Lot2 Task 1 Essay

718 Words Sep 28th, 2012 3 Pages
LOT2 Task 1


Diagram

Below is a diagram which illustrates how the attack overwhelmed the Web Server.











Executive Summary

The attack performed on the network had the intention of making the online services provided to students unusable during a critical time of need for those systems. The attack was first performed by acquiring the Administrator password for the systems and using each system to perform a large quantity of requests for service to the web servers. By dissecting what occurred steps can be put in place to prevent such an attack in the future. This attack can be summarized in a few bullets:

The attacker was allowed to install software without having Administrator rights
The software used
…show more content…
These programs detect when keystroke input is being directed to another location besides the currently targeted window. Most programs will send an alert when such activity is detected providing a means for early detection and removal before sensitive data is obtained.

For the actual attack that took place there are changes that need to be performed on both the client's side as well as the server's side. These changes involve limiting the quantities of request either side can make. For the client's I would recommend a firewall placed between them and the server which would be configured to limit the amount of requests to be made to any outside source and either notify and administrator or outright blocking additional requests beyond the threshold.

The same implementation should be made for the server as well. In the server's case the firewall placed between it and any client should limit the quantity of connection from a source IP. The unfortunate side of this, and why the client firewall be implemented, is that many clients can be located behind one source IP address. This means that the server's firewall configuration needs to be more lenient the the client firewall.

In addition to adding a firewall, the server itself should only allow a certain amount of it's CPU, memory, and available bandwidth to processing these requests. The reason for this is that the remaining resource availability allows for an administrator to gain access and…

More about Lot2 Task 1 Essay