Network Analysis Report: Security Issues, Vulnerabilities, and Solutions
Added on 2023-04-11
14 Pages2059 Words356 Views
NETWORK ANALYSIS REPORT
Cover Page
A REPORT ON THE ANALYSIS OF A COMPUTER NETWORK FOR SECURITY ISSUES,
VULNERABILITIES AND POSSIBLE SOLUTIONS
Cover Page
A REPORT ON THE ANALYSIS OF A COMPUTER NETWORK FOR SECURITY ISSUES,
VULNERABILITIES AND POSSIBLE SOLUTIONS
NETWORK ANALYSIS REPORT 2
Table of Contents
Cover Page...............................................................................................1
Table of Contents.......................................................................................2
Introduction..............................................................................................3
Security Issues...........................................................................................4
Attack Scenarios.........................................................................................6
Vulnerabilities............................................................................................7
Proposed Countermeasure(s)/Solution(s)............................................................8
References...............................................................................................9
Appendices .............................................................................................11
Table of Contents
Cover Page...............................................................................................1
Table of Contents.......................................................................................2
Introduction..............................................................................................3
Security Issues...........................................................................................4
Attack Scenarios.........................................................................................6
Vulnerabilities............................................................................................7
Proposed Countermeasure(s)/Solution(s)............................................................8
References...............................................................................................9
Appendices .............................................................................................11
NETWORK ANALYSIS REPORT 3
Introduction
The advent of the Internet of Things (IoT) has led to development of interconnected systems that
can share key information from their surroundings for decision making purposes (Habibi, Midi,
Mudgerikar & Bertino, 2017). Medium sized organizations have integrated IoT devices to help
automate functions that could have otherwise required human input. However there also comes
the aspect of security in how the devices interact and how the information is protected from
unauthorized access and compromise by cyber criminals. Besides these devices having security
mechanisms of their own and the existence of several security protocols and techniques to
protect the information exchanged between IoT devices, the system cannot be completely secure.
Cyber criminals are always on the look for these vulnerabilities and other overlooked security
issues so that they can use them to gain access to protected information. Even the seemingly least
security issues caused by device manufacturers can be best loopholes for hackers(Habibi, Midi,
Mudgerikar & Bertino, 2017).
This report seeks to analyse such a system in a medium sized organization network to identify
issues and vulnerabilities related to the IoT devices and the IT infrastructure. Finally solutions to
address the issues are addressed.
Introduction
The advent of the Internet of Things (IoT) has led to development of interconnected systems that
can share key information from their surroundings for decision making purposes (Habibi, Midi,
Mudgerikar & Bertino, 2017). Medium sized organizations have integrated IoT devices to help
automate functions that could have otherwise required human input. However there also comes
the aspect of security in how the devices interact and how the information is protected from
unauthorized access and compromise by cyber criminals. Besides these devices having security
mechanisms of their own and the existence of several security protocols and techniques to
protect the information exchanged between IoT devices, the system cannot be completely secure.
Cyber criminals are always on the look for these vulnerabilities and other overlooked security
issues so that they can use them to gain access to protected information. Even the seemingly least
security issues caused by device manufacturers can be best loopholes for hackers(Habibi, Midi,
Mudgerikar & Bertino, 2017).
This report seeks to analyse such a system in a medium sized organization network to identify
issues and vulnerabilities related to the IoT devices and the IT infrastructure. Finally solutions to
address the issues are addressed.
NETWORK ANALYSIS REPORT 4
Security Issues
The security issues are divided into those that concern the IoT devices and those that concern the
IT infrastructure.
Security issues related to the IoT devices
After an analysis of the IoT devices in the network, two devices were identified to pose a
security threat to the network.
The Wireless Router (Linksys WRT1900AC)
The wireless router connects the computer in LAN 1 with the Wireless Temperature sensor. The
truth is, the router does indeed possess a security issue. This because the router has a weak
authentication system in place. The wireless router can be bypassed using multiple Common
Gateway Interface scripts that give one unrestricted access to the device’s administrative
functions without prompting a password (Habibi, Midi, Mudgerikar & Bertino, 2017). The
extensive vulnerability can be utilized by a cyber-criminal to give them unauthenticated access to
the router’s administrative logins thereby giving them full control of the router thereby
compromising the network.
The Switch (Netgear GS116PP-100AJS)
The Netgear switch has a security issue that can allow the attacker to remotely retrieve the login
passwords for users in the network (Szewczyk & Macdonald, 2017). All an attacker needs to do
is to access the web panel for authentication. Once the verification is canceled and recovery of
passwords disabled, the attacker will be redirected to a page where the reset password token is
exposed. If the attacker enters the correct token, they can access the administrator password for
the router, thereby compromising the whole network (Szewczyk & Macdonald, 2017).
IT Infrastructure
Improper network design and topology
A glance at the network and how the computers are connected gives a glimpse of a possible
security flaw in the network architecture. All computers and servers including the proxy server in
the network have a direct access to the Internet (Lapidous & Arsitov, 2018). The advantage of
this arrangement is that Internet access is fast. However, from a security perspective, this means
that when the computers access the Internet, each is identified with its own IP address which
makes it easy for hackers to identify the computers and initiate access to the network. Important
servers like the email servers, file servers and directory server are exposed to the different
security threats available on the Internet and with a weak firewall, accessing them becomes easy
(Habibi, Midi, Mudgerikar & Bertino, 2017).
Security Issues
The security issues are divided into those that concern the IoT devices and those that concern the
IT infrastructure.
Security issues related to the IoT devices
After an analysis of the IoT devices in the network, two devices were identified to pose a
security threat to the network.
The Wireless Router (Linksys WRT1900AC)
The wireless router connects the computer in LAN 1 with the Wireless Temperature sensor. The
truth is, the router does indeed possess a security issue. This because the router has a weak
authentication system in place. The wireless router can be bypassed using multiple Common
Gateway Interface scripts that give one unrestricted access to the device’s administrative
functions without prompting a password (Habibi, Midi, Mudgerikar & Bertino, 2017). The
extensive vulnerability can be utilized by a cyber-criminal to give them unauthenticated access to
the router’s administrative logins thereby giving them full control of the router thereby
compromising the network.
The Switch (Netgear GS116PP-100AJS)
The Netgear switch has a security issue that can allow the attacker to remotely retrieve the login
passwords for users in the network (Szewczyk & Macdonald, 2017). All an attacker needs to do
is to access the web panel for authentication. Once the verification is canceled and recovery of
passwords disabled, the attacker will be redirected to a page where the reset password token is
exposed. If the attacker enters the correct token, they can access the administrator password for
the router, thereby compromising the whole network (Szewczyk & Macdonald, 2017).
IT Infrastructure
Improper network design and topology
A glance at the network and how the computers are connected gives a glimpse of a possible
security flaw in the network architecture. All computers and servers including the proxy server in
the network have a direct access to the Internet (Lapidous & Arsitov, 2018). The advantage of
this arrangement is that Internet access is fast. However, from a security perspective, this means
that when the computers access the Internet, each is identified with its own IP address which
makes it easy for hackers to identify the computers and initiate access to the network. Important
servers like the email servers, file servers and directory server are exposed to the different
security threats available on the Internet and with a weak firewall, accessing them becomes easy
(Habibi, Midi, Mudgerikar & Bertino, 2017).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network Security: Issues, Attacks, and Countermeasureslg...
|12
|2295
|329
Identification of Security Issues in a Networklg...
|12
|3102
|67
IoT and Cyber Securitylg...
|15
|4234
|395
Leading Communication Technologylg...
|5
|2088
|16
Security, Privacy, and Data Sovereignty Issues in COVID Safe Applg...
|7
|1881
|27
Security of On-board network in avionicslg...
|7
|584
|336