Login
Menu

Network attack using DNS

Home / Blog / Network attack using DNS

Network attack using DNS

Network attack using DNS

Question 1: Network Attack Research                                  [10 marks]

 

Although the course textbook and other resources discuss several specific network attack vulnerabilities, it is not feasible to cover all of them. New vulnerabilities are being discovered all of the time, and there are hundreds of currently known vulnerabilities. Professional network administrators have to keep themselves current with all possible threat possibilities. One way of doing this is by performing personal research. In this case study, you should use the Internet to assist you in developing responses to the three questions.  Use of the course textbook and supplied resources only is not sufficient to award full marks. You should use your research skills and go beyond these resources.

 

 

You are required to answer the following questions.  Please reference all sourcesdo not copy directly from sources.

 

  1. Your are to research a recent ransom type attack via the internet, what type of attack has been performed by the hackers? You need to fully justify your answer, not just state the type of attack.

 

  1. Describe how the attack may have occurred with sufficient information to explain how a hacker could carry out the attack. Ensure you include references.
  2. How could the network administrator prevent such attacks? You don’t need to provide the actual code – just describe what measures they would have to implement to ensure that occurrence of an attack could be minimised.

 

  1. What limitations does this form of attack have?

 Marking Criteria

 

  1. 3 marks (1 mark correct identification, 2 marks for justification)
  2. 4 marks for description (allocated based on quality and correctness)
  3. 2 marks for prevention (allocated based on quality and correctness)
  4. 1 mark for limitation (allocated based on quality and correctness)

 

 

Question 2:                                                                           (10 marks)

 

In this hypothetical case study, you should use the Internet to assist you in developing responses to three questions.  Use of the text only is not sufficient to attract full marks.

 

An online sales company Cheapies recently received a series of reports from customers concerning security breaches in online ordering.  Customers reported having fraudulent orders being made via their accounts, usually after they have found that their password has changed.  A full security audit revealed that the orders and changes to user passwords all originated from an Eastern European country on servers within the domain of freebies.com – however – the question remained:  how did the hackers accomplish this attack?

 

Given that legitimate account numbers and passwords were used, it was initially assumed that it could be some form of phishing attack.  However, no evidence of such emails was found.  The only commonality between the victims was that they all used the same Internet Service Provider.

 

You are required to answer the following questions.  Please reference all sources  – do not copy directly from sources.

 

  1. Based on the information provided, what type of attack has been performed? Justify your answer.
    Hint:  In order to capture account numbers and passwords, how would a hacker “redirect” users to their servers instead of Cheapies?

 

  1. Describe in detail how the attack occurred – you may wish to include one or more diagrams. You will need to make assumptions about host names, domains and IP addresses – document these.  You need not concern yourself with the technical details of the capture and reuse of Cheapies customer details (eg. Fake web sites/malware) – you are documenting how it was possible from a network perspective.

 

  1. What steps would you advise to prevent such attacks? What limitations does this form of attack have?Hint: Would this attack only have to be performed once?

 

I have also attached pcap file to answer questions 2.

Is this the question you were looking for? If so, place your order here to get started!