IT Report: FBI New Haven Field Office - Computer Intrusion Analysis
VerifiedAdded on 2022/10/19
|19
|4810
|76
Report
AI Summary
This IT report presents a case study of the FBI New Haven Field Office's investigation into a computer intrusion targeting BoatingCT.com, an online marine products retailer. The report identifies the major problem as a phishing attack exploiting a directory traversal vulnerability on the website, allowing hackers to access customer information. It details the examination of facts, evaluation of evidence, and application of knowledge to analyze the actions and choices. The report includes an analysis of the vulnerability, the IP addresses involved, and the methods used by the hackers. The report also includes recommendations and tools for analysis, providing insights into the security issues within organizations and industries. The report concludes with a discussion of the feasibility of alternative courses of action and the decision on a course of action, including specific steps for implementation.
Running head: IT REPORT
IT Report
Topic: FBI New Haven Field Office- Computer Analysis and Response Team: Tracking a
Computer Intrude
Name of the Student
Name of the University
Author Note
IT Report
Topic: FBI New Haven Field Office- Computer Analysis and Response Team: Tracking a
Computer Intrude
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1IT REPORT
Identification to define major problem(s) and sub-problems
Security issues in organisations and industries which are utilising the advantages of
Information Technology are often found to be an extremely common occurrence. With utilisation
of the technology, it is common to find that the organisations are falling under the pray of different
kinds of intrusions and data breaches every now and then (Panda, Pradhan & Pradhan, 2016).
However, few companies are also found to be utilising defence mechanism so that there
would be no such cases about stealing of data or barging into the computers of an organisation
without any prior authority to the computer systems. It is noticed evidently that the computer
systems of companies fall victim to computer intrusions without any information being shared to
the executive of an organisation for the people associated with it.
Sometimes organisation me not even have the idea that the computer was interested at
some point of time. Fraud and identity theft, although this increasingly uses malware, hacking or
phishing, making it an example of both "computer as target" and "computer as tool" crime
(Medhat, Ramadan & Talkhan, 2017). Phishing is a term mostly used to recognise a special type
of cyber scams.
This is already happened in in an E-Commerce organisation that was based in Connecticut
where the customers of the organisation where receiving the various emails regarding the
additional financial information about the products that they had what on the website shortly after
them being bought.
The emails we have appeared as a legitimate information to the customers however, the
company later found out that they had nothing to do with sending the emails to the customers as
this was not their ideation about the business system (Hartley, Medlin & Houlik, 2017).
This is why they had feared that this might be an occurrence of criminal activity which is
why they decided to contact the Federal Bureau of Investigation or the FBI. They were conducted
through the New Haven field office for this investigation. The following would be a report
presented on the idea that has been developed about the network security of an organisation
through this case followed by a detail report (Lin et al., 2018).
The report will have a proper identification of the major problems and the problems that
the organisation had related to the unidentified intrusion examination of the facts and evaluation of
evidence, the application of understanding, knowledge and experience to analyse the choices
Identification to define major problem(s) and sub-problems
Security issues in organisations and industries which are utilising the advantages of
Information Technology are often found to be an extremely common occurrence. With utilisation
of the technology, it is common to find that the organisations are falling under the pray of different
kinds of intrusions and data breaches every now and then (Panda, Pradhan & Pradhan, 2016).
However, few companies are also found to be utilising defence mechanism so that there
would be no such cases about stealing of data or barging into the computers of an organisation
without any prior authority to the computer systems. It is noticed evidently that the computer
systems of companies fall victim to computer intrusions without any information being shared to
the executive of an organisation for the people associated with it.
Sometimes organisation me not even have the idea that the computer was interested at
some point of time. Fraud and identity theft, although this increasingly uses malware, hacking or
phishing, making it an example of both "computer as target" and "computer as tool" crime
(Medhat, Ramadan & Talkhan, 2017). Phishing is a term mostly used to recognise a special type
of cyber scams.
This is already happened in in an E-Commerce organisation that was based in Connecticut
where the customers of the organisation where receiving the various emails regarding the
additional financial information about the products that they had what on the website shortly after
them being bought.
The emails we have appeared as a legitimate information to the customers however, the
company later found out that they had nothing to do with sending the emails to the customers as
this was not their ideation about the business system (Hartley, Medlin & Houlik, 2017).
This is why they had feared that this might be an occurrence of criminal activity which is
why they decided to contact the Federal Bureau of Investigation or the FBI. They were conducted
through the New Haven field office for this investigation. The following would be a report
presented on the idea that has been developed about the network security of an organisation
through this case followed by a detail report (Lin et al., 2018).
The report will have a proper identification of the major problems and the problems that
the organisation had related to the unidentified intrusion examination of the facts and evaluation of
evidence, the application of understanding, knowledge and experience to analyse the choices
2IT REPORT
behind the actions, the feasibility of the alternative courses of action, the decision on a course of
action which would include specific steps for the implementation, the identified problems, the
recommendations, the brief supporting arguments for the recommendations made, and the tools
and techniques that can be utilised for the analysis.
Under the department of justice and law in the United States, the federal bureau of
investigation or the FBI serves as the investigative arm. The organisation is teamed up with all
sorts of agencies and agents who are responsible for the maintenance of the law and enforcement
in the country also serving the valuation of national law and its maintenance in any forms of
banking, bankruptcy, neutralization, antitrust and land fraud (Rathore, 2016).
Over the years the organisation has become more equipped with technological
advancements and employees that stops the priorities of protecting the United States from any kind
of attack and two also counted the foreign intelligence operations against the United States. The
organisation provide support to any investigative work as the reports provided to them or as per
the report say find out with their thorough analysis process to maintain law and enforcement in the
country.
FBI also takes into account about the technological advancements that has the ability of
detecting all the frauds and other unauthorised activities that has been occurring in the cyber world
as well (Fisch, White & Pooch, 2017). The FBI New Haven field office is the branch that was built
up in 1921 with headquarters in Connecticut. The two resident agencies help in together with to
resident special agencies located in which food ingredient and there are more about hundred
special agents in 70 agents assigned to a squad that is responsible for a particular kind problem or
investigated program (Dua & Singh, 2017).
behind the actions, the feasibility of the alternative courses of action, the decision on a course of
action which would include specific steps for the implementation, the identified problems, the
recommendations, the brief supporting arguments for the recommendations made, and the tools
and techniques that can be utilised for the analysis.
Under the department of justice and law in the United States, the federal bureau of
investigation or the FBI serves as the investigative arm. The organisation is teamed up with all
sorts of agencies and agents who are responsible for the maintenance of the law and enforcement
in the country also serving the valuation of national law and its maintenance in any forms of
banking, bankruptcy, neutralization, antitrust and land fraud (Rathore, 2016).
Over the years the organisation has become more equipped with technological
advancements and employees that stops the priorities of protecting the United States from any kind
of attack and two also counted the foreign intelligence operations against the United States. The
organisation provide support to any investigative work as the reports provided to them or as per
the report say find out with their thorough analysis process to maintain law and enforcement in the
country.
FBI also takes into account about the technological advancements that has the ability of
detecting all the frauds and other unauthorised activities that has been occurring in the cyber world
as well (Fisch, White & Pooch, 2017). The FBI New Haven field office is the branch that was built
up in 1921 with headquarters in Connecticut. The two resident agencies help in together with to
resident special agencies located in which food ingredient and there are more about hundred
special agents in 70 agents assigned to a squad that is responsible for a particular kind problem or
investigated program (Dua & Singh, 2017).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3IT REPORT
Figure: FBI New Haven Office
(Source: Wray, 2017)
The organisation of BoatingCT.com is a small business established in Connecticut which
specialises in the online selling of the Marine products. In the year 2001, on April 24, the
organisation started receiving emails from various customers as they all were found to be inquiring
about several emails that were sent to them regarding the confirmation that they have received
write after they ordered the products method of the company (Kaabi et al., 2016). Following would
be the series of the incidences that have occurred as per the provided information about the case:
All the email messages with inquiring about the online order number of the
customer and also wanted the last 4 digits of the credit card number for the
customer.
Not just that, it also asked for the card's expiration date and also requested the
credit card verification number for the customer. This included asking the
customer about their intricate information about their bank accounts.
The organisation was not responsible of sending any of this mail to their
customer’s right after they had booked any item from the company's website
Figure: FBI New Haven Office
(Source: Wray, 2017)
The organisation of BoatingCT.com is a small business established in Connecticut which
specialises in the online selling of the Marine products. In the year 2001, on April 24, the
organisation started receiving emails from various customers as they all were found to be inquiring
about several emails that were sent to them regarding the confirmation that they have received
write after they ordered the products method of the company (Kaabi et al., 2016). Following would
be the series of the incidences that have occurred as per the provided information about the case:
All the email messages with inquiring about the online order number of the
customer and also wanted the last 4 digits of the credit card number for the
customer.
Not just that, it also asked for the card's expiration date and also requested the
credit card verification number for the customer. This included asking the
customer about their intricate information about their bank accounts.
The organisation was not responsible of sending any of this mail to their
customer’s right after they had booked any item from the company's website
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4IT REPORT
(Fennelly, 2016). Therefore, they contacted FBI in the new field office in New
Haven.
They wanted FBI to investigate through this matter to find out as they had
suspected intrusion. FBI was in the responsibility of finding out copy of several
emails received by the customers that was handled by the organisation with the
web server logs.
The organisation handed over FBI with several email header information by
providing them the copy that the customers have claimed to be sent to them
(Warren, Justice & Supreme, 2018).
The organisation provided all the information that the suspect this to be an
intrusion by the malicious hackers who have been trying to get into the bank
account of the customers through the utility of the organisation and then name
with the help of fraudulent activities like this.
Figure: Finding out vulnerability in websites
(Fennelly, 2016). Therefore, they contacted FBI in the new field office in New
Haven.
They wanted FBI to investigate through this matter to find out as they had
suspected intrusion. FBI was in the responsibility of finding out copy of several
emails received by the customers that was handled by the organisation with the
web server logs.
The organisation handed over FBI with several email header information by
providing them the copy that the customers have claimed to be sent to them
(Warren, Justice & Supreme, 2018).
The organisation provided all the information that the suspect this to be an
intrusion by the malicious hackers who have been trying to get into the bank
account of the customers through the utility of the organisation and then name
with the help of fraudulent activities like this.
Figure: Finding out vulnerability in websites
5IT REPORT
(Source: Fisch, White & Pooch, 2017)
Examination of facts and evaluation of evidence
Following would be facts identified in the case as per the information that has been
provided through the information sharing in the case study:
FBI wanted to investigate through the available resources that was evident from
the incident as imposed by the organization of BoatingCT.com. They contacted
the FBI to invest their time by investigating into the matter so that they could find
out how the entire scam happened and if the customers of the organization were
under any kind of threat for the occurrence of the incidence.
The FBI office in the New Haven department has the provision of Connecticut
Computer Crimes Task Force or CCCTF which happens to be a multi-agency that
helps in the investigation of the Internet crimes (Vuorinen & Tetri, 2016).
Mostly they focused on the occurrences of the incidences that happen around
Connecticut.
The organization of CCCTF also uses a wide lot of range of crimes and specialise
in investigating into the crimes regarding computer intrusions and helps in the
investigation of the intellectual property thefts and other online crimes that occurs
against the children, the occurrences of the identity theft and the internet frauds.
This issue about BoatingCT.com was investigated with the help of the Special
Agent/CART field examiner that was located in the FBI New Haven field office
(Homaei & Shahriari, 2017).
Following would be the evaluation of the evidences that were found from the entire
incident where the evidences were found through investigation as conducted by the Federal
Bureau of Investigation:
The first thing that was investigated in this case was the email that the customers
had been receiving from the end of the hacker asking about their credit card
credentials, including the proper claim of asking for the intricate details about the
credit card of the individual customers through mail.
The email ID that was included in this was identified to be orders@boatingct.com
to the legitimate email ID of the customers (Möller, Bellin & Creutzburg, 2015).
(Source: Fisch, White & Pooch, 2017)
Examination of facts and evaluation of evidence
Following would be facts identified in the case as per the information that has been
provided through the information sharing in the case study:
FBI wanted to investigate through the available resources that was evident from
the incident as imposed by the organization of BoatingCT.com. They contacted
the FBI to invest their time by investigating into the matter so that they could find
out how the entire scam happened and if the customers of the organization were
under any kind of threat for the occurrence of the incidence.
The FBI office in the New Haven department has the provision of Connecticut
Computer Crimes Task Force or CCCTF which happens to be a multi-agency that
helps in the investigation of the Internet crimes (Vuorinen & Tetri, 2016).
Mostly they focused on the occurrences of the incidences that happen around
Connecticut.
The organization of CCCTF also uses a wide lot of range of crimes and specialise
in investigating into the crimes regarding computer intrusions and helps in the
investigation of the intellectual property thefts and other online crimes that occurs
against the children, the occurrences of the identity theft and the internet frauds.
This issue about BoatingCT.com was investigated with the help of the Special
Agent/CART field examiner that was located in the FBI New Haven field office
(Homaei & Shahriari, 2017).
Following would be the evaluation of the evidences that were found from the entire
incident where the evidences were found through investigation as conducted by the Federal
Bureau of Investigation:
The first thing that was investigated in this case was the email that the customers
had been receiving from the end of the hacker asking about their credit card
credentials, including the proper claim of asking for the intricate details about the
credit card of the individual customers through mail.
The email ID that was included in this was identified to be orders@boatingct.com
to the legitimate email ID of the customers (Möller, Bellin & Creutzburg, 2015).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6IT REPORT
The hackers were also asking for the CVV number or the Verification Code for
the card and also the routing number of the check, the availability of which would
make the account information about the credit cards about a particular individual
be open to the hacker easily.
It was detected through the presence of the suspicious string that appeared to be
“../../../../../../../../../”. This string was being used for the searching of the website
for BoatingCT.com.
The access details belonged to the different countries like Ohio, Turkey and
Korea. With the help of the CART field examiner, there were online searcher
conducted by CCCTF under the FBI that extracted out the idea that the
significance of the string was found by the SecuriTeam site which found out that
there was a vulnerability in the website that was found to be the directory traversal
vulnerability (Zolanvari et al., 2019).
The website was also at fault as there was not enough amount of security found
for the restriction against the hackers and that made the organization be actually
become a victim to the organization by accessing the customer information at the
same time as well.
After the evaluation of the evidences, it was found that the suspicious mails to the
different customers were examined by CART field to find out that there had been the involvement
two separate IP addresses that were 130.101.111.12 and 24.142.102.151 and with further
evaluation, it was found that the IP addresses belonged to the University of Akron in Livermore
California.
Apply knowledge / experience / understanding to analyse action choices
As per the checking of the vulnerabilities that BoatingCT.com website has was the
Directory Traversal Vulnerability. This is an issue regarding the controlling access to a particular
web content that forms the basis of the entire running and operating of the web servers (Shinde &
Ardhapurkar, 2016).
It is primarily stated as an HTTP attack that helps in the accession of the restricted
directories and also gains the ability to execute various commands even not being in the root
directory of the web server (Stiawan et al., 2016). The way by which the BoatingCT.com website
was vulnerable to attack, it made it easier for the hacker, a student in the University of Akron to
The hackers were also asking for the CVV number or the Verification Code for
the card and also the routing number of the check, the availability of which would
make the account information about the credit cards about a particular individual
be open to the hacker easily.
It was detected through the presence of the suspicious string that appeared to be
“../../../../../../../../../”. This string was being used for the searching of the website
for BoatingCT.com.
The access details belonged to the different countries like Ohio, Turkey and
Korea. With the help of the CART field examiner, there were online searcher
conducted by CCCTF under the FBI that extracted out the idea that the
significance of the string was found by the SecuriTeam site which found out that
there was a vulnerability in the website that was found to be the directory traversal
vulnerability (Zolanvari et al., 2019).
The website was also at fault as there was not enough amount of security found
for the restriction against the hackers and that made the organization be actually
become a victim to the organization by accessing the customer information at the
same time as well.
After the evaluation of the evidences, it was found that the suspicious mails to the
different customers were examined by CART field to find out that there had been the involvement
two separate IP addresses that were 130.101.111.12 and 24.142.102.151 and with further
evaluation, it was found that the IP addresses belonged to the University of Akron in Livermore
California.
Apply knowledge / experience / understanding to analyse action choices
As per the checking of the vulnerabilities that BoatingCT.com website has was the
Directory Traversal Vulnerability. This is an issue regarding the controlling access to a particular
web content that forms the basis of the entire running and operating of the web servers (Shinde &
Ardhapurkar, 2016).
It is primarily stated as an HTTP attack that helps in the accession of the restricted
directories and also gains the ability to execute various commands even not being in the root
directory of the web server (Stiawan et al., 2016). The way by which the BoatingCT.com website
was vulnerable to attack, it made it easier for the hacker, a student in the University of Akron to
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT REPORT
hack and barge into the mail contacts of the customers who recently have booked for good and
services from the website.
With the accession of the different customer information, it was easier for them to access
through the proxy websites into the BoatingCT.com website and handle the root directory for the
web servers as well (Patel, 2015).
The root directory was vulnerable to the intrusion due to the Directory Traversal
Vulnerability, which helped the specific directory in the server file system, having the information
about the customers, their last purchase details and contact details along with the card number and
other details through which they have made their payment for the purchases that they have made
(Sharma, Sibal & Sabharwal, 2019).
The users, on the other hand, were not available to make any kind of changes or could not
make any accession to the files above the roots. Due to this vulnerability, if occurring to a specific
website, the hacker can easily gain access to the vulnerability and step out of the root directory and
access the other parts of the system as well. The hacker thus has a much more ability and
accession over the websites that makes it easier for the hacker to be able to view all the restricted
files.
It may also be possible that the accession of the restricted files happens to provide much
more information about the website or the organization under which the website was created with
a better chance of compromising with the system (Sibal, Sharma & Sabharwal, 2017). The ability
of the hackers and the vulnerability of the website thus helps in identifying the accession of the
website in such a way that the execution of the commands would help in impersonation the hacker
as another user associated to the website, which is the exact way by which the hacker has found
access to the website for BoatingCT.com and emailed the customers posing as the mails sent on
behalf of the company.
The web application code that the hacker used in this particular case was the GET and
POST request methods, that could result in the requesting of the browsers for the dynamic pages
from the server and also has the ability of sending the parameter to be sent to the values of old
archives (Nagpure & Kurkure, 2017). Therefore, the request has the ability to access the archives
in the website database and retrieve the file systems. The use of the ‘../../../../../../../../’ is required to
retrieve the dynamic pages and this was the .asp request in the URL that was found, which made
hack and barge into the mail contacts of the customers who recently have booked for good and
services from the website.
With the accession of the different customer information, it was easier for them to access
through the proxy websites into the BoatingCT.com website and handle the root directory for the
web servers as well (Patel, 2015).
The root directory was vulnerable to the intrusion due to the Directory Traversal
Vulnerability, which helped the specific directory in the server file system, having the information
about the customers, their last purchase details and contact details along with the card number and
other details through which they have made their payment for the purchases that they have made
(Sharma, Sibal & Sabharwal, 2019).
The users, on the other hand, were not available to make any kind of changes or could not
make any accession to the files above the roots. Due to this vulnerability, if occurring to a specific
website, the hacker can easily gain access to the vulnerability and step out of the root directory and
access the other parts of the system as well. The hacker thus has a much more ability and
accession over the websites that makes it easier for the hacker to be able to view all the restricted
files.
It may also be possible that the accession of the restricted files happens to provide much
more information about the website or the organization under which the website was created with
a better chance of compromising with the system (Sibal, Sharma & Sabharwal, 2017). The ability
of the hackers and the vulnerability of the website thus helps in identifying the accession of the
website in such a way that the execution of the commands would help in impersonation the hacker
as another user associated to the website, which is the exact way by which the hacker has found
access to the website for BoatingCT.com and emailed the customers posing as the mails sent on
behalf of the company.
The web application code that the hacker used in this particular case was the GET and
POST request methods, that could result in the requesting of the browsers for the dynamic pages
from the server and also has the ability of sending the parameter to be sent to the values of old
archives (Nagpure & Kurkure, 2017). Therefore, the request has the ability to access the archives
in the website database and retrieve the file systems. The use of the ‘../../../../../../../../’ is required to
retrieve the dynamic pages and this was the .asp request in the URL that was found, which made
8IT REPORT
the FBI be suspicious about the use of GET and POST request methods, that was indeed used by
the hacker.
Feasibility of alternative courses of action
There are also ways by which the alternative ways by which the traversal attacks can be
subdued and bypassed with the help of filters. The application may be not be able to be hacked
with the help of any traversal attack, however, this does not mean that the application or the
website can never be hacked. It may still be vulnerable to the attacks (Erturk & Rajan, 2017).
There are various application developers who are able to provide the proper identification
information about the website to the authorities for the counter attack on the directory traversal
vulnerability.
They are also able to input the validation checks for the provision of help in order to
prevent the attacks. The attack can also occur if the traversal path sequence is followed using
forward slashes at all times. This was also the case in the issue declared as there were proper
introduction of the ‘../../../../../../../../’ sequence in the URL through the GET POST request that
helped the FBI detect the potential hack that has occurred.
the FBI be suspicious about the use of GET and POST request methods, that was indeed used by
the hacker.
Feasibility of alternative courses of action
There are also ways by which the alternative ways by which the traversal attacks can be
subdued and bypassed with the help of filters. The application may be not be able to be hacked
with the help of any traversal attack, however, this does not mean that the application or the
website can never be hacked. It may still be vulnerable to the attacks (Erturk & Rajan, 2017).
There are various application developers who are able to provide the proper identification
information about the website to the authorities for the counter attack on the directory traversal
vulnerability.
They are also able to input the validation checks for the provision of help in order to
prevent the attacks. The attack can also occur if the traversal path sequence is followed using
forward slashes at all times. This was also the case in the issue declared as there were proper
introduction of the ‘../../../../../../../../’ sequence in the URL through the GET POST request that
helped the FBI detect the potential hack that has occurred.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9IT REPORT
Figure: Linking of Fraudulent Activities by linking to same device
(Source: Zolanvari et al., 2019)
Decide on a course of action, include specific steps for implementation
There could have been step by step implementation of the protection system that might
have helped the organization of BoatingCT.com to restrict any kind of possibility for the intrusion
and attack after the finding of the vulnerability.
Figure: Linking of Fraudulent Activities by linking to same device
(Source: Zolanvari et al., 2019)
Decide on a course of action, include specific steps for implementation
There could have been step by step implementation of the protection system that might
have helped the organization of BoatingCT.com to restrict any kind of possibility for the intrusion
and attack after the finding of the vulnerability.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10IT REPORT
Figure: Availability of the directory after the Directory Traversal Attack
(Source: Wang, 2016)
The possibility of the protection was to be implemented before the attack ever happened.
The vulnerability helped in detecting the possibility of attacking the system and this is the sole
reason why the attack was possible (Anbiya, Purwarianti & Asnar, 2018).
This is why it was important that the step by step procedures needed to be implemented
for the protection against the vulnerability before it even would have been considered as a
vulnerability.
These steps can be described as a course of action for the implementation of the process
that would have helped the BoatingCT.com website from falling a victim to the hackings.
Following are the steps for the course of action:
Using a Content Management System:
o The site was capable of holding a huge number of documents provided the
number of customers that booked the product and services from the
organization (Lee & Shin, 2018).
o Therefore, the chances of the different activities of the data replacing the
documents can be possible.
o Therefore, the occurrence of a third-party content management system
needs to be designed as an initial requirement for the case. The directory
traversal can be avoided by a modern CMS.
Using a specific direction:
o This is the way by which the heavyweight solution needs to consider the
labelling of the files that are used.
o The files to be uploaded on the website needs to have a tag renamed to
understand the tagline and also it is required to maintain a proper lookup
system in the data store as well (Thongthua & Ngamsuriyaroj, 2016).
o This helps in the whitelisting of the files that are access and helps in
avoiding the fragility of the raw file paths.
Figure: Availability of the directory after the Directory Traversal Attack
(Source: Wang, 2016)
The possibility of the protection was to be implemented before the attack ever happened.
The vulnerability helped in detecting the possibility of attacking the system and this is the sole
reason why the attack was possible (Anbiya, Purwarianti & Asnar, 2018).
This is why it was important that the step by step procedures needed to be implemented
for the protection against the vulnerability before it even would have been considered as a
vulnerability.
These steps can be described as a course of action for the implementation of the process
that would have helped the BoatingCT.com website from falling a victim to the hackings.
Following are the steps for the course of action:
Using a Content Management System:
o The site was capable of holding a huge number of documents provided the
number of customers that booked the product and services from the
organization (Lee & Shin, 2018).
o Therefore, the chances of the different activities of the data replacing the
documents can be possible.
o Therefore, the occurrence of a third-party content management system
needs to be designed as an initial requirement for the case. The directory
traversal can be avoided by a modern CMS.
Using a specific direction:
o This is the way by which the heavyweight solution needs to consider the
labelling of the files that are used.
o The files to be uploaded on the website needs to have a tag renamed to
understand the tagline and also it is required to maintain a proper lookup
system in the data store as well (Thongthua & Ngamsuriyaroj, 2016).
o This helps in the whitelisting of the files that are access and helps in
avoiding the fragility of the raw file paths.
11IT REPORT
Segregating the documents:
o The hosting of the documents into a specific file server or as a partition
would help in the ideation of the storing and separating the file servers.
This helps in the prevention of the mixing of the public and the sensitive
documents.
Problems identified
The problems that were identified during the investigation of the website for
BoatingCT.com, were entirely about the vulnerability about the website which was known as
Directory Traversal Vulnerability. This is why the hacker could easily barge into the website and
access all the information about the customer detail as it was extremely easy for a hacker to
compromise a system if the Directory Traversal Vulnerability is found (Medeiros, Neves &
Correia, 2015).
Segregating the documents:
o The hosting of the documents into a specific file server or as a partition
would help in the ideation of the storing and separating the file servers.
This helps in the prevention of the mixing of the public and the sensitive
documents.
Problems identified
The problems that were identified during the investigation of the website for
BoatingCT.com, were entirely about the vulnerability about the website which was known as
Directory Traversal Vulnerability. This is why the hacker could easily barge into the website and
access all the information about the customer detail as it was extremely easy for a hacker to
compromise a system if the Directory Traversal Vulnerability is found (Medeiros, Neves &
Correia, 2015).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.