Lab1 assessment CIS 482 PDF

Preview

Summary

Download Lab1 assessment CIS 482 PDF

Description

CIS482-Spring2019 Lab #1 - Evaluating Web Server Vulnerabilities Assessment Worksheet Due Date: Saturday, March 16th @11:55pm by Tom 1. What are some of the greatest risks businesses face when connecting to the Web? Why? Some of the greatest risks businesses face when connecting to the Web is packet sniffing and SQL injection. The reason why is because hackers try to exploit websites all the times and steal customer information such as credit card information such as credit card information 2. Why is it critical to perform periodic Web-application vulnerability assessments and penetration tests? To make sure no one can penetrate your web application before you put it in a live situation. And you want to make sure your website is secure from packet sniffing and any SQL injection attacks. 3. Why might connecting your Web servers and Web applications to the Internet be like opening Pandora’s Box? Connecting your Web servers and Web applications to the Internet is like opening Pandora’s Box because all the risks, threats, and vulnerabilities from attackers and malicious software come to your front door. Websites, web applications, and ecommerce sites are prime targets for attackers seeking mailing lists, credit card information, and other confidential data which can be sold or used for monetary attacks.

4. What does the Skipfish application do, and why is it a good security tool for Web servers and Web-application testing? Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionarybased probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

5. What is tcpdump, and why is it a good tool for testing the Ubuntu Linux Web server and Web-application security? Tcpdump is a command line protocol-capture and protocol-analyzer tool that you can install on the Linux server to capture all the protocol interaction to or from the server. Tcpdump can identify vulnerabilities by capturing and displaying packet headers and matching them against a set of criteria. It is a good tool for testing the Ubuntu Linux Web server and Web-application security because it understands boolean search operators and can use host names, IP addresses, network names, and protocols as arguments. 6. What does the Firefox Live HTTP Headers plug-in application do, and why is this a good tool for Web-server and Web-application security testing? The Live HTTP Header add-on allows users to view the HTTP header of any page to assist in debugging web applications, identifying the type of web server, and verifying what cookies, if any, are being sent. Firefox Live HTTP headers are a good tool for conducting penetration test because it can help in tracking rogue javascript code on servers. Another Firefox add-on, User Agent Switcher; you can use this extension to change the user agent of your browser, which is useful for web application penetration test, and the mobile versions of the websites. 7. What does using the -h switch for tcpdump and skipfish do? tcpdump -h and skipfish are used to open the online help manual for this tool and verify that it is installed on the server. In Skipfish-h; you can customize your HTTP requests, by using the -h option to insert any additional, non-standard headers including an arbitrary User-Agent value. 8. What information can you determine from the ifconfig -a command? By using ifconfig -a command, we determine information of all active or inactive network interfaces on server including Ethernet (eth1) and local loopback (lo). The IP address of the web server is displayed after the abbreviation inet addr in the eth1 section of the results. Eth1 is the internal lab interface used to access TargetLinux01 The information you can determine form the ifconfig-a command is all your IP information including the address and subnet. The ifconfig command can only show you the current MAC address....