintain and protect their research data in a safe and secure way. Even today, not all the users realize the importance of having strong/secure passwords and we come across such instances where intruders exploit users ignorance. (For example, Two years ago, before I enrolled in MS-CS program, I did not know how brute force attacks work or
Confidentiality is a right a person has in which to keep information about themselves private without anyone else being able to access it unless given permission or consent by an authorised person. A person's information should only be disclosed on a need to know basis i.e official bodies or next of kin unless specified otherwise. Information may also be disclosed if the information that is being held outweighs the risk to the person's health.
As a holistic concept, integrity is characterized by consistency of actions, values, methods, measures, principles,
Linton (2011, p.44) stated that hacking of network of common users and attacking their personal computers is one of the most threatening problems at present. It is happening in every second that results in a loss in several ways like loss of credentials, personal information etcetera. Although the use of personal computers and the internet has been increased rapidly, numbers of users who are the expert and have good knowledge to tackle the matters are very rare. In addition, time, as well as required equipment to protect hacking, is also very.
Confidentiality means not sharing information about people without their knowledge and agreement, and ensuring that written and electronic information cannot be accessed or read by other people who have no reason to see it.
2. Confidentiality: Privacy or secrecy, limited to the people authorized to use the documents or information. Example, the therapists must
This utilizations two sorts of assaults Dictionary assault and Brute Force Attack for hacking wifi passwords.
Attack: An assault on the system security that is derived from an intelligent threat. An attack is any action that violated security.
Integrity keeps data pure and trustworthy by protecting system data from intentional or accidental changes. Integrity has three goals to prevent unauthorized users from making modifications to data or programs. To prevent authorized users from making improper or unauthorized modifications. To maintain internal and external consistency of data and programs.
Confidentiality: Confidentiality helps against the disclosure of data to an unauthorized users. It involves authentication that is identifying the user. Examples of threats to confidentiality are malware, intruders, insecure networks, social engineering, and poorly administered systems. In protecting confidentiality mechanisms like cryptography and access controls should be used.
Confidentiality is one of the three characteristics of the C.I.A. model. It establishes those with sufficient privileges and the need to access the information. Confidentiality is most related to information privacy. It is extremely important to protect the information of employees, customers, or patients. No matter what type of organization it is it will disclose confidential information. That being said, all confidential information is vulnerable to accidental exposure or an intentional hack. If an unauthorized individual or system views the information, confidentiality is breached. Confidentiality contains several measures that are applied to protect the confidentiality of information. These measures include information classification, sure document and data storage, application of general security policies, education of information custodians and end users.
Confidentiality means that data is concealed and can only be seen by the intended recipient.
In fact, computers are not only the means of the crime, but also the target of it. Cyber crime encompasses a wide range of activities, including: hacking, phishing, denial of service (DoS) attacks, creating and distributing malware, unauthorized data access, corruption of deletion of data, interception of data (Kennedys).
This course also provided excellent topics to help the student understand the specific methods and tools used for hacking and system penetration efforts. In contrast, MSIA 676 often provide an abstracted examination of methods, a high-level introduction