This article provides information about the game of Ping Pong, including its rules and techniques. It also offers study material and solved assignments related to Ping Pong on Desklib.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Task 1: Ping… Pong
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Task 2: Heartbleed 1)The web server and web browser exchanges information with the computers where all the information of web browser is stored and the conversation between browser and client to avoid hacker stealing important information, many websites use a sort of software called open SSL to provide an SSL encryption basically SSL translates the important information to gibberish that only web browser and computer can understand. When Open SSL transfer encrypted password “APPLE” to server even attacker steals this password. He/she can’t read it and it is safe but his/her during checkup there’s a second parallel communication which is called heartbeat. When browser is connected with the other computer and he constantly checks if the computer hasn’t fallen asleep because this communication didn’t have any confidential information which wasn’t encrypted and unfortunately hacker could manipulate this request on the website that uses open SSL filled file contains 500 letter word “APPLE” and extra letters could be anything ranging from useless stuff but they gathered many confidential information. That’s why, heartbleed is a vulnerability. 2)In order to fix the Heartbeat vulnerability, we need to upgrade the latest version of OpenSSL. Similarly, we can regenerate the CSR with the help of an upgraded version of OpenSSL and we need to get signed certificate from certificate authority, we need to implement on web servers.
IP address: 10.220.0.91 Port: 1003
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Task 3: Shellshock 1)Shellshock is a bug which cause Bash to execute commands on the server. An attacker could execute arbitrary code on web servers so here’s how this vulnerability works bash allows users to find functions as a way to pass text on to other systems. It allows hackers to run malicious code scripts on servers and systems. Similarly, attackers have a chance at an extra special bonus round known as privilege escalation which means that getting shell could lead to getting root that means access to everything and we get access to root . Shellshock creates a weak spot due to which attacker can steal data and confidential information from websites. Therefore, it has vulnerability. 2)In order to fix Shellshock vulnerability, we need to update the latest version of Bash. IP address: 10.220.0.91 Port: 1004 Path: /cgi-bin/shockme.cgi
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Task 4: DirtyCOW 1)It is a vulnerability which affects all linux-based operating systems. It is a local privilege escalation bug which exploits a race condition. A race condition is the sequence of uncontrollable events. A race condition in the execution and found on Kernel’s memory management subsystem to manage copy-on-write process. An Unprivileged local user can get write access for read only memory mapping. When user open file with the permissions of read only, it maps the virtual memory address to new physical memory but returns the master copy memory on virtual memory. A user can open file and edit it through the master copy memory and again store it back to the virtual memory. Thus, it has vulnerability.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2)In order to fix DirtyCOW, we need to upgrade the linux kernel’s memory subsystem to latest version and by neglecting the race condition. Task 5: Threat Risk Assessment 1)Risk rating for Heartbleed a.Impact =Web serverdue to confidential information and data might be hacked. b.Likelihood=Likelydue to all business company might not be aware of latest version of Open SSL . Risk: web server* Likely =Extreme 2)Risk rating for Shellshock a.Impact =Majordue to attackers can get information and data from server. b.Likelihood=Likelydue to most of server will use bash. Risk: Major* Likely=High 3)Risk rating for DirtyCOW
a.Impact =Web serverdue to low privilege users might be able to gain root access and steal data. b.Likelihood=Likelydue to small companies might not be aware with latest version of Linux Kernel Subsystem. Risk: Web server* Likely= Extreme