Showing pages 1 to 3 of 6 pages
Executive Proposal ProjectCMIT 321
Executive Proposal ProjectIntroductionAdvance Research Corporation as a medical research and development company has been verysuccessful in innovation pharmaceutical and medical products. In addition, Advance ResearchCorporation’s business has been growing during the past few years. By expanding the networkthe security of the network should be increased as well. Understanding vulnerabilities of thenetwork can help to realizing the level of the risks that an organization might face (Cohen, 2014).The Purpose of Executive ProposalThe Advance Research Corporation has become a very successful company and because of thatit has been the major target for cyber-attacks. The company has been under several Denial ofService (DOS) attacks during the 9 months. These attacks have impacted the Advance Researchability to do its normal business and also these attacks have damaged company’s reputation.There are different kinds of cyber-attacks that can put negative impact to any businesses such asAdvance Research.Among those attacks Denial of Service (Dos) attacks and Distributed Denial of Service (DDoS)attacks are becoming the most major attacks for the computer networks. The purpose of thesekinds of attacks is to make network resources and machines unreachable or unavailable toauthorized users. In the Denial of Service, attackers overload the target system resources byflooding the system with non-legitimate traffic or service requests. The result might be slownetwork performance or unavailability a target website. In Distributed Denial of Service attack,attackers target a single system with using a group of compromised systems. Even though these
kinds of attacks last about one to two hours, in the second quarter of 2015, one DistributedDenial of Service was recorded that lasted about 13 hours and 240 Gbps (Keane, 2015).The Solution OverviewKFSensor is a great tool that Advance Research Corporation can take advantage of. This is aWindows based honeypot Intrusion Detection Systems (IDS).Intrusion detection systems help todetect any kind of violation of security policy like misuse or unauthorized access. Intrusiondetection system does that by gathering and analyzing information from network and computers.KFSensor act as a honeypot.Honeypots are network connected computer software or even adevice that appears to be attractive and vulnerable and seems to have important information in itbut realistically only exist to be attack by attackers. Honey pats seem to be part of a network, butin reality it is not part of the network. It is isolated and monitored.KFSensor by acting as a decoy server diverts attacks from important systems and provide higherlevel of information that can be attained by using NIDS and Firewalls alone.According to the KFSensor vendor website, Keyfocus.net, during the 12 years of production use,KFSensor has been regularly update, improved and it is fully supported. KFSensor prevent itselffrom being overloaded and it detects and responds to Denial of Service attacks, individualservice attacks and port scans.I did a research on this product to obtain some more information and review on KFSensor. Roger.A Grimes has written a greater article,KFSensor: Sweet Windows honeypot, in theInfoWorld.com. In his article he mentioned, for almost a decade, KFSensor has been the topclass honeypot. Since 2003, KFSensor has been updated and maintained by its creator TomWright (Grimes, 2010).